Ir para conteúdo

BABOO e KTS 2018 no YouTube Loja online do BABOO

cr170969

Participante
  • Postagens

    15
  • Desde

  • Última visita

Perfil

  • Escolaridade
    2º grau completo
  • Área Profissional
    Comercial / Vendas
  • Nível Profissional
    Autônomo
  • Estado
    Rio de Janeiro
  • Sexo
    masculino
  1. Duvida na instalação do windows

    caso resolvido, podem fechar o tópico.
  2. Duvida na instalação do windows

    Ciro desde já obrigado, vou te contar o que aconteceu, quando coloquei o pendrive para instalar o Windows eu deveria ter apagado o HD antes de instalar no SSD, como eu não fiz ele simplesmente aproveitou uma partição de 100MB (partição de sistema EFI) e outra de 450MB (Partição de recuperação) do HD, sera que tem jeito de ajeitar essa salada ?
  3. Duvida na instalação do windows

    ola pessoal gostaria da ajuda de vocês afim de entender o que se passa na minha maquina, em primeiro lugar instalei o win10 através de um pendrive, ao selecionar na BIOS aparecia "pendrive kingston UEFI" selecionei e mandei instalar, muito bem, porém agora coloquei um SSD e fiz a instalação do sistema também Win10 nesse SSD, no entanto para dar boot a maquina exige que em primeiro na lista fique "Windows BOOT MANAGER (SATA6G_1:ST3160215AS) que é justamente o HD onde estava instado o primeiro sistema, tudo funciona bem mais se eu tiver que tirar esse HD um dia não dara mais boot certo ? detalhe: depois do Windows já instalado no SSD eu formatei o antigo HD onde estava o Windows.OBS: O SATA6G_4 é o SSD
  4. Nova central de segurança

    É isso mesmo ? seremos agora obrigados e ter dois antivírus uma vez que agora o defender não se desativa mais quando é instalado um antivírus de terceiros ? o boot lento agradece...
  5. Analise de log

    ta tranquilo Mr, obrigado, só fiquei meio assim do Kaspersky não ter nem acusado nada quando entrei nesse site sem querer, coloquei o nod32, acho mais leve, obrigado.
  6. Analise de log

    Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 21:17:36, on 01/12/2016 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.14393.0000) FIREFOX: 50.0 (x86 pt-BR) Boot mode: Normal Running processes: C:\Users\crena\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\XonarSwitch.exe C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe D:\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&PC=UE01&ocid=UE01DHP R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit= O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe O4 - HKCU\..\Run: [OneDrive] "C:\Users\crena\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [XonarSwitch] C:\Program Files (x86)\XonarSwitch.exe O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE /EPT "EPLTarget\P0000000000000000" /M "L355 Series" /EF "HKCU" O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://help.eset.com (HKLM) O15 - ESC Trusted Zone: http://help.eset.com (HKLM) O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 antivírus\ekrn.exe O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe O23 - Service: GamingHotkey_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Logitech Gaming Registry Service (LogiRegistryService) - Logitech Inc. - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe O23 - Service: Malwarebytes Anti-Exploit Service (MbaeSvc) - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MSI_ActiveX_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - D:\Origin\OriginClientService.exe O23 - Service: Origin Web Helper Service - Electronic Arts - D:\Origin\OriginWebHelperService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\SysWoW64\vmnetdhcp.exe O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\SysWoW64\vmnat.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11767 bytes
  7. Analise de log

    Zoek.exe v5.0.0.1 Updated 19-September-2016 Tool run by crena on 01/12/2016 at 20:41:38,32. Microsoft Windows 10 Pro 10.0.14393 x64 Running in: Normal Mode Internet Access Detected Launched: D:\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== Empty Folders Check ====================== C:\Program Files\Common Files\Autodesk Shared deleted successfully C:\Program Files\Common Files\AV deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\CorelDRAW Graphics Suite X6 deleted successfully C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\crena\AppData\Local\NetworkTiles deleted successfully C:\Users\crena\AppData\Local\PackageStaging deleted successfully C:\Users\crena\AppData\Local\PeerDistRepub deleted successfully C:\Users\defaultuser0\AppData\Local\VirtualStore deleted successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\crena\AppData\Roaming\Mozilla\Firefox\Profiles\ya2v6nr5.default\prefs.js: Added to C:\Users\crena\AppData\Roaming\Mozilla\Firefox\Profiles\ya2v6nr5.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Deleting Files \ Folders ====================== C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 not found C:\Users\crena\AppData\Roaming\WhatsApp deleted C:\PROGRA~3\Package Cache deleted C:\Windows\SysNative\GroupPolicy\Machine deleted C:\Windows\SysNative\GroupPolicy\User deleted C:\Windows\SysNative\GroupPolicy\GPT.INI deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted C:\Windows\Syswow64\SET14A8.tmp deleted C:\Windows\Syswow64\SET18C4.tmp deleted C:\Windows\Syswow64\SET22C2.tmp deleted C:\Windows\Syswow64\SET4E3E.tmp deleted C:\Windows\Syswow64\SET50C0.tmp deleted C:\Windows\Syswow64\SET54DC.tmp deleted C:\Windows\Syswow64\SET5B7A.tmp deleted C:\Windows\Syswow64\SET7A88.tmp deleted C:\Windows\Syswow64\SET98C8.tmp deleted C:\Windows\Syswow64\SETA74A.tmp deleted C:\Windows\Syswow64\SETAB72.tmp deleted C:\Windows\Syswow64\SETBA64.tmp deleted C:\Windows\Syswow64\SETBD54.tmp deleted C:\Windows\Syswow64\SETBED0.tmp deleted C:\Windows\Syswow64\SETC038.tmp deleted C:\Windows\Syswow64\SETC39C.tmp deleted C:\Windows\Syswow64\SETD6D.tmp deleted C:\Windows\Syswow64\SETE68D.tmp deleted C:\Windows\Syswow64\SETF28.tmp deleted C:\Windows\Syswow64\SETFAFC.tmp deleted "C:\Windows\Installer\a5ed74b.msi" deleted "C:\Users\crena\AppData\Roaming\Vso" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\crena\AppData\Roaming\Mozilla\Firefox\Profiles\ya2v6nr5.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\crena\AppData\Roaming\Mozilla\Firefox\Profiles\ya2v6nr5.default - User Agent Overrider - %ProfilePath%\extensions\useragentoverrider@qixinglu.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== ==== Chromium Look ====================== Rastreador - crena\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnlegggomkoaacenefdcdddgcgjhjmfg RealPlayer Cloud - crena\AppData\Local\Google\Chrome\User Data\Default\Extensions\damemajnpodbdjndboidpmfpjlabocje Chupro - crena\AppData\Local\Google\Chrome\User Data\Default\Extensions\lagljngeghjaelaekdcfmnlggmcopleo Livinir - crena\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgibfdbcedkapfpellkjknfoagmjjneh Chrome Apps & Extensions Developer Tool - crena\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc Chrome Media Router - crena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Chromium Fix ====================== C:\Users\crena\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advertising.mercadolivre.com.br_0.localstorage deleted successfully C:\Users\crena\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advertising.mercadolivre.com.br_0.localstorage-journal deleted successfully C:\Users\crena\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\crena\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&PC=UE01&ocid=UE01DHP" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&PC=UE01&ocid=UE01DHP" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Reset Google Chrome ====================== C:\Users\crena\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\crena\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\crena\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\crena\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\crena\Desktop\HD Tune.lnk - C:\Program Files (x86)\HD Tune\HDTune.exe C:\Users\crena\Desktop\MSI Afterburner.lnk - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe C:\Users\crena\Desktop\Photoshop - Atalho.lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe C:\Users\crena\Desktop\WhatsApp.lnk - C:\Users\crena\AppData\Local\WhatsApp\Update.exe --processStart WhatsApp.exe C:\Users\crena\Desktop\Windows 7 USB DVD Download Tool.lnk - C:\Users\crena\AppData\Local\Apps\Windows 7 USB DVD Download Tool\Windows7-USB-DVD-Download-Tool.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\##IDS_SHORTCUT_DISPLAY_NAME2##.lnk - C:\Program Files (x86)\X7 Oscar Keyboard Editor\OscarEditor.exe C:\Users\Public\Desktop\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe C:\Users\Public\Desktop\Ashampoo Burning Studio 2013.lnk - C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2013\burningstudio2013.exe C:\Users\Public\Desktop\Battlefield 3.lnk - D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe C:\Users\Public\Desktop\Battlefield 4.lnk - D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\Corel CAPTURE X7 (64-Bit).lnk - c:\Windows\Installer\{2C91CB9D-323D-43E5-A433-229B71CFB773}\NewShortcut8_65BCA6E0337A452DA55C0654EAAD7A0B.exe C:\Users\Public\Desktop\Corel PHOTO-PAINT X7 (64-Bit).lnk - c:\Windows\Installer\{C922F325-DD52-4E22-B204-431A06E63E51}\NewShortcut2_EBB51BFEE10948A888CB7ADF96E8EC80.exe C:\Users\Public\Desktop\CorelDRAW X7 (64-Bit).lnk - c:\Windows\Installer\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}\NewShortcut1_68427AB8B2C044C58AA777A4C3F75634.exe C:\Users\Public\Desktop\Dragon Eye.lnk - C:\Program Files\MSI\DragonEye\DragonEye.exe C:\Users\Public\Desktop\Epson Easy Photo Print.lnk - C:\Program Files (x86)\EPSON Software\Easy Photo Print\EPQuicker.exe C:\Users\Public\Desktop\EPSON Scan.lnk - C:\Windows\twain_32\escndv\escndv.exe C:\Users\Public\Desktop\EssentialPIM.lnk - D:\EssentialPIM\EssentialPIM.exe C:\Users\Public\Desktop\Foxit Reader.lnk - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe C:\Users\Public\Desktop\FreeFileSync.lnk - C:\Program Files\FreeFileSync\FreeFileSync.exe C:\Users\Public\Desktop\Logitech Webcam Software .lnk - C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Users\Public\Desktop\MSI Gaming APP.lnk - C:\Program Files (x86)\MSI\Gaming APP\SGamingApp.exe C:\Users\Public\Desktop\Opti Drive Control.lnk - C:\Program Files (x86)\Opti Drive Control\OptiDriveControl.exe C:\Users\Public\Desktop\Origin.lnk - D:\Origin\Origin.exe C:\Users\Public\Desktop\Raptr.lnk - C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe C:\Users\Public\Desktop\RealTimeSync.lnk - C:\Program Files\FreeFileSync\RealTimeSync.exe C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe C:\Users\Public\Desktop\Steam.lnk - D:\Steam\Steam.exe C:\Users\Public\Desktop\TeamViewer 11.lnk - C:\Program Files (x86)\TeamViewer\TeamViewer.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe C:\Users\Public\Desktop\VMware Player.lnk - C:\Program Files (x86)\VMware\VMware Player\vmplayer.exe ==== shortcuts in Users Start Menu ====================== C:\Users\crena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\MSI Afterburner.lnk - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe C:\Users\crena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\ReadMe.lnk - C:\Program Files (x86)\MSI Afterburner\Doc\ReadMe.pdf C:\Users\crena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\Uninstall.lnk - C:\Program Files (x86)\MSI Afterburner\Uninstall.exe C:\Users\crena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner localization reference.lnk - C:\Program Files (x86)\MSI Afterburner\SDK\Doc\Localization reference.pdf C:\Users\crena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner skin format reference.lnk - C:\Program Files (x86)\MSI Afterburner\SDK\Doc\USF skin format reference.pdf C:\Users\crena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\Samples.lnk - C:\Program Files (x86)\MSI Afterburner\SDK\Samples C:\Users\crena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\ReadMe.lnk - C:\Program Files (x86)\RivaTuner Statistics Server\Doc\ReadMe.pdf C:\Users\crena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\RivaTuner Statistics Server.lnk - C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe C:\Users\crena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\Uninstall.lnk - C:\Program Files (x86)\RivaTuner Statistics Server\Uninstall.exe C:\Users\crena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\RivaTuner Statistics Server localization reference.lnk - C:\Program Files (x86)\RivaTuner Statistics Server\SDK\Doc\Localization reference.pdf C:\Users\crena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\RivaTuner Statistics Server skin format reference.lnk - C:\Program Files (x86)\RivaTuner Statistics Server\SDK\Doc\USF skin format reference.pdf C:\Users\crena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\Samples.lnk - C:\Program Files (x86)\RivaTuner Statistics Server\SDK\Samples C:\Users\crena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp\WhatsApp.lnk - C:\Users\crena\AppData\Local\WhatsApp\Update.exe --processStart WhatsApp.exe C:\Users\crena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool\Uninstall Windows 7 USB DVD Download Tool.lnk - C:\Windows\System32\msiexec.exe /x {CCF298AF-9CE1-4B26-B251-486E98A34789} C:\Users\crena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool\Windows 7 USB DVD Download Tool.lnk - C:\Users\crena\AppData\Local\Apps\Windows 7 USB DVD Download Tool\Windows7-USB-DVD-Download-Tool.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync.lnk - C:\Program Files\FreeFileSync\FreeFileSync.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealTimeSync.lnk - C:\Program Files\FreeFileSync\RealTimeSync.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved\AMD Gaming Evolved.lnk - C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings\AMD Radeon Settings.lnk - C:\Program Files (x86)\AMD\CNext\CNext\RadeonSettings.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Uninstall Tool.lnk - C:\Program Files (x86)\Common Files\Autodesk Shared\Uninstall Tool\R1\UninstallTool.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\EPSON Software Updater.lnk - C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE /ST C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET NOD32 antivírus\ESET NOD32 antivírus.lnk - C:\Program Files (x86)\ESET\ESET NOD32 antivírus\egui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET\ESET NOD32 antivírus\ESET SysInspector.lnk - C:\Program Files (x86)\ESET\ESET NOD32 antivírus\SysInspector.exe /blank C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit\Malwarebytes Anti-Exploit.lnk - C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit\Uninstall Malwarebytes Anti-Exploit.lnk - C:\Program Files (x86)\Malwarebytes Anti-Exploit\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Skype for Business 2015.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Ferramentas do Office 2013\Gerenciador de Gravação do Lync.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\DragonEye\Desinstalar DragonEye.lnk - C:\Program Files (x86)\MSI\DragonEye\unins001.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\DragonEye\DragonEye.lnk - C:\Program Files\MSI\DragonEye\DragonEye.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\Gaming APP\Desinstalar Gaming APP.lnk - C:\Program Files (x86)\MSI\Gaming APP\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\Gaming APP\Gaming APP.lnk - C:\Program Files (x86)\MSI\Gaming APP\SGamingApp.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI\MSI OC Kit\Desinstalar MSI OC Kit.lnk - C:\Program Files (x86)\MSI\MSI OC Kit\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opti Drive Control\Opti Drive Control manual.lnk - C:\Program Files (x86)\Opti Drive Control\OptiDriveControl.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opti Drive Control\Opti Drive Control.lnk - C:\Program Files (x86)\Opti Drive Control\OptiDriveControl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opti Drive Control\Uninstall Opti Drive Control.lnk - C:\Program Files (x86)\Opti Drive Control\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Desinstalar Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro Help.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\Revo Uninstaller Pro Help.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro\Revo Uninstaller Pro.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe ==== shortcuts in Quick Launch ====================== C:\Users\crena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe C:\Users\crena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\crena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\crena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\crena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\crena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\crena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\crena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\crena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\497E0F4B5F11179458CED6F7E2D4CA86 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B4F0E794-11F5-4971-85EC-6D7F2E4DAC68} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\497E0F4B5F11179458CED6F7E2D4CA86 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\crena\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\crena\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\crena\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\crena\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Users\defaultuser0\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\crena\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=684 folders=143 345415878 bytes) ==== Empty Temp Folders ====================== C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\crena\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on 01/12/2016 at 21:00:12,42 ======================
  8. Analise de log

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.9 (09.30.2016) Operating System: Windows 10 Pro x64 Ran by crena (Administrator) on 01/12/2016 at 19:54:44,70 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 01/12/2016 at 19:56:12,75 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v6.030 - Relatório criado 01/12/2016 às 19:35:06 # *Updated on 19/10/2016 by Malwarebytes # Banco de dados : 2016-12-01.1 [Servidor] # Sistema operacional : Windows 10 Pro (X64) # Usuário : crena - DESKTOP-MG4CSHU # Executando de : D:\Downloads\AdwCleaner.exe # Limpar # Apoio : hxxps://www.malwarebytes.com/support ***** [ Serviços ] ***** ***** [ Pastas ] ***** ***** [ Arquivos ] ***** ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Atalhos ] ***** ***** [ Tarefas agendadas ] ***** ***** [ Registro ] ***** ***** [ Verificando navegadores ... ] ***** [-] [C:\Users\crena\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Excluídobr.ask.com [-] [C:\Users\crena\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Excluídocorreios.com.br ************************* :: Chaves "Tracing" excluídas :: Configurações Winsock restauradas ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [1258 *Bytes] - [26/11/2016 12:46:44] C:\AdwCleaner\AdwCleaner[C2].txt - [1394 *Bytes] - [30/11/2016 14:27:56] C:\AdwCleaner\AdwCleaner[C3].txt - [1616 *Bytes] - [30/11/2016 15:01:32] C:\AdwCleaner\AdwCleaner[C4].txt - [1718 *Bytes] - [30/11/2016 15:15:54] C:\AdwCleaner\AdwCleaner[C5].txt - [1314 *Bytes] - [01/12/2016 19:35:06] C:\AdwCleaner\AdwCleaner[S0].txt - [1333 *Bytes] - [26/11/2016 12:46:31] C:\AdwCleaner\AdwCleaner[S1].txt - [1469 *Bytes] - [30/11/2016 14:27:37] C:\AdwCleaner\AdwCleaner[S2].txt - [1431 *Bytes] - [30/11/2016 14:33:00] C:\AdwCleaner\AdwCleaner[S3].txt - [1691 *Bytes] - [30/11/2016 15:01:19] C:\AdwCleaner\AdwCleaner[S4].txt - [1839 *Bytes] - [30/11/2016 15:08:56] C:\AdwCleaner\AdwCleaner[S5].txt - [1800 *Bytes] - [30/11/2016 15:15:39] C:\AdwCleaner\AdwCleaner[S6].txt - [2061 *Bytes] - [30/11/2016 15:23:17] C:\AdwCleaner\AdwCleaner[S7].txt - [2135 *Bytes] - [01/12/2016 19:34:20] ########## EOF - C:\AdwCleaner\AdwCleaner[C5].txt - [1980 *Bytes] ##########
  9. Analise de log

    Malwarebytes Anti-Malware www.malwarebytes.org Data da verificação: 01/12/2016 Hora da verificação: 15:12 Arquivo de registro: log.txt Administrador: Sim Versão: 2.2.1.1043 Banco de dados de malware: v2016.12.01.11 Banco de dados de rootkit: v2016.11.20.01 Licença: Gratuita Proteção contra malware: Desabilitado Proteção contra website malicioso: Desabilitado Autoproteção: Desabilitado Sistema operacional: Windows 10 CPU: x64 Sistema de arquivos: NTFS Usuário: crena Tipo de verificação: Verificação da ameaça Resultado: Concluído Objetos verificados: 335909 Tempo decorrido: 32 min, 39 seg Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Habilitado PUM: Habilitado Processos: 0 (Nenhum item malicioso detectado) Módulos: 0 (Nenhum item malicioso detectado) Chaves de registro: 0 (Nenhum item malicioso detectado) Valores de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Pastas: 0 (Nenhum item malicioso detectado) Arquivos: 0 (Nenhum item malicioso detectado) Setores físicos: 0 (Nenhum item malicioso detectado) (end)
  10. Analise de log

    então, ele não achou nada e não gerou log, só cliquei em terminar e fechou
  11. Analise de log

    Mr, como já imaginei que você pediria esse log assim que postei já deixei fazendo ele acabou mais não achou nada.
  12. Analise de log

    Nas minhas pesquisas pela net me deparei com um site onde apenas mandava clicar para fecha a pagina porém não fechava, até aparecer uma voz em inglês a cada tentativa de fechar o site, agora quando abro o navegador entra uma pagina de busca "search" e uma outra oferecendo para baixar coisas para o PC, segue o log. Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 14:38:14, on 01/12/2016 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.14393.0000) FIREFOX: 50.0 (x86 pt-BR) Boot mode: Normal Running processes: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avpui.exe C:\Users\crena\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\XonarSwitch.exe C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe D:\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&PC=UE01&ocid=UE01DHP R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit= O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe O4 - HKCU\..\Run: [OneDrive] "C:\Users\crena\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [XonarSwitch] C:\Program Files (x86)\XonarSwitch.exe O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe O23 - Service: Serviço do Kaspersky Anti-Virus 17.0.0 (AVP17.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\avp.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe O23 - Service: GamingHotkey_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: klvssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 17.0.0\x64\vssbridge64.exe O23 - Service: Serviço do Kaspersky Secure Connection 1.0.0 (KSDE1.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe O23 - Service: Logitech Gaming Registry Service (LogiRegistryService) - Logitech Inc. - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe O23 - Service: Malwarebytes Anti-Exploit Service (MbaeSvc) - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MSI_ActiveX_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - D:\Origin\OriginClientService.exe O23 - Service: Origin Web Helper Service - Electronic Arts - D:\Origin\OriginWebHelperService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\SysWoW64\vmnetdhcp.exe O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\SysWoW64\vmnat.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11947 bytes
  13. Problema ai tentar baixar imagem .iso

    Passando para deixar a contribuição para quem tiver o mesmo problema, no meu caso se resolveu com as dicas abaixo Certifique-se de fazer com que seu sistema passe a exibir pastas ocultas, abra o Windows Explorer e, na caixa de diálogos, cole o endereço C:\$Windows.~BT Delete todos os arquivos possíveis – alguns deles não poderão ser excluídos devido a restrições de permissão; tente, ainda assim, apagar o máximo de pastas Acesse o endereço C:\Windows\SoftwareDistribution\Download e repita a operação descrita acima; exclua todos os dados possíveis
  14. Problema ai tentar baixar imagem .iso

    baixo a ferramenta do site da MS "media creation tool", escolho o sistema, linguagem, e plataforma, depois vem a escolha pendrive ou imagem iso, apos a escolha ele chega a fazer o download porém ao final quando vai verificar coloca a mensagem "limite de repetição de reparo por bloco excedido. arquivo corrompido" , a imagem que quero é Windows 8.1, estou sob o Windows 10, do Windows 7 eu consegui normal, alguém tem alguma ideia ?
  15. Instalação por USB como evitar reinicio ?

    Instalação por USB como evitar reinicio ? Olá, noto que por vezes ao instalar o Windows por USB pendrive apos a copia dos arquivos no primeiro boot se repete o passo anterior novamente, no CD isso não acontece pois ele pergunta se deseja apertar uma tecla para iniciar, no pendrive porém ele vai direto, como evitar isso ? eu acabo tirando e recolocando o pendrive mais não sei se é o mais certo a fazer.
×