Ir para conteúdo

BABOO e KTS 2018 no YouTube Loja online do BABOO

Daegin

Participante
  • Postagens

    77
  • Desde

  • Última visita

  1. Log hjackthis

    Boa Noite Mt Million. Obrigado pela ajuda. Att, Rodrigo
  2. Log hjackthis

    Boa Tarde Mr. Million Segue o log do Zoek Zoek.exe v5.0.0.1 Updated 27-09-2015 Tool run by Rodrigo on 02/04/2017 at 13:38:03,59. Microsoft Windows 10 Pro 10.0.14393 x64 Running in: Safe Mode MINIMAL No Internet Access Detected Launched: C:\Users\Rodrigo\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2017-03-31-013956.log 3509 bytes ==== System Restore Info ====================== ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== Empty Folders Check ====================== C:\Users\Rodrigo\AppData\Local\PeerDistRepub deleted successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Rodrigo\AppData\Roaming\Mozilla\Firefox\Profiles\0spow2bg.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); Added to C:\Users\Rodrigo\AppData\Roaming\Mozilla\Firefox\Profiles\0spow2bg.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Rodrigo\AppData\Roaming\Mozilla\Firefox\Profiles\0spow2bg.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\Rodrigo\AppData\Roaming\Mozilla\Firefox\Profiles\0spow2bg.default - Undetermined - %ProfilePath%\extensions\abs@avira.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Rodrigo\AppData\Roaming\Mozilla\Firefox\Profiles\0spow2bg.default 4F8BEFD732B87C2574EBCEEEDE3941A6 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll - Shockwave Flash 3C39B899EB79C85746124ABF44B83587 - C:\Users\Rodrigo\AppData\Roaming\raidcall\plugins\nprcplugin.dll - Raidcall plugin ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions flliilndjeohchalpbbcdekjklbdgfkk - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions bbjllphbppobebmjpjcijfbakobcheof - No path found[] Rapport - Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof Chrome Media Router - Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\Rodrigo\Desktop\Action Replay PowerSaves 3DS.lnk - C:\Users\Rodrigo\Desktop\Assistente de Atualização do Windows 10.lnk - C:\Users\Rodrigo\Desktop\Astah Community.lnk - C:\Program Files (x86)\astah-community\astah-com.exe C:\Users\Rodrigo\Desktop\Counter-Strike 1.6.lnk - C:\Program Files (x86)\Counter-Strike 1.6\cstrike.exe C:\Users\Rodrigo\Desktop\CrossFire BR.lnk - C:\Program Files (x86)\Z8Games\CrossFire BR\cfPT_launcher.exe C:\Users\Rodrigo\Desktop\Infestation World.lnk - C:\Program Files (x86)\Electronics Extreme\InfestationWorld\WarZlauncher.exe C:\Users\Rodrigo\Desktop\MPC-HC x64.lnk - C:\Program Files\MPC-HC\mpc-hc64.exe C:\Users\Rodrigo\Desktop\Perfect World.lnk - C:\Level Up\Perfect World\launcher\Launcher.exe C:\Users\Rodrigo\Desktop\Photoshop.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\Photoshop.exe C:\Users\Rodrigo\Desktop\PwHits Sky (Atualizar).lnk - C:\Level Up\Perfect World\launcher\Launcher.exe C:\Users\Rodrigo\Desktop\PwHits Sky (Jogar).lnk - C:\Level Up\Perfect World\element\elementclient.exe C:\Users\Rodrigo\Desktop\RaidCall.lnk - C:\Program Files (x86)\RaidCall\raidcall.exe C:\Users\Rodrigo\Desktop\Spotify.lnk - C:\Users\Rodrigo\AppData\Roaming\Spotify\Spotify.exe C:\Users\Rodrigo\Desktop\TeamSpeak 3 Client.lnk - C:\Users\Rodrigo\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe C:\Users\Rodrigo\Desktop\Uplay.lnk - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe C:\Users\Rodrigo\Desktop\Vegas Pro 13.0 (64-bit).lnk - C:\Program Files (x86)\Sony\Vegas Pro 13.0\vegas130.exe C:\Users\Rodrigo\Desktop\µTorrent.lnk - ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\ASUS Boot Setting 1.00.18.lnk - C:\Program Files (x86)\ASUS\ASUS Boot Setting\fastboot.exe C:\Users\Public\Desktop\Avira Connect.lnk - C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe /showMiniGui C:\Users\Public\Desktop\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe C:\Users\Public\Desktop\Battlefield 4.lnk - C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe C:\Users\Public\Desktop\Blade & Soul.lnk - C:\Program Files (x86)\NCWest\NCLauncher\NCLauncher.exe /LauncherID:"NCWest" /CompanyID:"12" /GameID:"BnS" /LUpdateAddr:"updater.nclauncher.ncsoft.com" C:\Users\Public\Desktop\BlueStacks.lnk - C:\ProgramData\Bluestacks\BluestacksGameManager\BlueStacks.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\Corel CAPTURE X8 (64-Bit).lnk - c:\Windows\Installer\{1253ED86-69FD-4A7B-BDF2-96A522583A88}\NewShortcut8_65BCA6E0337A452DA55C0654EAAD7A0B.exe C:\Users\Public\Desktop\Corel CONNECT X8 (64-Bit).lnk - C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X8\Connect64\Connect.exe C:\Users\Public\Desktop\Corel Font Manager X8 (64-Bit).lnk - C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X8\Programs64\FontManager.exe C:\Users\Public\Desktop\Corel PHOTO-PAINT X8 (64-Bit).lnk - c:\Windows\Installer\{04D8C47E-C0FE-4CA5-8878-91ECD9552109}\NewShortcut2_EBB51BFEE10948A888CB7ADF96E8EC80.exe C:\Users\Public\Desktop\CorelDRAW X8 (64-Bit).lnk - c:\Windows\Installer\{A66E09BB-9892-421D-9EB9-311D12AA5244}\NewShortcut1_68427AB8B2C044C58AA777A4C3F75634.exe C:\Users\Public\Desktop\Driver Easy.lnk - C:\Program Files\Easeware\DriverEasy\DriverEasy.exe C:\Users\Public\Desktop\Foxit Reader.lnk - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Line Of Sight.lnk - C:\Level Up\LineOfSight\LSGame_Patcher.exe C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\Nero 2016.lnk - C:\Windows\Installer\{EF0BA418-AF37-471E-9594-EAE5913F4681}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe C:\Users\Public\Desktop\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe C:\Users\Public\Desktop\PCSX2 1.2.1 (r5875).lnk - C:\Program Files (x86)\PCSX2 1.2.1\pcsx2-r5875.exe C:\Users\Public\Desktop\PCSX2 1.4.0.lnk - C:\Program Files (x86)\PCSX2 1.4.0\pcsx2.exe C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe C:\Users\Public\Desktop\The Sims 2 Ultimate Collection.lnk - C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe C:\Users\Public\Desktop\Utilitário de Configuração de Rede Sem Fios TP-LINK.lnk - ==== shortcuts in Users Start Menu ====================== C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6\Counter-Strike 1.6.lnk - C:\Program Files (x86)\Counter-Strike 1.6\cstrike.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6\Dedicated Server.lnk - C:\Program Files (x86)\Counter-Strike 1.6\hlds.exe -nomaster -game cstrike -insecure C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6\Uninstall Counter-Strike 1.6.lnk - C:\Program Files (x86)\Counter-Strike 1.6\Uninstal.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Connect.lnk - C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe /showMiniGui C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\antivírus\Ajuda do Avira antivírus.lnk - C:\Program Files (x86)\Avira\antivírus\57\avwin.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\antivírus\Avira na Internet.lnk - C:\Program Files (x86)\Avira\antivírus\weblink.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\antivírus\Iniciar Avira antivírus.lnk - C:\Program Files (x86)\Avira\antivírus\avcenter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)\Corel CAPTURE X8 (64-Bit).lnk - c:\Windows\Installer\{1253ED86-69FD-4A7B-BDF2-96A522583A88}\NewShortcut8_65BCA6E0337A452DA55C0654EAAD7A0B.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)\Corel CONNECT X8 (64-Bit).lnk - C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X8\Connect64\Connect.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)\Corel Font Manager X8 (64-Bit).lnk - C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X8\Programs64\FontManager.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)\Corel PHOTO-PAINT X8 (64-Bit).lnk - c:\Windows\Installer\{04D8C47E-C0FE-4CA5-8878-91ECD9552109}\NewShortcut2_EBB51BFEE10948A888CB7ADF96E8EC80.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)\CorelDRAW X8 (64-Bit).lnk - c:\Windows\Installer\{A66E09BB-9892-421D-9EB9-311D12AA5244}\NewShortcut1_68427AB8B2C044C58AA777A4C3F75634.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)\Duplexing Wizard (64-Bit).lnk - c:\Windows\Installer\{A66E09BB-9892-421D-9EB9-311D12AA5244}\NewShortcut10_BB562587DB944A668ECBA27E6BFD871C.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)\Video Tutorials X8 (64-Bit).lnk - C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X8\VideoBrowser64\VideoBrowser.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader\Desinstalar Foxit Reader.lnk - C:\Program Files (x86)\Foxit Software\Foxit Reader\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader\Foxit Reader.lnk - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk - C:\Program Files\KMSpico\AutoPico.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk - C:\Program Files\KMSpico\KMSELDI.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Log KMSpico.lnk - C:\Program Files\KMSpico\scripts\Log.cmd C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Uninstall KMSpico.lnk - C:\Program Files\KMSpico\UninsHs.exe /u0=KMSpico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk - C:\Windows\SysWOW64\msiexec.exe /i {89E5827E-EAE7-47F2-A57F-52D92C671983} REMOVE=ALL C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mediatek Wireless\Mediatek Wireless Utility.lnk - C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe -s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mediatek Wireless\Uninstall - RT2870.lnk - C:\Program Files (x86)\InstallShield Installation Information\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}\setup.exe -runfromtemp -removeonly C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /show C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2\Frequently Asked Questions.lnk - C:\Program Files (x86)\PCSX2 1.2.1\Docs\PCSX2_FAQ.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2\PCSX2 1.2.1 (r5875).lnk - C:\Program Files (x86)\PCSX2 1.2.1\pcsx2-r5875.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2\Readme.lnk - C:\Program Files (x86)\PCSX2 1.2.1\Docs\PCSX2_Readme.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2\Uninstall PCSX2 1.2.1 (r5875).lnk - C:\Program Files (x86)\PCSX2 1.2.1\Uninst-pcsx2-r5875.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proteção de Terminal Trusteer\Console do Trusteer Endpoint Protection.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proteção de Terminal Trusteer\Encerrar Trusteer Endpoint Protection.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proteção de Terminal Trusteer\Iniciar Trusteer Endpoint Protection.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Mediatek Wireless Utility.lnk - C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe -s ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Astah Community.lnk - C:\Program Files\astah-community\astah-com.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE /recycle C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CorelDRAW X8 (64-Bit).lnk - c:\Windows\Installer\{A66E09BB-9892-421D-9EB9-311D12AA5244}\NewShortcut1_68427AB8B2C044C58AA777A4C3F75634.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-0000-0000000FF1CE}\outicon.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Photoshop.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\Photoshop.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sleep Timer.lnk - C:\Users\Rodrigo\Desktop\Fotos Backup\HD EXTERNO\Salvar\Progamas\SleepTimer.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Vegas Pro 13.0 (64-bit).lnk - C:\Program Files (x86)\Sony\Vegas Pro 13.0\vegas130.exe C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OSPPSVC.EXE deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Administrador\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Rodrigo\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Rodrigo\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Administrador\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Rodrigo\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Rodrigo\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Rodrigo\AppData\Local\Mozilla\Firefox\Profiles\0spow2bg.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=68 folders=66 54786680 bytes) ==== Empty Temp Folders ====================== C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Rodrigo\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\Bonjour" not found ==== EOF on 02/04/2017 at 14:05:54,79 ====================== Log Hjack Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:08:23, on 02/04/2017 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.14393.0953) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe C:\Program Files (x86)\Avira\antivírus\avgnt.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Windows\syswow64\backgroundTaskHost.exe C:\Users\Rodrigo\Downloads\HijackThis.exe C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\OneDrive.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\antivírus\avgnt.exe" /min O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [OneDrive] "C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Rodrigo\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Spotify] "C:\Users\Rodrigo\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized O4 - HKCU\..\Run: [DIMBaixando a sua atualização...1464359625886] "C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Draw\DIM.EXE" "c:\programdata\corel\downloads\540238885_807001\1464359625886\dim_params.xml" -Launch=3 -uibase="c:\users\rodrigo\appdata\roaming\corel\messages\540238885_807001\br\messagecache1\workflow" O4 - Global Startup: Mediatek Wireless Utility.lnk = C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe O4 - Global Startup: Utilitário de Configuração de Rede Sem Fios TP-LINK.lnk = ? O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O10 - Broken Internet access because of LSP provider 'c:\program files (x86)\bonjour\mdnsnsp.dll' missing O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avmailc7.exe O23 - Service: Avira Agendamento (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avwebg7.exe O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files (x86)\Bonjour\mDNSResponder.exe (file missing) O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe O23 - Service: BlueStacks Plus Android Service (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMS-R@1n - Unknown owner - C:\Windows\KMS-R@1n.exe O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe O23 - Service: MediatekRegistryWriter - Mediatek Inc. - C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe O23 - Service: MediatekRegistryWriter64 - Mediatek Inc. - C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing) O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Ralink UPnP Media Server (RaMediaServer) - Ralink - C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13916 bytes Obrigado
  3. Log hjackthis

    Boa Noite Mr Million, Deixei o ZOEK rodando 2 dias com minha maquina ligada ele nunca termina.. Tem algo para fazer ? Obrigado att
  4. Log hjackthis

    Boa Noite, Segue log do JRT Zoek.exe v5.0.0.1 Updated 27-09-2015 Tool run by Rodrigo on 30/03/2017 at 21:12:54,26. Microsoft Windows 10 Pro 10.0.14393 x64 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\Rodrigo\Downloads\zoek.exe [Scan all users] [Script inserted] ===== Runcheck 21:14:36,32 ===== --- Create Environment Variables 21:14:44,13 --- Create System Restore Point 21:15:39,65 --- Checking Input 21:16:30,13 --- Reset Hosts File 21:17:03,79 --- AU AppData Check 21:17:06,27 --- Remove From Windows Installer 21:17:28,68 lOG Hjack Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:23:59, on 30/03/2017 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.14393.0953) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Avira\antivírus\avgnt.exe C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Steam\steam.exe C:\Program Files (x86)\Steam\bin\cef\cef.Windows 7\steamwebhelper.exe C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Users\Rodrigo\Downloads\HijackThis.exe C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\OneDrive.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\antivírus\avgnt.exe" /min O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [OneDrive] "C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Rodrigo\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Spotify] "C:\Users\Rodrigo\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized O4 - HKCU\..\Run: [DIMBaixando a sua atualização...1464359625886] "C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Draw\DIM.EXE" "c:\programdata\corel\downloads\540238885_807001\1464359625886\dim_params.xml" -Launch=3 -uibase="c:\users\rodrigo\appdata\roaming\corel\messages\540238885_807001\br\messagecache2\workflow" O4 - Global Startup: Mediatek Wireless Utility.lnk = C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe O4 - Global Startup: Utilitário de Configuração de Rede Sem Fios TP-LINK.lnk = ? O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avmailc7.exe O23 - Service: Avira Agendamento (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avwebg7.exe O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe O23 - Service: BlueStacks Plus Android Service (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMS-R@1n - Unknown owner - C:\Windows\KMS-R@1n.exe O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe O23 - Service: MediatekRegistryWriter - Mediatek Inc. - C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe O23 - Service: MediatekRegistryWriter64 - Mediatek Inc. - C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing) O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Ralink UPnP Media Server (RaMediaServer) - Ralink - C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13947 bytes Obrigado att,
  5. Log hjackthis

    Boa Noite Mr Million, Segue resultado do JRT em Modo de Segurança ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.2 (03.10.2017) Operating System: Windows 10 Pro x64 Ran by Rodrigo (Limited) on 29/03/2017 at 19:58:46,42 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 29/03/2017 at 19:59:47,39 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Obrigado att,
  6. Log hjackthis

    Boa Noite, O LOG do JRT saiu em branco, Segue os outros 2 logs ADW # AdwCleaner v6.045 - Relatório criado 28/03/2017 às 23:54:50 # Atualizado em 28/03/2017 por Malwarebytes # Banco de dados : 2017-03-28.2 [Servidor] # Sistema operacional : Windows 10 Pro (X64) # Usuário : Rodrigo - RODRIGO-PC # Executando de : C:\Users\Rodrigo\Downloads\adwcleaner_6.045.exe # Modo: Limpo # Apoio : https://www.malwarebytes.com/support ***** [ Serviços ] ***** ***** [ Pastas ] ***** [-] Pasta excluída:C:\Users\Public\Documents\Guid ***** [ Arquivos ] ***** ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Atalhos ] ***** ***** [ Atividades agendadas ] ***** ***** [ Registro ] ***** [-] Chave excluída:[x64] HKLM\SOFTWARE\DtsEncodeTools [-] Chave excluída:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\br.hao123.com [-] Chave excluída:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hao123.com [-] Chave excluída:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\br.hao123.com [-] Chave excluída:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hao123.com [#] Chave excluída na reinicialização:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\br.hao123.com [#] Chave excluída na reinicialização:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hao123.com [#] Chave excluída na reinicialização:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\br.hao123.com [#] Chave excluída na reinicialização:[x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hao123.com ***** [ Verificando navegadores ... ] ***** [-] [C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Eliminado:br.ask.com [-] [C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Eliminado:hxxp://mysearch.avg.com?cid={4C9D2325-383D-4F13-924F-F7BE6D207AC9}&mid=2d5aaa3ae4b947d29dc665ff303ac303-8450e33b5be75868b836eaf6d9ab6a8d5dcf234e&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-21 10:01:34&v=18.1.0.443&pid=safeguard&sg=&sap=hp [-] [C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Eliminado:hxxp://mysearch.avg.com?cid={4C9D2325-383D-4F13-924F-F7BE6D207AC9}&mid=2d5aaa3ae4b947d29dc665ff303ac303-8450e33b5be75868b836eaf6d9ab6a8d5dcf234e&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-21 10:01:34&v=18.1.7.598&pid=safeguard&sg=&sap=hp [-] [C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Eliminado:hxxp://br.hao123.com/?tn=sdkb_inner_hp_02_hao123_br [-] [C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Eliminado:hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=e3511493dcdf05b26b748ab595d42645 [-] [C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default] [extension] Eliminado:mkndcbhcgphcfkkddanakjiepeknbgle [-] [C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default] [homepage] Eliminado:hxxp://mysearch.avg.com?cid={4C9D2325-383D-4F13-924F-F7BE6D207AC9}&mid=2d5aaa3ae4b947d29dc665ff303ac303-8450e33b5be75868b836eaf6d9ab6a8d5dcf234e&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-06-21 10:01:34&v=18.1.0.443&pid=safeguard&sg=&sap=hp ************************* :: Chaves "Tracing" excluídas :: Configurações Winsock restauradas ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [4333 Bytes] - [28/03/2017 23:54:50] C:\AdwCleaner\AdwCleaner[S0].txt - [4314 Bytes] - [28/03/2017 23:54:20] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4479 Bytes] ########## HJACK Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 00:09:14, on 29/03/2017 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.14393.0953) Boot mode: Normal Running processes: C:\Program Files (x86)\Avira\antivírus\avgnt.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Rodrigo\Downloads\HijackThis.exe C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\OneDrive.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\antivírus\avgnt.exe" /min O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [OneDrive] "C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Rodrigo\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Spotify] "C:\Users\Rodrigo\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized O4 - HKCU\..\Run: [DIMBaixando a sua atualização...1464359625886] "C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Draw\DIM.EXE" "c:\programdata\corel\downloads\540238885_807001\1464359625886\dim_params.xml" -Launch=3 -uibase="c:\users\rodrigo\appdata\roaming\corel\messages\540238885_807001\br\messagecache2\workflow" O4 - Global Startup: Utilitário de Configuração de Rede Sem Fios TP-LINK.lnk = ? O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avmailc7.exe O23 - Service: Avira Agendamento (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avwebg7.exe O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe O23 - Service: BlueStacks Plus Android Service (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMS-R@1n - Unknown owner - C:\Windows\KMS-R@1n.exe O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing) O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13052 bytes Obrigado
  7. Log hjackthis

    Boa Noite Mr. Million, Segue novos logs. Malwarebytes Anti-Malware www.malwarebytes.org Data da verificação: 28/03/2017 Hora da verificação: 20:06 Arquivo de registro: Log Malware.txt Administrador: Sim Versão: 2.2.1.1043 Banco de dados de malware: v2017.03.28.07 Banco de dados de rootkit: v2017.03.11.01 Licença: Gratuita Proteção contra malware: Desabilitado Proteção contra website malicioso: Desabilitado Autoproteção: Desabilitado Sistema operacional: Windows 10 CPU: x64 Sistema de arquivos: NTFS Usuário: Rodrigo Tipo de verificação: Verificação da ameaça Resultado: Concluído Objetos verificados: 439633 Tempo decorrido: 1 hr, 8 min, 48 seg Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Habilitado PUM: Habilitado Processos: 0 (Nenhum item malicioso detectado) Módulos: 0 (Nenhum item malicioso detectado) Chaves de registro: 0 (Nenhum item malicioso detectado) Valores de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Pastas: 0 (Nenhum item malicioso detectado) Arquivos: 0 (Nenhum item malicioso detectado) Setores físicos: 0 (Nenhum item malicioso detectado) (end) Hjack Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:38:44, on 28/03/2017 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.14393.0953) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Avira\antivírus\avgnt.exe C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe C:\Users\Rodrigo\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\antivírus\avgnt.exe" /min O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [OneDrive] "C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Rodrigo\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Spotify] "C:\Users\Rodrigo\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized O4 - HKCU\..\Run: [DIMBaixando a sua atualização...1464359625886] "C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Draw\DIM.EXE" "c:\programdata\corel\downloads\540238885_807001\1464359625886\dim_params.xml" -Launch=3 -uibase="c:\users\rodrigo\appdata\roaming\corel\messages\540238885_807001\br\messagecache2\workflow" O4 - Global Startup: Utilitário de Configuração de Rede Sem Fios TP-LINK.lnk = ? O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avmailc7.exe O23 - Service: Avira Agendamento (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avwebg7.exe O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe O23 - Service: BlueStacks Plus Android Service (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMS-R@1n - Unknown owner - C:\Windows\KMS-R@1n.exe O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing) O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13073 bytes Obrigado
  8. Log hjackthis

    Boa Noite. Estou com meu computador um pouco lento, e as vezes ele trava utilizando o programa Corel Drawn, ou jogando ele congela. Poderiam me ajudar no analisando o log. Log HjackThis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:52:22, on 28/03/2017 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.14393.0953) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Avira\antivírus\avgnt.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Rodrigo\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\antivírus\avgnt.exe" /min O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [OneDrive] "C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Rodrigo\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Spotify] "C:\Users\Rodrigo\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized O4 - HKCU\..\Run: [DIMBaixando a sua atualização...1464359625886] "c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Draw\DIM.exe" "c:\programdata\corel\downloads\540238885_807001\1464359625886\dim_params.xml" -Launch=3 -uibase="c:\users\rodrigo\appdata\roaming\corel\messages\540238885_807001\br\messagecache2\workflow" O4 - Global Startup: Utilitário de Configuração de Rede Sem Fios TP-LINK.lnk = ? O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avmailc7.exe O23 - Service: Avira Agendamento (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\antivírus\avwebg7.exe O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe O23 - Service: BlueStacks Plus Android Service (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMS-R@1n - Unknown owner - C:\Windows\KMS-R@1n.exe O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing) O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13114 bytes Obrigado
  9. Boa Noite Mr Million, Mesmo se este computador for para uso dentro de minha própria empresa ? Se for o caso também peço desculpas.. pensei que poderia por ser de uso meu mesmo. Obrigado att
  10. Boa Noite Mr Milion, Não é usado não, apenas usado com pdv em uma loja. Então tem o sistema de vendas e o Sistema da impressora Fiscal. Obrigado att
  11. Boa Noite, Segue o Log do Malware Bytes Malwarebytes Anti-Malware www.malwarebytes.org Data da verificação: 19/03/2017 Hora da verificação: 18:48 Arquivo de registro: MLB-LOG MALWARE.txt Administrador: Sim Versão: 2.2.1.1043 Banco de dados de malware: v2017.03.19.06 Banco de dados de rootkit: v2017.03.11.01 Licença: Gratuita Proteção contra malware: Desabilitado Proteção contra website malicioso: Desabilitado Autoproteção: Desabilitado Sistema operacional: Windows 7 Service Pack 1 CPU: x64 Sistema de arquivos: NTFS Usuário: casa Tipo de verificação: Verificação da ameaça Resultado: Concluído Objetos verificados: 290980 Tempo decorrido: 10 min, 24 seg Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Desabilitado Heurística: Habilitado PUP: Habilitado PUM: Habilitado Processos: 0 (Nenhum item malicioso detectado) Módulos: 0 (Nenhum item malicioso detectado) Chaves de registro: 0 (Nenhum item malicioso detectado) Valores de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Pastas: 0 (Nenhum item malicioso detectado) Arquivos: 0 (Nenhum item malicioso detectado) Setores físicos: 0 (Nenhum item malicioso detectado) (end) Novo Log HJackThis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:58:50, on 19/03/2017 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17801) Boot mode: Safe mode with network support Running processes: C:\Program Files\AVAST Software\Avast\wsc_proxy.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\AVAST Software\Avast\wsc_proxy.exe C:\Users\casa\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AutoUpdate] C:\Program Files (x86)\InfoPet\autoUpdate.exe O4 - HKLM\..\Run: [SuspendSleep] C:\Program Files (x86)\InfoPet\suspendsleep.exe O4 - HKLM\..\Run: [MarketUP Desktop] "C:\Program Files (x86)\MarketUP\MarketUP Desktop\MarketUPDesktop.exe" /autostart O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" O4 - HKCU\..\Run: [BingSvc] C:\Users\casa\AppData\Local\Microsoft\BingSvc\BingSvc.exe O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [Chromium] "c:\users\casa\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mongoose - Unknown owner - C:\Program Files (x86)\InfoPet\Mongoose.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: pgsql - PostgreSQL Global Development Group - C:\Program Files (x86)\InfoPet\Pgsql\bin\pg_ctl.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8027 bytes Obrigado att
  12. Boa noite, Por favor me ajudar estou com Vírus que abre novas páginas sozinhos e páginas estranhas Segue log do HJackThis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:22:40, on 19/03/2017 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17801) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Users\casa\AppData\Local\Microsoft\BingSvc\BingSvc.exe C:\Program Files (x86)\InfoPet\suspendSleep.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\casa\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.123rede.com?oem=sv1&uid=S1G2J50QC01162_SAMSUNGHD322HJ&tm=1489841038 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.123rede.com?oem=sv1&uid=S1G2J50QC01162_SAMSUNGHD322HJ&tm=1489841038 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8080;https=127.0.0.1:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AutoUpdate] C:\Program Files (x86)\InfoPet\autoUpdate.exe O4 - HKLM\..\Run: [SuspendSleep] C:\Program Files (x86)\InfoPet\suspendsleep.exe O4 - HKLM\..\Run: [MarketUP Desktop] "C:\Program Files (x86)\MarketUP\MarketUP Desktop\MarketUPDesktop.exe" /autostart O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui O4 - HKCU\..\Run: [BingSvc] C:\Users\casa\AppData\Local\Microsoft\BingSvc\BingSvc.exe O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [Chromium] "c:\users\casa\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mongoose - Unknown owner - C:\Program Files (x86)\InfoPet\Mongoose.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: pgsql - PostgreSQL Global Development Group - C:\Program Files (x86)\InfoPet\Pgsql\bin\pg_ctl.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7590 bytes Obrigado att
  13. Está melhor, parece que parou de avisar de vírus.. esta carregando mais rápido..^^ vlws cara^^
  14. Boa Tarde, segue os logs zoek Zoek.exe Version 5.0.0.0 Updated 09-December-2015 Tool run by Rodrigo on 12/12/2015 at 14:40:37,59. Microsoft Windows 10 Home Single Language 10.0.10240 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Rodrigo\Desktop\zoek.exe [scan all users] [script inserted] ===== Runcheck 14:48:33,40 ===== --- Create Environment Variables 14:48:36,09 --- Create System Restore Point 14:48:50,68 --- Checking Input 14:48:56,75 --- Reset Hosts File 14:49:51,79 --- AU AppData Check 14:49:52,66 --- Remove From Windows Installer 14:50:01,11 --- Empty Folders Check 14:53:37,59 --- Registry HKLM Software Check 14:53:37,75 --- Quick Launch Shortcut Check 14:54:13,98 --- IE Startpage Check 14:54:26,66 --- Program Files DB Check 14:55:10,43 --- C:\Users\Default\AppData DB Check 14:56:41,32 --- C:\Users\Default.migrated\AppData DB Check 14:56:41,32 --- C:\Users\Rodrigo\AppData DB Check 14:56:41,32 --- C:\WINDOWS\SysNative\config\systemprofile\AppData DB Check 14:56:41,32 --- C:\WINDOWS\sysWoW64\config\systemprofile\AppData DB Check 14:56:41,32 --- C:\WINDOWS\serviceprofiles\networkservice\AppData DB Check 14:56:41,32 --- C:\WINDOWS\serviceprofiles\Localservice\AppData DB Check 14:56:41,32 --- C:\Users\Rodrigo DB Check 15:01:30,23 --- C:\PROGRA~3 DB Check 15:02:15,48 --- C:\Users\Default\AppData\Local DB Check 15:02:46,34 --- C:\Users\Default User\AppData\Local DB Check 15:02:46,34 --- C:\Users\Default.migrated\AppData\Local DB Check 15:02:46,34 --- C:\Users\Rodrigo\AppData\Local DB Check 15:02:46,34 --- C:\Users\USURIO~1\AppData\Local DB Check 15:02:46,34 --- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local DB Check 15:02:46,34 --- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local DB Check 15:02:46,34 --- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local DB Check 15:02:46,34 --- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local DB Check 15:02:46,34 --- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 15:06:57,93 --- C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 15:07:19,24 --- Tasks DB Check 15:07:32,48 --- C:\Users\Rodrigo\AppData\LocalLow DB Check 15:07:41,87 --- C:\WINDOWS\SysNative\config\systemprofile\AppData\LocalLow DB Check 15:07:41,87 --- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 15:07:41,87 --- C:\WINDOWS\serviceprofiles\networkservice\AppData\LocalLow DB Check 15:07:41,87 --- C:\WINDOWS\serviceprofiles\Localservice\AppData\LocalLow DB Check 15:07:41,87 --- Tasks2 DB Check 15:09:26,13 --- Documents DB Check 15:10:42,67 --- Documents2 DB Check 15:11:09,85 --- C:\Users\Rodrigo\AppData\Roaming\Mozilla\Firefox\Profiles\y8jsiyss.default DB Check 15:11:15,09 --- C:\Users\Public\Desktop DB Check 15:11:20,94 HjackLogfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:12:32, on 12/12/2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.10240.16603) Boot mode: Normal Running processes: C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\WINDOWS\SysWOW64\ctfmon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE C:\Program Files (x86)\Samsung\Side Sync\SideSync.exe C:\Program Files (x86)\Samsung\Side Sync\adb.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Rodrigo\Desktop\Backup\Programas Limpeza\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\Microsoft Office\Office15\GROOVEEX.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [uTorrent] "C:\Users\Rodrigo\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Rodrigo\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [OneDrive] "C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [spotify] "C:\Users\Rodrigo\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized O4 - HKCU\..\RunOnce: [uninstall C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Enviar para o Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Enviar para o Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Enviar para o Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (file missing) (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: Firewall do AVG (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: Watchdog do AVG (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: Easy Launcher - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mobizen plugin - Rsupport Corporation - C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\oraclexe\app\oracle\product\11.2.0\server\BIN\omtsreco.exe O23 - Service: OracleServiceXE - Oracle Corporation - c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE O23 - Service: OracleXEClrAgent - Oracle Corporation - C:\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe O23 - Service: OracleXETNSListener - Oracle Corporation - C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe O23 - Service: Intel® System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15751 bytes a Desculpe segue o log do zoek Zoek.exe Version 5.0.0.0 Updated 09-December-2015 Tool run by Rodrigo on 12/12/2015 at 14:40:37,59. Microsoft Windows 10 Home Single Language 10.0.10240 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Rodrigo\Desktop\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2015-08-14-020226.log 33331 bytes C:\zoek-results2015-08-14-023955.log 6139 bytes ==== System Restore Info ====================== 12/12/2015 14:48:55 Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\Cisco deleted successfully C:\PROGRA~2\UPCleaner deleted successfully C:\PROGRA~2\COMMON~1\Blizzard Entertainment deleted successfully C:\PROGRA~2\COMMON~1\Merge Modules deleted successfully C:\Program Files\Common Files\AV deleted successfully C:\Program Files\Common Files\Diskeeper Corporation deleted successfully C:\Program Files\Common Files\Intel deleted successfully C:\PROGRA~3\ALM deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\Condusiv Technologies deleted successfully C:\Users\Rodrigo\AppData\Local\Dxtory Software deleted successfully C:\Users\Rodrigo\AppData\Local\EmieSiteList deleted successfully C:\Users\Rodrigo\AppData\Local\EmieUserList deleted successfully C:\Users\Rodrigo\AppData\Local\NetworkTiles deleted successfully C:\Users\Rodrigo\AppData\Local\Opera Software deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Rodrigo\AppData\Roaming\Mozilla\Firefox\Profiles\y8jsiyss.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); Added to C:\Users\Rodrigo\AppData\Roaming\Mozilla\Firefox\Profiles\y8jsiyss.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Cisco not found C:\PROGRA~2\UPCleaner not found C:\windows\SysNative\Tasks\1215avtUpdateInfo deleted C:\Users\Rodrigo\.android deleted C:\WINDOWS\sysWoW64\config\systemprofile\.android deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted "C:\Users\Rodrigo\AppData\Roaming\MPC-HC" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Rodrigo\AppData\Roaming\Mozilla\Firefox\Profiles\y8jsiyss.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Rodrigo\AppData\Roaming\Mozilla\Firefox\Profiles\y8jsiyss.default 5DF56521E8985BFD8F21A3D97A4D4574 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll - Shockwave Flash ==== Chromium Look ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Reset Google Chrome ====================== Nothing found to reset ==== shortcuts on Users Desktops ====================== C:\Users\Rodrigo\Desktop\AMD Gaming Evolved.lnk - C:\Program Files (x86)\Raptr\raptrstub.exe C:\Users\Rodrigo\Desktop\Cheat Engine.lnk - C:\Program Files (x86)\Cheat Engine 6.4\Cheat Engine.exe C:\Users\Rodrigo\Desktop\Launcher - Atalho.lnk - C:\Level up\Perfect World - Copia\launcher\Launcher.exe C:\Users\Rodrigo\Desktop\MPC-HC x64.lnk - C:\Program Files (x86)\MPC-HC\mpc-hc64.exe C:\Users\Rodrigo\Desktop\MPC-HC.lnk - C:\Program Files (x86)\MPC-HC\mpc-hc.exe C:\Users\Rodrigo\Desktop\Photoshop - Atalho.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe C:\Users\Rodrigo\Desktop\Secure Download Manager.lnk - C:\Users\Rodrigo\AppData\Roaming\Microsoft\Installer\{F0858165-B8DB-4347-89B8-6D9F882B9BF3}\_7B8B8E43C6C5DC2875B164.exe C:\Users\Rodrigo\Desktop\Spotify.lnk - C:\Users\Rodrigo\AppData\Roaming\Spotify\Spotify.exe C:\Users\Rodrigo\Desktop\TeamSpeak 3 Client.lnk - C:\Users\Rodrigo\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe C:\Users\Rodrigo\Desktop\UltraISO.lnk - C:\Program Files (x86)\UltraISO\UltraISO.exe C:\Users\Rodrigo\Desktop\Uplay.lnk - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe C:\Users\Rodrigo\Desktop\µTorrent.lnk - C:\Users\Rodrigo\Desktop\Monografia\Backup Pam\Documentos\Facul_Pam\Semestre_Concluídos\8º Semestre\Jonas - Lab. Microproc\MPLAB IDE v8.50.lnk - C:\Users\Rodrigo\Desktop\Monografia\Backup Pam\Documentos\Facul_Pam\Semestre_Concluídos\8º Semestre\Jonas - Lab. Microproc\PicsimLab_0_5_0.lnk - ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Application Manager.lnk - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe --appletID=CCM_UI --appletVersion=1.0 --workflow=CCM_workflow_launch C:\Users\Public\Desktop\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\AVG 2015.lnk - C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Users\Public\Desktop\Balsamiq Mockups.lnk - C:\Program Files (x86)\Balsamiq Mockups\Balsamiq Mockups.exe C:\Users\Public\Desktop\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\Hearthstone.lnk - C:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Users\Public\Desktop\Mobizen.lnk - C:\Program Files (x86)\RSUPPORT\Mobizen\Mobizen.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\NetBeans IDE 8.0.2.lnk - C:\Program Files (x86)\NetBeans 8.0.2\bin\netbeans64.exe C:\Users\Public\Desktop\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe C:\Users\Public\Desktop\STAR WARS Battlefront Beta.lnk - C:\Program Files (x86)\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe C:\Users\Public\Desktop\TeamViewer 10.lnk - C:\Program Files (x86)\TeamViewer\TeamViewer.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level up\Perfect World\Perfect World.lnk - C:\Level up\Perfect World\launcher\Launcher.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk - C:\Users\Rodrigo\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk - C:\Users\Rodrigo\AppData\Local\TeamSpeak 3 Client\Uninstall.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe --appletID=CCM_UI --appletVersion=1.0 --workflow=CCM_workflow_launch C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk - C:\Program Files (x86)\Adobe\Adobe Utilities - CS6\ExtendScript Toolkit CS6\ExtendScript Toolkit.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Adobe Extension Manager CS6.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6 (64 Bit).lnk - C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6.lnk - C:\Program Files (x86)\Adobe\Adobe Illustrator CS6\Support Files\Contents\Windows\Illustrator.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Action Replay PowerSaves 3DS\Action Replay PowerSaves 3DS.lnk - C:\Program Files (x86)\Action Replay PowerSaves 3DS\PowerSaves3DS.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved\AMD Gaming Evolved.lnk - C:\Program Files (x86)\Raptr\raptrstub.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings\AMD Settings.lnk - C:\Program Files (x86)\AMD\CNext\CNext\cnext.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2015.lnk - C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4(64 bit).lnk - C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4.lnk - C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Contrato de Licença para Usuário Final da Battlefield 4.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Suporte Técnico.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files\Java\jre1.8.0_65\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files\Java\jre1.8.0_65\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Documentação de Referência.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Java Mission Control.lnk - C:\Program Files\Java\jdk1.8.0_51\bin\jmc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\WINDOWS\Installer\{91150000-0011-0000-0000-0000000FF1CE}\accicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Enviar para o OneNote 2013.lnk - C:\WINDOWS\Installer\{91150000-0011-0000-0000-0000000FF1CE}\joticon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\WINDOWS\Installer\{91150000-0011-0000-0000-0000000FF1CE}\xlicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk - C:\WINDOWS\Installer\{91150000-0011-0000-0000-0000000FF1CE}\inficon.exe /design C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk - C:\WINDOWS\Installer\{91150000-0011-0000-0000-0000000FF1CE}\inficon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk - C:\WINDOWS\Installer\{91150000-0011-0000-0000-0000000FF1CE}\grv_icons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\WINDOWS\Installer\{91150000-0011-0000-0000-0000000FF1CE}\joticon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\WINDOWS\Installer\{91150000-0011-0000-0000-0000000FF1CE}\outicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\WINDOWS\Installer\{91150000-0011-0000-0000-0000000FF1CE}\pptico.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\WINDOWS\Installer\{91150000-0011-0000-0000-0000000FF1CE}\pubs.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Skype for Business 2015.lnk - C:\WINDOWS\Installer\{91150000-0011-0000-0000-0000000FF1CE}\lyncicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\WINDOWS\Installer\{91150000-0011-0000-0000-0000000FF1CE}\wordicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Database Compare 2013.lnk - C:\WINDOWS\Installer\{91150000-0011-0000-0000-0000000FF1CE}\dbcicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Gerenciador de Gravação do Lync.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Spreadsheet Compare 2013.lnk - C:\WINDOWS\Installer\{91150000-0011-0000-0000-0000000FF1CE}\sscicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008\Ferramentas de Configuração\Central de Instalação do SQL Server (64 bits).lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012\Configuration Tools\SQL Server Installation Center (64-bit).lnk - C:\Program Files (x86)\Microsoft SQL Server\110\Setup Bootstrap\SQLServer2012\x64\LandingPage.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk - C:\Program Files (x86)\Notepad++\notepad++.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RSUPPORT\Mobizen\Mobizen.lnk - C:\Program Files (x86)\RSUPPORT\Mobizen\Mobizen.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RSUPPORT\Mobizen\Uninstall Mobizen.lnk - C:\Windows\SysWOW64\msiexec.exe /x {BA0D3A44-BCEE-4C8B-BCD4-F7F1E64F41E3} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront Beta\STAR WARS Battlefront Beta End User License Agreement.lnk - C:\Program Files (x86)\Origin Games\STAR WARS Battlefront Beta\Support\eula\en_US_eula.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront Beta\STAR WARS Battlefront Beta.lnk - C:\Program Files (x86)\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront Beta\Technical Support.lnk - C:\Program Files (x86)\Origin Games\STAR WARS Battlefront Beta\Support\EA Help\Technical Support.en_US.rtf ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\INTROSQL_POST_12.lnk - C:\Users\Rodrigo\Desktop\INTROSQL_POST_12.pdf C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows 8 Menu.lnk - C:\Program Files (x86)\Stardock\Start8\Start8.exe Metro C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Action Replay PowerSaves 3DS.lnk - C:\Program Files (x86)\Action Replay PowerSaves 3DS\PowerSaves3DS.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Excel 2013.lnk - C:\WINDOWS\Installer\{91150000-0011-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokemon Showdown.lnk - C:\Program Files (x86)\Pokemon Showdown\pokemonshowdown.exe C:\Users\Rodrigo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spotify.lnk - C:\Users\Rodrigo\AppData\Roaming\Spotify\Spotify.exe C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Rodrigo\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Rodrigo\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Rodrigo\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Rodrigo\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Rodrigo\AppData\Local\Mozilla\Firefox\Profiles\y8jsiyss.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=316 folders=128 435733129 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Rodrigo\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on 12/12/2015 at 15:27:45,58 ======================
  15. Boa Tarde, Segue logs, Hjack Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:45:52, on 12/12/2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.10240.16603) Boot mode: Normal Running processes: C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Users\Rodrigo\Desktop\Backup\Programas Limpeza\HijackThis.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\Microsoft Office\Office15\GROOVEEX.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [uTorrent] "C:\Users\Rodrigo\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Rodrigo\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [OneDrive] "C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [spotify] "C:\Users\Rodrigo\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized O4 - HKCU\..\RunOnce: [uninstall C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rodrigo\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Enviar para o Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Enviar para o Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Enviar para o Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (file missing) (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: Firewall do AVG (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: Watchdog do AVG (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: Easy Launcher - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mobizen plugin - Rsupport Corporation - C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\oraclexe\app\oracle\product\11.2.0\server\BIN\omtsreco.exe O23 - Service: OracleServiceXE - Oracle Corporation - c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE O23 - Service: OracleXEClrAgent - Oracle Corporation - C:\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe O23 - Service: OracleXETNSListener - Oracle Corporation - C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe O23 - Service: Intel® System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 15371 bytes JRT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.1 (11.24.2015) Operating System: Windows 10 Home Single Language x64 Ran by Rodrigo (Administrator) on 12/12/2015 at 13:38:44,64 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 3 Successfully deleted: C:\ProgramData\ammyy (Folder) Successfully deleted: C:\Users\Rodrigo\AppData\Roaming\speedrunnerslog.txt (File) Successfully deleted: C:\WINDOWS\SysWOW64\RENB503.tmp (File) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 12/12/2015 at 13:43:06,64 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ADW # AdwCleaner v5.024 - Relatório criado 12/12/2015 às 13:21:32 # Atualizado 07/12/2015 por Xplode # Banco de dados : 2015-12-12.1 [servidor] # Sistema operacional : Windows 10 Home Single Language (x64) # Usuário : Rodrigo - RODRIGO-PC # Executando de : C:\Users\Rodrigo\Desktop\AdwCleaner.exe # Opção : Limpar # Apoio : http://toolslib.net/forum ***** [ Serviços ] ***** [-] Serviço Excluído : Service KMSELDI ***** [ Pastas ] ***** [-] Pasta Excluído : C:\Program Files\kmspico [-] Pasta Excluído : C:\ProgramData\Avg_Update_1215avt [-] Pasta Excluído : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\kmspico ***** [ Arquivos ] ***** ***** [ DLLs ] ***** ***** [ Atalhos ] ***** ***** [ Tarefas agendadas ] ***** ***** [ Registro ] ***** ***** [ Navegadores ] ***** ************************* :: Chaves "Tracing" excluídas :: Configurações Winsock restauradas ########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [940 bytes] ##########
×