CONHEÇA o BABOO PRO e a Comunidade BABOO que substituirão o site BABOO e esse fórum

Ir para conteúdo
  • Cadastre-se

Todas Atividades

Atualizada automaticamente     

  1. Recentemente
  2. Hoje
  3. Para podermos ajudá-la, siga integralmente o estabelecido neste "Tópico de procedimento padrão obrigatório do Fórum". Logs do HijackThis ** leia antes de postar ** Após feitos os procedimentos, postar o Log do HijackThis para exame, aqui mesmo neste Tópico, clicando no "BOTÃO RESPONDER", logo abaixo, e aguarde novas instruções.
  4. Yesterday
  5. Olá, ao inicializar meu notebook, várias janelas como estas aparecem repentinamente e somem. Tenho receio que meu computador possa estar com virus. Já fiz escaneamento com mais de um antivírus e nada é encontrado. Alguém já passou por isso ou poderia me dizer qual programa é este? segue anexo a imagem. Obrigada!
  6. Boa tarde. "O Grupo Doméstico foi removido do Windows 10 (versão 1803). No entanto, mesmo que ele tenha sido removido, você ainda poderá compartilhar impressoras e arquivos usando recursos integrados ao Windows 10." https://support.microsoft.com/pt-br/help/4091368/windows-10-homegroup-removed
  7. Você está usando o A400 de 240gb não é? O meu também está assim, só que como tenho quase 6k de horas ligado ele está com 95% de SSD Wear Indicator. Mas quanto ao Bad Block Count está igual ao seu.
  8. Pq isso acontece? Diz que eu usei 32,5 "GB" no total, mas se eu vejo quanto de espaço eu ocupo com as pastas do disco C, aparece 16,3 "GB". Tem como recuperar esse espaço que sumiu?
  9. No meu esta igual, sem nenhum problema, arrisco em dizer que o problema não está no SSD e sim na instalação do Windows...
  10. Última semana
  11. Ok, o PC está limpo. Download DelFix, e salve no seu Desktop (Área de Trabalho). Dê um duplo-clique no delfix.exe para executá-lo. No Windows 7, 8 e 10: Clique com o direito sobre o delfix.exe e selecione Executar como Administrador Marque a caixa conforme a imagem.abaixo Clique no botão Executar. Isso removerá os Programas usados na desinfecção, Pastas e Arquivos criados por eles e o próprio DelFix.
  12. O ESET Smart não gerou nenhum Log.
  13. Boa tarde. Fui procurar aqui meu grupo doméstico que,não sei porque cargas d'água a MS resolveu remover,antes era pelo painel de controle e sumiu...
  14. Se comprou recentemente, acione o RMA para a troca.
  15. Desative temporariamente seu Antivírus. Clique em esetsmartinstaller_enu.exe para baixar o ESET Smart Installer. Salve-o em seu Desktop (Área de Trabalho). Dê um duplo clique no seu ícone no Desktop. Marque "YES, I accept the Terms of Use." Clique em Start. Aceite qualquer Aviso de Segurança de seu Navegador Marque as Opções abaixo: Enable detection of potencially unwanted applications. Clique em Hide advanced settings e marque: Remove found threats Scan archives Scan for potentially unsafe applications Enable Anti-Stealth technology Clique Change e marque também a caixa Computador. Clique em Start. Ele vai atualizar por conta própria, e escanear o Computador. Tenha paciência, o processo pode demorar horas. Quando o Scan terminar, clique em List Threats. Clique em Export to text file e salve o Log na sua Área de Trabalho. Copie e cole o conteúdo em sua próxima resposta. Obs: Se nada for encontrado, nenhum Log será gerado. Clique em Back. Clique em Finish.
  16. Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 18/05/2019 Hora da análise: 09:28 Arquivo de registro: 7c4549d2-7968-11e9-a9da-641c67963878.json -Informação do software- Versão: 3.7.1.2839 Versão de componentes: 1.0.586 Versão do pacote de definições: 1.0.10654 Licença: Gratuita -Informação do sistema- Sistema operacional: Windows 10 (Build 17763.503) CPU: x64 Sistema de arquivos: NTFS Usuário: LAPTOP-9UAE06KG\Murillo -Resumo da análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 288422 Ameaças detectadas: 0 Ameaças em quarentena: 0 Tempo decorrido: 6 min, 19 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 0 (Nenhum item malicioso detectado) Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 09:39:17, on 18/05/2019 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.17763.0001) Boot mode: Normal Running processes: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe C:\Users\Murillo\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe C:\Users\Murillo\Desktop\HijackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo17win10.msn.com/?PC=LCTE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit= O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [OneDrive] "C:\Users\Murillo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~1\Office16\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: cloud.gastecnologia.com.br O17 - HKLM\System\CCS\Services\Tcpip\..\{8869f9f0-4a7b-4945-a2d6-b788ff2d9d1f}: NameServer = 8.8.8.8,8.8.4.4 O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Serviço do Kaspersky Anti-Virus 19.0.0 (AVP19.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHeciSvc.exe O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHDCPSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: Dolby DAX2 API Service - Dolby Laboratories, Inc. - C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\elevation_service.exe O23 - Service: Conectividade do Windows para Gramblr. (gramblrclient) - Unknown owner - C:\Program Files\Gramblr\gramblr.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @oem25.inf,%iaStorAfsWindowsService.Name%;Intel(R) Optane(TM) Memory Service (iaStorAfsService) - Intel Corporation - C:\Windows\IAStorAfsService\iaStorAfsService.exe O23 - Service: @oem30.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\Windows\system32\ibtsiva (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxCUIService.exe O23 - Service: @oem5.inf,%ImcSvcDisplayName%;System Interface Foundation Service (ImControllerService) - Lenovo Group Ltd. - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: klvssbridge64_19.0.0 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe O23 - Service: Serviço do Kaspersky Secure Connection 3.0.0 (KSDE3.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing) O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing) O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14470 bytes
  17. Download Malwarebytes Anti-Malware (MBAM) e salve ou imprima estas instruções: Execute o mb3-setup.exe para instalar o programa. Desmarque a caixa Ativar trial gratuito do MalwareBytes Anti-Malware PRO (se houver). Verifique se as caixas Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware estão marcadas. Clique então, em Concluir. Se houver atualizações a serem feitas, serão baixadas e instaladas. Em Configurações, clique em Proteção, caso esteja desabilitado, marque Procura por Rootkits. Em Proteção contra ameaça em potencial, selecione Tratar PUPs e PUMs como Malware (recomendado). Clique em Análise, em seguida Análise de Ameaça, por fim, clique em Iniciar Análise. Começará então o exame. Aguarde, pois pode demorar. Ao acabar o exame, se houver itens encontrados, clique no botão Exportar Resumo -> Arquivo texto (*.txt) e salve-o na sua Área de Trabalho (Desktop), se o Log da desinfecção não for salvo você vai encontra-lo ali. Clique em Aplicar Ações ou se não houver, clique em Enviar para a quarentena. Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. O Log é automaticamente salvo pelo MBAM e será possível vê-lo clicando na aba Relatórios -> Relatórios de análise na Janela Principal do Programa após a desinfecção ter sido realizada. NÃO USE O FORMATO ARQUIVO .XML PARA SALVAR O LOG. Selecione, copie e cole todo o conteúdo do Log da desinfecção salvo pelo MBAM, na sua próxima resposta e um novo Log do HijackThis. NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.
  18. ~ ZHPCleaner v2019.5.15.65 by Nicolas Coolman (2019/05/15) ~ Run by Murillo (Administrator) (17/05/2019 20:49:57) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\Murillo\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\Murillo\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home Single Language, 64-bit (Build 17763) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (22) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (230) MOVED file: C:\Users\Murillo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo App Explorer.lnk [Bad : C:\Users\Murillo\AppData\Local\Host App Service\Engine\HostAppService.exe](.SweetLabs, Inc.) =>.SUP.SweetLabs MOVED file: C:\Windows\Installer\wix{133A2E34-3E09-4A1A-A9AA-F9D8E5417199}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{479E8CC7-CD68-4EB4-BB04-34A5C2C74102}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{91684B6D-153D-4C12-B6B1-59F7496BE44A}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{9CBA860F-7437-4A75-941C-8EF559F2D145}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{A6F2ADC4-12C4-41E8-B90B-3BE018F5787C}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{A951B9A0-13C0-4A4B-8E04-3CCF05701086}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{F814D094-197F-43C8-87FA-3210BB780486}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{F94A5095-E4DD-4ED8-AB0B-BFAC62176F8C}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\67f41ca.msp =>.SUP.Obsolete.Adobe MOVED file: C:\ProgramData\Lenovo\ImController\Plugins\GenericMessagingPlugin\x86\SLSCore.dll [SweetLabs, Inc. - SLSCore] =>.SUP.SweetLabs MOVED file: C:\ProgramData\Lenovo\ImController\Plugins\GenericMessagingPlugin\x86\SLSLib.dll [SweetLabs, Inc. - SLSLib] =>.SUP.SweetLabs MOVED file^: C:\Users\Murillo\AppData\Local\Temp\aria-debug-10452.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Murillo\AppData\Local\Temp\aria-debug-19324.log =>.SUP.Temporary.OneDrive MOVED file: C:\Users\Murillo\AppData\Local\Temp\wct3643.tmp =>.SUP.Temporary.Office MOVED file: C:\Users\Murillo\AppData\Local\Temp\wct8383.tmp =>.SUP.Temporary.Office MOVED file: C:\Users\Murillo\AppData\Local\Temp\wctF800.tmp =>.SUP.Temporary.Office MOVED file: C:\Users\Murillo\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [SweetLabs, Inc - Host App Service Updater] =>.SUP.SweetLabs MOVED folder^: C:\Program Files (x86)\Skillbrains =>.SUP.Skillbrains MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\012 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\074 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\075 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\076 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\077 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\078 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\081 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\082 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\083 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\084 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\085 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\086 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\087 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\089 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\090 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\091 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\092 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\093 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\094 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\096 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\097 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\098 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\099 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\100 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\101 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\102 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\103 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\104 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\105 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\106 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\107 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\108 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\109 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\110 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\111 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\112 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\113 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\114 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\115 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\116 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\117 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\119 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\120 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\121 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\122 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\123 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\124 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\125 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\126 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\127 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\129 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\130 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\131 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\132 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\133 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\134 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\135 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\136 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\137 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\138 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\139 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\140 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\141 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\142 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\143 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\144 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\145 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\146 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\147 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\148 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\149 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\150 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\151 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\152 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\153 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\154 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\155 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\156 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\157 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\158 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\159 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\160 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\161 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\162 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\163 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\164 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\165 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\167 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\170 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\171 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\172 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\173 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\174 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\175 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\176 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\177 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\178 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\179 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\180 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\181 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\182 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\183 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\184 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\185 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\186 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\187 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\188 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\189 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\190 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\191 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\192 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\194 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\195 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\196 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\197 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\198 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\199 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\200 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\201 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\202 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\203 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\204 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\205 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\206 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\207 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\208 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\209 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\210 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\211 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\212 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\213 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\214 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\215 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\216 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\217 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\218 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\219 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\220 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\221 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\222 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\223 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\224 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\225 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\226 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\237 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\238 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\239 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\240 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\241 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\242 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\243 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\244 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\251 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\252 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\253 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\254 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\255 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\256 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\257 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\258 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\259 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\260 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\261 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\262 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\263 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\264 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\265 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\266 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\267 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\268 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\269 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\270 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\271 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\272 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\273 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\274 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\275 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\276 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\277 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\278 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\279 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\280 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\281 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\282 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\283 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\284 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\285 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\286 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\287 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\288 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\292 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\293 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\294 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\295 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\296 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\297 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\298 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\299 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\300 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\301 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\302 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\Murillo\AppData\Local\Google\Chrome\User Data\Default\File System\303 =>.SUP.Temporary.Chrome MOVED folder: C:\Windows\Installer\MSI6B1.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSI9488.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSI9758.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSI98E0.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSIBE99.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSIC149.tmp- =>.SUP.Empty MOVED folder: C:\Windows\Installer\MSIEEC6.tmp- =>.SUP.Empty ---\\ Registry ( Key, Value, Data) (8) DELETED key*: HKEY_USERS\S-1-5-21-2317215598-4247144937-2148942001-1001\SOFTWARE\App Host Service [] =>.SUP.SweetLabs DELETED key*: HKEY_USERS\S-1-5-21-2317215598-4247144937-2148942001-1001\SOFTWARE\SkillBrains [] =>.SUP.Skillbrains DELETED key**: HKCU\Software\App Host Service [] =>.SUP.SweetLabs DELETED key**: HKCU\Software\SkillBrains [] =>.SUP.Skillbrains DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service [SweetLabs for Lenovo] =>.SUP.SweetLabs DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Skillbrains [] =>.SUP.Skillbrains DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1 [Skillbrains] =>.SUP.Skillbrains DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\Lightshot [0x040000000000000000000000] =>.SUP.Skillbrains ---\\ Summary of the elements found (7) https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.SweetLabs https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Obsolete.Adobe https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.OneDrive https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Office https://nicolascoolman.eu/2019/01/sup-skillbrains =>.SUP.Skillbrains https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Chrome ---\\ Other deletions. (22) ~ Registry Keys Tracing deleted (22) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Browser not found (Opera Software) ~ The system has been restarted. ---\\ Statistics ~ Items scanned : 803 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 12/12 ~ Space saving (bytes) : 40813 ~ End of clean in 00h00mn55s ---\\ Reports (2) ZHPCleaner--17052019-20_48_01.txt ZHPCleaner-[R]-17052019-20_50_52.txt Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:52:02, on 17/05/2019 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.17763.0001) Boot mode: Normal Running processes: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe C:\Users\Murillo\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe C:\Users\Murillo\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo17win10.msn.com/?PC=LCTE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit= O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [OneDrive] "C:\Users\Murillo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~1\Office16\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: cloud.gastecnologia.com.br O17 - HKLM\System\CCS\Services\Tcpip\..\{8869f9f0-4a7b-4945-a2d6-b788ff2d9d1f}: NameServer = 8.8.8.8,8.8.4.4 O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Serviço do Kaspersky Anti-Virus 19.0.0 (AVP19.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHeciSvc.exe O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHDCPSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: Dolby DAX2 API Service - Dolby Laboratories, Inc. - C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\elevation_service.exe O23 - Service: Conectividade do Windows para Gramblr. (gramblrclient) - Unknown owner - C:\Program Files\Gramblr\gramblr.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @oem25.inf,%iaStorAfsWindowsService.Name%;Intel(R) Optane(TM) Memory Service (iaStorAfsService) - Intel Corporation - C:\Windows\IAStorAfsService\iaStorAfsService.exe O23 - Service: @oem30.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\Windows\system32\ibtsiva (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxCUIService.exe O23 - Service: @oem5.inf,%ImcSvcDisplayName%;System Interface Foundation Service (ImControllerService) - Lenovo Group Ltd. - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: klvssbridge64_19.0.0 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe O23 - Service: Serviço do Kaspersky Secure Connection 3.0.0 (KSDE3.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing) O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing) O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14488 bytes
  19. sim, o interessante desse programa é que voce pode atualizar o firmware do ssd direto do fabricante sem perigos, meu kingston tava dando umas travadinhas atualizei o firmware ficou 10 agr
  20. Formatei meu Windows 10 esse fim de semana por ele estar ficando lento, ai que começou a dor de cabeça, atualizei ele todo pelo Windows update, agr ele aloca toda minha memória ram como memória cache, conforme o tempo passa ele vai alocando, por exemplo cada segundo ele aloca 30mb, no fim das contas eu uso o PC uma hr e ele começa travar pq esta sem memória ram pra usar, detalhe tenho 16 gb de ram, alguém me da uma luz ai que ta dificil kkk
  21. Não consigo importar meus contatos do gmail para outlook 2016. Ele informa que o arquivo esta aberto por outro programa, quando na verdade não está. alguém tem alguma sugestão na solução desse problema?
  22. Desative temporariamente seu Antivírus. Clique em esetsmartinstaller_enu.exe para baixar o ESET Smart Installer. Salve-o em seu Desktop (Área de Trabalho). Dê um duplo clique no seu ícone no Desktop. Marque "YES, I accept the Terms of Use." Clique em Start. Aceite qualquer Aviso de Segurança de seu Navegador Marque as Opções abaixo: Enable detection of potencially unwanted applications. Clique em Hide advanced settings e marque: Remove found threats Scan archives Scan for potentially unsafe applications Enable Anti-Stealth technology Clique Change e marque também a caixa Computador. Clique em Start. Ele vai atualizar por conta própria, e escanear o Computador. Tenha paciência, o processo pode demorar horas. Quando o Scan terminar, clique em List Threats. Clique em Export to text file e salve o Log na sua Área de Trabalho. Copie e cole o conteúdo em sua próxima resposta. Obs: Se nada for encontrado, nenhum Log será gerado. Clique em Back. Clique em Finish. Informe a situação atual do PC.
  23. Segue: LOG do Malwarebytes Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 17/05/2019 Hora da análise: 18:00 Arquivo de registro: c3bced38-78e6-11e9-afc2-000500a0c7d9.json -Informação do software- Versão: 3.7.1.2839 Versão de componentes: 1.0.586 Versão do pacote de definições: 1.0.10648 Licença: Gratuita -Informação do sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x64 Sistema de arquivos: NTFS Usuário: RafaelNEWRBF-PC\Rafael NEWRBF -Resumo da análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 253692 Ameaças detectadas: 0 Ameaças em quarentena: 0 Tempo decorrido: 2 min, 26 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 0 LOG do Hijackthis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:28:05, on 17/05/2019 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.19301) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\scpbrad\scpbradguard.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Users\Rafael NEWRBF\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll O2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII3E.EXE /EPT "EPLTarget\P0000000000000000" /M "L110 Series" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Rafael NEWRBF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rafael NEWRBF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Rafael NEWRBF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rafael NEWRBF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\Windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\Windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Componente de Segurança Bradesco (scpbradserv) - Banco Bradesco S.A. - C:\Program Files (x86)\scpbrad\scpbradserv.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10602 bytes
  24. Ola pessoal, Meu SSD recém comprado e instalado apresentou hoje um erro de disco. Recebi pela central de notificações um "erro importante" pedindo para reiniciar o sistema e correção do erro em disco. Esse SSD tem o Windows 10 instalado do zero e com alguns poucos programas sobre ele. Acontece que na reinicialização o sistema diz que "não conseguiu reparar automaticamente" e toda vez que inicio faz ele está fazendo chkdisk sempre apontando a mesma mensagem. Fiz um chkdsk pelo CMD e apresentou erro (que não copiei). Fiz com o parâmetro /f para corrigir e reiniciei. Agora ele diz que está sem nenhum erro. Mas no SSD Manager da Kingston aparece uma queda na saúde do disco: Algum procedimento que eu possa realizar para reparar isso? Como impeço do sistema fazer um chkdsk toda hora na reinicialização? Abs.
  25. Download Malwarebytes Anti-Malware (MBAM) e salve ou imprima estas instruções: Execute o mbam-setup.exe para instalar o programa. Desmarque a caixa Ativar trial gratuito do MalwareBytes Anti-Malware PRO (se houver). Verifique se as caixas Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware estão marcadas. Clique então, em Concluir. Se houver atualizações a serem feitas, serão baixadas e instaladas. Em Configurações, clique em Proteção, caso esteja desabilitado, marque Procura por Rootkits. Em Proteção contra ameaça em potencial, selecione Tratar PUPs e PUMs como Malware (recomendado). Clique em Análise, em seguida Análise de Ameaça, por fim, clique em Iniciar Análise. Começará então o exame. Aguarde, pois pode demorar. Ao acabar o exame, se houver itens encontrados, clique no botão Exportar Resumo -> Arquivo texto (*.txt) e salve-o na sua Área de Trabalho (Desktop), se o Log da desinfecção não for salvo você vai encontra-lo ali. Clique em Aplicar Ações ou se não houver, clique em Enviar para a quarentena. Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. O Log é automaticamente salvo pelo MBAM e será possível vê-lo clicando na aba Relatórios -> Relatórios de análise na Janela Principal do Programa após a desinfecção ter sido realizada. NÃO USE O FORMATO ARQUIVO .XML PARA SALVAR O LOG. Selecione, copie e cole todo o conteúdo do Log da desinfecção salvo pelo MBAM, na sua próxima resposta e um novo Log do HijackThis. NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.
  26. Desative temporariamente seu Antivírus. Baixe o ZHPCleaner e salve no Desktop. (Área de Trabalho) Usuários do Windows 7, 8, 8.1 ou 10: clique com o botão direito do mouse no ícone do Programa e selecione Dê um duplo-clique sobre o ZHPCleaner.exe. Clique no botão Scanner. A Ferramenta comecará o exame do seu Sistema. Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar. Ao final da Verificação, clique no botão Reparar. Concluída a operação, um Log se abrirá. Caso isso não aconteça, clique no botão Relatório e salve o Log. Selecione, copie e cole o conteúdo deste Log na sua próxima resposta + um novo Log do HijackThis.
  27. LOG do ZHP ~ ZHPCleaner v2019.5.15.65 by Nicolas Coolman (2019/05/15) ~ Run by Rafael NEWRBF (Administrator) (17/05/2019 17:02:38) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\Rafael NEWRBF\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\Rafael NEWRBF\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Professional, 64-bit Service Pack 1 (Build 7601) ---\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. (ADS) ---\ Services (0) ~ No malicious or unnecessary items found. (Service) ---\ Browser internet (0) ~ No malicious or unnecessary items found. (Browser) ---\ Hosts file (1) ~ The hosts file is legitimate (21) ---\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. (Task) ---\ Explorer ( File, Folder) (11) ---\ Registry ( Key, Value, Data) (4) ---\ Summary of the elements found (6) ---\ Other deletions. (10) ~ Registry Keys Tracing deleted (10) ~ Remove the old reports ZHPCleaner. (0) ---\ Result of repair ~ Repair carried out successfully ~ Browser not found (Opera Software) ---\ Statistics ~ Items scanned : 1142 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 12/12 ~ Space saving (bytes) : 0 ~ End of clean in 00h01mn16s ---\ Reports (2) ZHPCleaner-[S]-17052019-16_56_39.txt ZHPCleaner-[R]-17052019-17_03_54.txt LOG do Hijackthis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:08:41, on 17/05/2019 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.19301) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\scpbrad\scpbradguard.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe C:\Users\Rafael NEWRBF\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll O2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII3E.EXE /EPT "EPLTarget\P0000000000000000" /M "L110 Series" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Rafael NEWRBF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rafael NEWRBF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Rafael NEWRBF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rafael NEWRBF\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\Windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\Windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AdobeUpdateService - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Componente de Segurança Bradesco (scpbradserv) - Banco Bradesco S.A. - C:\Program Files (x86)\scpbrad\scpbradserv.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11681 bytes
  1. Mais Resultados
×
×
  • Criar Novo...