Conteúdo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Fundo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Desenho: Liso Onda Linha Retalho Madeira Rocha Couro Colméia Vertical Triângulo
Bem-vindo ao Fórum do BABOO!

Desde 2000 o Fórum do BABOO tem ajudado milhões de internautas de Windows a resolverem seus problemas e dúvidas, além de ajudar na remoção de vírus e malwares de seus computadores. Somos o único fórum brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows, então se você tem uma dúvida ou problema que nenhum outro fórum resolve, poste-a aqui pois o MVP Babooadora desafios!
  

O Fórum do BABOO também conta com a participação exclusiva do administrador da área de Segurança MVP Mr.Million que tem reconhecimento internacional da Microsoft pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Se o seu computador está infectado por algum vírus, ele te ajudará a removê-lo!
  

Nosso time de especialistas também inclui Patropi  Osvaldomp  Caze  Ciro-Mota  XERLOUCO ROUMS  Tatha que responderão suas dúvidas sobre diversos assuntos.
 

Participe da nossa comunidade! 

 

zezelto

Participante
  • Postagens

    32
  • Desde

  • Última visita

Sobre zezelto

Perfil

  • Escolaridade
    2º grau completo
  • Nível Profissional
    Autônomo
  • Estado
    Mato Grosso do Sul
  • Sexo
    masculino
  1. Segue logs para analise ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.3 (04.10.2017) Operating System: Windows 10 Pro x64 Ran by ZEZELTO (Administrator) on 21/04/2017 at 19:57:25,65 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 21/04/2017 at 20:39:26,98 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v6.045 - Relatório criado 21/04/2017 às 19:08:23 # Atualizado em 28/03/2017 por Malwarebytes # Banco de dados : 2017-04-21.1 [Servidor] # Sistema operacional : Windows 10 Pro (X64) # Usuário : ZEZELTO - DESKTOP-RI07GG2 # Executando de : C:\Users\ZEZELTO\Desktop\AdwCleaner (3).exe # Modo: Limpo # Apoio : https://www.malwarebytes.com/support ***** [ Serviços ] ***** [-] Serviço excluído:YSearchUtilSvc [-] Serviço excluído:iFunSoftUpdaterSvc [-] Serviço excluído:Solvusoft Suite Service ***** [ Pastas ] ***** [-] Pasta excluída:C:\Users\ZEZELTO\AppData\Local\slimware utilities inc [-] Pasta excluída:C:\Users\ZEZELTO\AppData\Local\YSearchUtil [#] Pasta excluída na reinicialização:C:\Users\ZEZELTO\AppData\Local\SlimWare Utilities Inc [-] Pasta excluída:C:\Users\ZEZELTO\AppData\LocalLow\iFunSoft [-] Pasta excluída:C:\Users\ZEZELTO\AppData\Roaming\PC faster [-] Pasta excluída:C:\Users\ZEZELTO\AppData\Roaming\iFunSoft [-] Pasta excluída:C:\Program Files\Enigma Software Group [-] Pasta excluída:C:\ProgramData\Solvusoft [-] Pasta excluída:C:\ProgramData\BSD\DriverHive [-] Pasta excluída:C:\ProgramData\iFunSoft [-] Pasta excluída:C:\ProgramData\BSD [#] Pasta excluída na reinicialização:C:\ProgramData\BSD\DriverHiveEngine [-] Pasta excluída:C:\ProgramData\Zbshareware Lab [-] Pasta excluída:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft [-] Pasta excluída:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security [-] Pasta excluída:C:\Users\Public\Documents\Guid [-] Pasta excluída:C:\Program Files (x86)\Solvusoft [-] Pasta excluída:C:\Program Files (x86)\Yahoo!\yset [-] Pasta excluída:C:\Program Files (x86)\iFunSoft [-] Pasta excluída:C:\Program Files (x86)\USB Disk Security [-] Pasta excluída:C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Solvusoft [-] Pasta excluída:C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil ***** [ Arquivos ] ***** [-] Arquivo excluído:C:\Users\ZEZELTO\Downloads\REGCLEANER.EXE [-] Arquivo excluído:C:\Users\ZEZELTO\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Atalhos ] ***** ***** [ Atividades agendadas ] ***** [-] Tarefa eliminada:DriverDoc Auto Start ***** [ Registro ] ***** [-] Chave excluída:HKU\S-1-5-21-259142593-962520523-2691621642-1001\Software\Solvusoft [-] Chave excluída:HKU\S-1-5-21-259142593-962520523-2691621642-1001\Software\BSD [#] Chave excluída na reinicialização:HKCU\Software\Solvusoft [#] Chave excluída na reinicialização:HKCU\Software\BSD [-] Chave excluída:HKLM\SOFTWARE\Trymedia Systems [-] Chave excluída:HKLM\SOFTWARE\BSD [-] Chave excluída:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet [#] Chave excluída na reinicialização:[x64] HKCU\Software\Solvusoft [#] Chave excluída na reinicialização:[x64] HKCU\Software\BSD [-] Chave excluída:[x64] HKLM\SOFTWARE\DtsEncodeTools [-] Chave excluída:HKLM\SOFTWARE\Classes\Installer\Features\0570A0D4430B8FD479ED621F12A22CFF [-] Chave excluída:HKLM\SOFTWARE\Classes\Installer\Products\0570A0D4430B8FD479ED621F12A22CFF [-] Chave excluída:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0570A0D4430B8FD479ED621F12A22CFF [#] Chave excluída na reinicialização:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0570A0D4430B8FD479ED621F12A22CFF [#] Chave excluída na reinicialização:[x64] HKLM\SOFTWARE\Classes\Installer\Features\0570A0D4430B8FD479ED621F12A22CFF [#] Chave excluída na reinicialização:[x64] HKLM\SOFTWARE\Classes\Installer\Products\0570A0D4430B8FD479ED621F12A22CFF ***** [ Verificando navegadores ... ] ***** [-] Preferências do Firefox limpas:"coupons.urls" - "[\"hxxps://i_spigjs_info.tlscdn.com/spig/javascript.js?hid=1&channel=FF\",\"hxxps://i_spigtrdpjs_info.tlscdn.com/spigtr/javascript.js?hid=1&channel=FF\"]" [-] [C:\Users\ZEZELTO\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Eliminado:br.ask.com ************************* :: Chaves "Tracing" excluídas :: Configurações Winsock restauradas ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [4356 Bytes] - [21/04/2017 19:08:23] C:\AdwCleaner\AdwCleaner[S0].txt - [4286 Bytes] - [21/04/2017 19:07:20] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4502 Bytes] ########## Segue log do adwCleaner: # AdwCleaner v6.045 - Relatório criado 21/04/2017 às 19:08:23 # Atualizado em 28/03/2017 por Malwarebytes # Banco de dados : 2017-04-21.1 [Servidor] # Sistema operacional : Windows 10 Pro (X64) # Usuário : ZEZELTO - DESKTOP-RI07GG2 # Executando de : C:\Users\ZEZELTO\Desktop\AdwCleaner (3).exe # Modo: Limpo # Apoio : https://www.malwarebytes.com/support ***** [ Serviços ] ***** [-] Serviço excluído:YSearchUtilSvc [-] Serviço excluído:iFunSoftUpdaterSvc [-] Serviço excluído:Solvusoft Suite Service ***** [ Pastas ] ***** [-] Pasta excluída:C:\Users\ZEZELTO\AppData\Local\slimware utilities inc [-] Pasta excluída:C:\Users\ZEZELTO\AppData\Local\YSearchUtil [#] Pasta excluída na reinicialização:C:\Users\ZEZELTO\AppData\Local\SlimWare Utilities Inc [-] Pasta excluída:C:\Users\ZEZELTO\AppData\LocalLow\iFunSoft [-] Pasta excluída:C:\Users\ZEZELTO\AppData\Roaming\PC faster [-] Pasta excluída:C:\Users\ZEZELTO\AppData\Roaming\iFunSoft [-] Pasta excluída:C:\Program Files\Enigma Software Group [-] Pasta excluída:C:\ProgramData\Solvusoft [-] Pasta excluída:C:\ProgramData\BSD\DriverHive [-] Pasta excluída:C:\ProgramData\iFunSoft [-] Pasta excluída:C:\ProgramData\BSD [#] Pasta excluída na reinicialização:C:\ProgramData\BSD\DriverHiveEngine [-] Pasta excluída:C:\ProgramData\Zbshareware Lab [-] Pasta excluída:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft [-] Pasta excluída:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security [-] Pasta excluída:C:\Users\Public\Documents\Guid [-] Pasta excluída:C:\Program Files (x86)\Solvusoft [-] Pasta excluída:C:\Program Files (x86)\Yahoo!\yset [-] Pasta excluída:C:\Program Files (x86)\iFunSoft [-] Pasta excluída:C:\Program Files (x86)\USB Disk Security [-] Pasta excluída:C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Solvusoft [-] Pasta excluída:C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil ***** [ Arquivos ] ***** [-] Arquivo excluído:C:\Users\ZEZELTO\Downloads\REGCLEANER.EXE [-] Arquivo excluído:C:\Users\ZEZELTO\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Atalhos ] ***** ***** [ Atividades agendadas ] ***** [-] Tarefa eliminada:DriverDoc Auto Start ***** [ Registro ] ***** [-] Chave excluída:HKU\S-1-5-21-259142593-962520523-2691621642-1001\Software\Solvusoft [-] Chave excluída:HKU\S-1-5-21-259142593-962520523-2691621642-1001\Software\BSD [#] Chave excluída na reinicialização:HKCU\Software\Solvusoft [#] Chave excluída na reinicialização:HKCU\Software\BSD [-] Chave excluída:HKLM\SOFTWARE\Trymedia Systems [-] Chave excluída:HKLM\SOFTWARE\BSD [-] Chave excluída:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet [#] Chave excluída na reinicialização:[x64] HKCU\Software\Solvusoft [#] Chave excluída na reinicialização:[x64] HKCU\Software\BSD [-] Chave excluída:[x64] HKLM\SOFTWARE\DtsEncodeTools [-] Chave excluída:HKLM\SOFTWARE\Classes\Installer\Features\0570A0D4430B8FD479ED621F12A22CFF [-] Chave excluída:HKLM\SOFTWARE\Classes\Installer\Products\0570A0D4430B8FD479ED621F12A22CFF [-] Chave excluída:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0570A0D4430B8FD479ED621F12A22CFF [#] Chave excluída na reinicialização:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0570A0D4430B8FD479ED621F12A22CFF [#] Chave excluída na reinicialização:[x64] HKLM\SOFTWARE\Classes\Installer\Features\0570A0D4430B8FD479ED621F12A22CFF [#] Chave excluída na reinicialização:[x64] HKLM\SOFTWARE\Classes\Installer\Products\0570A0D4430B8FD479ED621F12A22CFF ***** [ Verificando navegadores ... ] ***** [-] Preferências do Firefox limpas:"coupons.urls" - "[\"hxxps://i_spigjs_info.tlscdn.com/spig/javascript.js?hid=1&channel=FF\",\"hxxps://i_spigtrdpjs_info.tlscdn.com/spigtr/javascript.js?hid=1&channel=FF\"]" [-] [C:\Users\ZEZELTO\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Eliminado:br.ask.com ************************* :: Chaves "Tracing" excluídas :: Configurações Winsock restauradas ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [4356 Bytes] - [21/04/2017 19:08:23] C:\AdwCleaner\AdwCleaner[S0].txt - [4286 Bytes] - [21/04/2017 19:07:20] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4502 Bytes] ########## Segue log do hijackthis: ogfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:43:22, on 21/04/2017 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.10586.0873) Boot mode: Normal Running processes: C:\PROGRA~2\GbPlugin\GbpSv.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Users\ZEZELTO\Desktop\HijackThis (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://login.latinamweb.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll O4 - HKLM\..\Run: [USB antivírus] C:\Program Files (x86)\USB Disk Security\RunUSBGuard.exe O4 - HKLM\..\Run: [TVTray] C:\Program Files (x86)\ENLTV\TVTray.exe O4 - HKLM\..\Run: [TVTrayMCE] C:\PROGRA~2\ENLTV\TVTray.exe O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" O4 - Startup: Start.lnk = ? O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.aeriagames.com O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11172 bytes
  2. Boa tarde desculpe a demora em responder. Seque Log do MBAM. Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 21/04/17 Hora da análise: 15:47 Arquivo de registro: anti virus.txt Administrador: Sim -Informação do software- Versão: 3.0.6.1469 Versão de componentes: 1.0.103 Versão do pacote de definições: 1.0.1777 Licença: Versão de avaliação -Informação do sistema- Sistema operacional: Windows 10 CPU: x64 Sistema de arquivos: NTFS Usuário: DESKTOP-RI07GG2\ZEZELTO -Resumo da análise- Tipo de análise: Análise de Ameaças Resultado: Concluído Objetos verificados: 432341 Tempo decorrido: 21 min, 57 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Habilitado PUM: Habilitado -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 3 PUP.Optional.Solvusoft, C:\ProgramData\Solvusoft\Solvusoft Suite\Logs, Nenhuma ação do usuário, [349], [319820],1.0.1777 PUP.Optional.Solvusoft, C:\ProgramData\Solvusoft\Solvusoft Suite, Nenhuma ação do usuário, [349], [319820],1.0.1777 PUP.Optional.Solvusoft, C:\PROGRAMDATA\Solvusoft, Nenhuma ação do usuário, [349], [319820],1.0.1777 Arquivo: 1 PUP.Optional.Solvusoft, C:\ProgramData\Solvusoft\Solvusoft Suite\Logs\Service.log.txt, Nenhuma ação do usuário, [349], [319820],1.0.1777 Setor físico: 0 (Nenhum item malicioso detectado) Segue Log do Hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:24:19, on 21/04/2017 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.10586.0873) Boot mode: Normal Running processes: C:\PROGRA~2\GbPlugin\GbpSv.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\agent.exe C:\Users\ZEZELTO\Desktop\HijackThis (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://login.latinamweb.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll O4 - HKLM\..\Run: [USB antivírus] C:\Program Files (x86)\USB Disk Security\RunUSBGuard.exe O4 - HKLM\..\Run: [TVTray] C:\Program Files (x86)\ENLTV\TVTray.exe O4 - HKLM\..\Run: [TVTrayMCE] C:\PROGRA~2\ENLTV\TVTray.exe O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" O4 - Startup: Start.lnk = ? O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.aeriagames.com O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iFunSoft Updater (iFunSoftUpdaterSvc) - iFunSoft - C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Solvusoft Suite Service - Solvusoft Corporation - C:\Program Files (x86)\Solvusoft\SuiteService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: YSearchUtilSvc - Yahoo Inc. - C:\Program Files (x86)\Yahoo!\yset\{122B9384-7F01-A648-8701-03BAB08F1EA4}\YSearchUtilSvc.exe -- End of file - 11870 bytes
  3. Já fiz todos os procedimentos solicitados no Tópico Oficial...Meu PC esta muito lento e travandoSegue meu Log para exame: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:57:34, on 16/04/2017 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.10586.0873) Boot mode: Normal Running processes: C:\PROGRA~2\GbPlugin\GbpSv.exe C:\PROGRA~2\GbPlugin\GbpSv.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\ZEZELTO\Desktop\HijackThis (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://login.latinamweb.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll O4 - HKLM\..\Run: [USB antivírus] C:\Program Files (x86)\USB Disk Security\RunUSBGuard.exe O4 - HKLM\..\Run: [TVTray] C:\Program Files (x86)\ENLTV\TVTray.exe O4 - HKLM\..\Run: [TVTrayMCE] C:\PROGRA~2\ENLTV\TVTray.exe O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" O4 - HKUS\S-1-5-21-259142593-962520523-2691621642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04162017162157445\..\Run: [Akamai NetSession Interface] "C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe" (User '?') O4 - HKUS\S-1-5-21-259142593-962520523-2691621642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04162017162157445\..\Run: [ISUSPM Startup] "c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe" -startup (User '?') O4 - HKUS\S-1-5-21-259142593-962520523-2691621642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04162017162157445\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (User '?') O4 - HKUS\S-1-5-21-259142593-962520523-2691621642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04162017162157445\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64" (User '?') O4 - HKUS\S-1-5-21-259142593-962520523-2691621642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04162017162308306\..\Run: [Akamai NetSession Interface] "C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe" (User '?') O4 - HKUS\S-1-5-21-259142593-962520523-2691621642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04162017162308306\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64" (User '?') O4 - S-1-5-21-259142593-962520523-2691621642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04162017162157445 Startup: Start.lnk = ? (User '?') O4 - S-1-5-21-259142593-962520523-2691621642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04162017162308306 Startup: Start.lnk = ? (User '?') O4 - Startup: Start.lnk = ? O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.aeriagames.com O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iFunSoft Updater (iFunSoftUpdaterSvc) - iFunSoft - C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Solvusoft Suite Service - Solvusoft Corporation - C:\Program Files (x86)\Solvusoft\SuiteService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: YSearchUtilSvc - Yahoo Inc. - C:\Program Files (x86)\Yahoo!\yset\{122B9384-7F01-A648-8701-03BAB08F1EA4}\YSearchUtilSvc.exe -- End of file - 13703 bytes
O site BABOO está no ar para informar e ajudar o internauta de Windows. Este site foi publicado em 1999 por Aurélio "Baboo", engenheiro e um dos maiores especialistas brasileiros em Windows, que trabalha profissionalmente com esse sistema operacional desde 1987. Desde 2004 ele é premiado anualmente pela Microsoft como MVP (Most Valuable Professional) pela sua contribuição e ajuda à comunidade de usuários de Windows.

Em 2001 foi criado o
Fórum do BABOO para ajudar o internauta brasileiro a solucionar problemas e dúvidas sobre Windows, Segurança, Office, Hardware e outros temas. Desde 2010 a Microsoft também tem premiado o Mr.Million, administrador da área de Segurança do Fórum do BABOO, pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Atualmente ele é o único MVP brasileiro de Segurança em desktop.

O BABOO é o único site brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows e que participa diariamente e ativamente nos comentários e discussões do site e fórum BABOO.