Ir para conteúdo

BABOO e KTS 2018 no YouTube Loja online do BABOO

fabianomarchetti

Participante
  • Postagens

    7
  • Desde

  • Última visita

Perfil

  • Escolaridade
    Superior completo
  • Área Profissional
    TI / Informática
  • Estado
    São Paulo
  • Sexo
    masculino
  1. Pedido de análise de log.

    Quando o ZHP Cleaner estava fazendo a varredura no sistema, apareceu por 2x uma tela com mensagem perguntando "você instalou este server?" eu cliquei em Não, nas duas telas. Fiquei com medo, acabei não pegando o IP para postar aqui. O que será que pode ser isso?
  2. Pedido de análise de log.

    oi amigo Xerlouco, segui todos procedimentos que você me indicou. Segue o log do ZHP Cleaner. ____________________________ ~ ZHPCleaner v2017.9.18.163 by Nicolas Coolman (2017/09/18) ~ Run by Convidado (Administrator) (18/09/2017 14:42:12) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Reparo ~ Report : C:\Users\Convidado\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Convidado\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) ---\\ Serviços (0) ~ Nenhum ítem malicioso o desnecessários foi encontrado. ---\\ Navegadores de Internet (0) ~ Nenhum ítem malicioso o desnecessários foi encontrado. ---\\ Arquivo hosts (1) ~ O arquivo hosts é legítimo (21) ---\\ Tarefas automáticas agendadas. (1) SUPRIMIDO tarefas: [AutoKMS] [C:\Windows\Tasks\AutoKMS.job (Not File) ] =>HackTool.AutoKMS ---\\ Explorer ( Arquivos, Pastas) (6) MOVIDO pasta: C:\Windows\Tasks\AutoKMS.job =>HackTool.AutoKMS MOVIDO arquivo*: C:\Program Files\Sound+ =>Adware.Kazy MOVIDO arquivo*: C:\Windows\AutoKMS =>HackTool.AutoKMS MOVIDO arquivo*: C:\Windows\System32\config\systemprofile\AppData\Roaming\{90140011-0066-0416-0000-0000000FF1CE} =>Heuristic.Suspect MOVIDO arquivo*: C:\Users\Fabua\AppData\Roaming\Store =>.SUP.Nosibay MOVIDO arquivo*: C:\Users\Fabua\AppData\LocalLow\Delta =>.SUP.DeltaSearch ---\\ Registro ( Chaves, Valores, Dados ) (86) SUPRIMIDO dados: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{93FF22E1-3479-4C3B-9920-38B63AA6C740}\\DhcpNameServer [Bad : 201.55.232.96 201.55.232.41] =>Hijacker.Browser SUPRIMIDO dados: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 201.55.232.96 201.55.232.41] =>Hijacker.Browser SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\1916A2AF346D399F50313C393200F14140456616 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\2A83E9020591A55FC6DDAD3FB102794C52B24E70 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\2B84BFBB34EE2EF949FE1CBE30AA026416EB2216 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\3A850044D8A195CD401A680C012CB0A3B5F8DC08 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\40AA38731BD189F9CDB5B9DC35E2136F38777AF4 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\43D9BCB568E039D073A74A71D8511F7476089CC3 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\471C949A8143DB5AD5CDF1C972864A2504FA23C9 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\61793FCBFA4F9008309BBA5FF12D2CB29CD4151A [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\63FEAE960BAA91E343CE2BD8B71798C76BDB77D0 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\6431723036FD26DEA502792FA595922493030F97 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\80962AE4D6C5B442894E95A13E4A699E07D694CF [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\86E817C81A5CA672FE000F36F878C19518D6F844 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\8E5BD50D6AE686D65252F843A9D4B96D197730AB [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\9845A431D51959CAF225322B4A4FE9F223CE6D15 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\B533345D06F64516403C00DA03187D3BFEF59156 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\B86E791620F759F17B8D25E38CA8BE32E7D5EAC2 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\C060ED44CBD881BD0EF86C0BA287DDCF8167478C [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\CEA586B2CE593EC7D939898337C57814708AB2BE [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\D018B62DC518907247DF50925BB09ACF4A5CB3AD [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\F8A54E03AADC5692B850496A4C4630FFEAA29D83 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\Disallowed\Certificates\FA6660A94AB45F6A88C0D7874D89A863D74DEE97 [Avast Software] =>PUM.Misplaced.Certificate SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\SpeedUpMyPC [URL:SpeedUpMyPC Protocol] =>.SUP.SpeedUpMyPC SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\Prod.cap [] =>PUP.Optional.ClaroSearch SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\driverscanner [] =>PUP.Optional.DriverScanner SUPRIMIDO chave*: [X64] HKLM\Software\Classes\Installer\Products\436DABD223008E24A8404BFC5C60E20B [Iminent] =>PUP.Optional.IMBooster SUPRIMIDO chave*: HKLM\SYSTEM\CurrentControlSet\Services\IObitUnlocker [] =>.SUP.Elex SUPRIMIDO chave*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update WiseEnhance [] =>PUP.Optional.WiseEnhance SUPRIMIDO chave*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util WiseEnhance [] =>PUP.Optional.WiseEnhance SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\soundplus-installer_RASAPI32 [] =>Adware.Kazy SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Tracing\soundplus-installer_RASMANCS [] =>Adware.Kazy SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F71371A90E93D605C8B0A71F163F625C [] =>PUP.Optional.Generic SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Babylon [] =>Adware.Babylon SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\V9Software [] =>PUP.Optional.V9Software SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} [IStatedContract] =>PUP.Optional.IMBooster SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} [_LogoutCommand] =>PUP.Optional.IMBooster SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} [_LoginCommand] =>PUP.Optional.IMBooster SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36} [IBrowserHelperObject] =>PUP.Optional.IMBooster SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113} [IScriptExtender] =>PUP.Optional.IMBooster SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} [_LightUri] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} [_PlayContentCommand] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} [_VariableChangedCallback] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} [ITinyfyingArgs] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} [_AddToUserContentCommand] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} [IServerResult] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} [_TinyUrlArgs] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} [_RawDataArgs] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} [_ShowPluginWindowCommand] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} [_LightContent] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} [_WarmUpCommand] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} [_CheckLoginStatusCommand] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} [_WelcomeCommand] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} [_ShowBrowserWindowCommand] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} [IMediatorClient] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} [_ShowControlCenterCommand] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} [IServerCommand] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} [ICoordCommand] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} [_GetVariableResult] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} [_GetLoginStatusResult] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} [_DownloadArgs] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} [_GameOverCallback] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} [IMediatorServiceProxy] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} [_InstallationContextResult] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} [IContractBase] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} [_CleanCacheCommand] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} [_GetInstallationContextCommand] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} [_LoginStatusChangedCallback] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} [_MergeIdentityCommand] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} [_SetVariableCommand] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} [_MyAccountCommand] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} [IHWndContract] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} [_PostContentCallback] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} [_RecycleViewsCommand] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} [_UserContentChangedCallback] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} [_GetCreditCommand] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} [_LinkToPromoteArgs] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} [_LoadContentCommandResult] =>PUP.Optional.RewardsArcade SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} [_ViralLinkArgs] =>PUP.Optional.RewardsArcade ---\\ Resumo dos elementos encontrados na sua estação de trabalho (18) https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS https://www.anti-malware.top/2016/08/09/adware-kazy/ =>Adware.Kazy https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect https://www.anti-malware.top/2016/05/03/superfluous-nosibay/ =>.SUP.Nosibay https://www.nicolascoolman.com/fr/toolbar-deltasearch/ =>.SUP.DeltaSearch https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser https://nicolascoolman.eu/2017/06/26/trojan-certlock/ =>PUM.Misplaced.Certificate https://www.anti-malware.top/2016/08/15/speedupmypc/ =>.SUP.SpeedUpMyPC https://www.nicolascoolman.com/fr/pup-clarosearch/ =>PUP.Optional.ClaroSearch https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.DriverScanner https://nicolascoolman.eu/2017/09/08/adware-imbooster/ =>PUP.Optional.IMBooster https://nicolascoolman.eu/2017/03/28/superfluous-elex/ =>.SUP.Elex https://www.nicolascoolman.com/fr/pup-wiseenhance/ =>PUP.Optional.WiseEnhance https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Generic https://nicolascoolman.eu/2017/03/03/adware-babylon/ =>Adware.Babylon https://www.nicolascoolman.com/fr/pup-v9software/ =>PUP.Optional.V9Software https://www.nicolascoolman.com/fr/pup-rewardsarcade/ =>PUP.Optional.RewardsArcade ---\\ Dodatkowe oczyszczenie. (56) ~ Chave de registro Tracing Supprimido (56) ~ Remover os relatórios antigos ZHPCleaner. (0) ---\\ Resultado de reparação Reparação efectuada com sucesso ~ Este navegador está faltando ! (Mozilla Firefox) ~ Este navegador está faltando ! (Opera Software) ---\\ Estatísticas ~ Items scan : 824 ~ Items encontrado : 0 ~ items cancelados : 0 ~ Items réparo : 93 ~ End of clean in 00h02mn02s ~==================== ZHPCleaner-[R]-18092017-14_44_14.txt ZHPCleaner--18092017-14_39_50.txt
  3. Pedido de análise de log.

    C:\Program Files (x86)\Attuenttihole\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi JS/Mindspark.D potentially unwanted application cleaned by deleting C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application cleaned by deleting C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application cleaned by deleting C:\Users\Convidado\Documents\programas baixados\Baixaki_free-easy-slideshow-maker.exe a variant of Win32/InstallCore.AVP potentially unwanted application cleaned by deleting C:\Users\Fabua\Documents\programas baixados\analizador de espectro\Baixaki_cd-spectrum-pro.exe a variant of Win32/InstallCore.AMD potentially unwanted application cleaned by deleting C:\Users\Fabua\Documents\programas baixados\ccleanner\ccsetup528.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting C:\Users\Fabua\Documents\programas baixados\hypercam\Baixaki_hypercam.exe a variant of Win32/InstallCore.AKX potentially unwanted application cleaned by deleting C:\Users\Fabua\Documents\programas baixados\medidor de consumo internet\Baixaki_networx.exe a variant of Win32/InstallCore.AQK potentially unwanted application cleaned by deleting C:\Users\Fabua\Documents\programas baixados\paint net\paint-net-3511497723443-32-bits.exe a variant of Win32/InstallCore.PF potentially unwanted application cleaned by deleting C:\Users\Fabua\Documents\programas baixados\pgm HijackThis 2.0.5\backups\backup-20120805-165034-663.dll a variant of Win32/Toolbar.Softomate.A potentially unwanted application cleaned by deleting C:\Users\Fabua\Documents\programas baixados\pgm power converter mp3\PowerConvertor.EXE a variant of Win32/Complitly.A potentially unwanted application cleaned by deleting C:\Users\Fabua\Documents\programas baixados\real alternative player RMVB\real-alternative-202-superdownloads-32-bits.exe a variant of Win32/InstallCore.AW potentially unwanted application cleaned by deleting C:\Users\Fabua\Downloads\Songr-2-Portable.zip a variant of MSIL/Xamasoft.A potentially unwanted application deleted C:\Users\Fabua\Downloads\Songr\Songr.Core.dll a variant of MSIL/Xamasoft.A potentially unwanted application cleaned by deleting
  4. Pedido de análise de log.

    Malwarebytes Anti-Malware www.malwarebytes.org Data da verificação: 14/09/2017 Hora da verificação: 23:46 Arquivo de registro: log malwarebytes.txt Administrador: Sim Versão: 2.2.1.1043 Banco de dados de malware: v2017.09.15.01 Banco de dados de rootkit: v2017.09.13.01 Licença: Gratuita Proteção contra malware: Desabilitado Proteção contra website malicioso: Desabilitado Autoproteção: Desabilitado Sistema operacional: Windows 7 Service Pack 1 CPU: x64 Sistema de arquivos: NTFS Usuário: Convidado Tipo de verificação: Verificação da ameaça Resultado: Concluído Objetos verificados: 335847 Tempo decorrido: 42 min, 20 seg Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Habilitado PUM: Habilitado Processos: 0 (Nenhum item malicioso detectado) Módulos: 0 (Nenhum item malicioso detectado) Chaves de registro: 0 (Nenhum item malicioso detectado) Valores de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Pastas: 0 (Nenhum item malicioso detectado) Arquivos: 1 Adware.Wajam, C:\Windows\9b3141894d51cf986fc52a45b9d536f5.exe, , [8924793b347577bf855e014d0ef250b0], Setores físicos: 0 (Nenhum item malicioso detectado) (end)
  5. Pedido de análise de log.

    Farbar Service Scanner Version: 27-01-2016 Ran by Convidado (administrator) on 14-09-2017 at 15:53:30 Running from "C:\Users\Convidado\Documents\programas baixados\far bar service scanner" Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Policy: ======================== Action Center: ============ wscsvc Service is not running. Checking service configuration: The start type of wscsvc service is set to Disabled. The default start type is Auto. The ImagePath of wscsvc service is OK. The ServiceDll of wscsvc service is OK. Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is set to Demand. The default start type is Auto. The ImagePath of WinDefend service is OK. The ServiceDll of WinDefend service is OK. Windows Defender Disabled Policy: ========================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1 Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => File is digitally signed C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed C:\Windows\System32\dhcpcore.dll => File is digitally signed C:\Windows\System32\drivers\afd.sys => File is digitally signed C:\Windows\System32\drivers\tdx.sys => File is digitally signed C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed C:\Windows\System32\dnsrslvr.dll => File is digitally signed C:\Windows\System32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\System32\mpssvc.dll => File is digitally signed C:\Windows\System32\bfe.dll => File is digitally signed C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed C:\Windows\System32\SDRSVC.dll => File is digitally signed C:\Windows\System32\vssvc.exe => File is digitally signed C:\Windows\System32\wscsvc.dll => File is digitally signed C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed C:\Windows\System32\wuaueng.dll => File is digitally signed C:\Windows\System32\qmgr.dll => File is digitally signed C:\Windows\System32\es.dll => File is digitally signed C:\Windows\System32\cryptsvc.dll => File is digitally signed C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed **** End of log **** Para o amigo sr. Xerlouco, e quem puder me ajudar, agradeço pela atenção. Sucesso para todos.
  6. Pedido de análise de log.

    Oi amigo Xerlouco, segue o log do software MbrScan MBRScan v1.1.1 OS : Windows 7 Service Pack 1 (64 bit) PROCESSOR : Intel64 Family 6 Model 58 Stepping 9, GenuineIntel BOOT : Normal Boot DATE : 2017/09/14 (ISO 8601) at 15:42:42 ________________________________________________________________________________ DISK : Device\Harddisk0\DR0 __ST1000LM 024 HN-M101M (2AR2) BUS_TYPE : (0x03) P-ATA USE_PIO : NO MAX_TRANSFER : 128 Kb ALIGNMENT_MASK : word aligned ________________________________________________________________________________ DISK : Device\Harddisk1\DR1 __SanDisk Cruzer Fit (1.27) BUS_TYPE : (0x07) USB USE_PIO : NO MAX_TRANSFER : 64 Kb ALIGNMENT_MASK : byte aligned ________________________________________________________________________________ Device\Harddisk0\DR0 931.5 Go [Fixed] ==> Vista MBR Code . MBR_MD5 : 4B8DAC50DE0CDB7FB16FD898408E6F4E MBR_SHA1 : 293EB6B731B15540F5DC343A86000AD7780C3EB4 Device\Harddisk0\Partition1 39.19 Mo 0xDE Dell Utility Device\Harddisk0\Partition2 13.81 Go 0x07 NTFS / HPFS __ BOOTABLE __ Device\Harddisk0\Partition3 917.7 Go 0x07 NTFS / HPFS ________________________________________________________________________________ Device\Harddisk1\DR1 7.45 Go [Removable] ==> Unknown MBR Code MBR_MD5 : B2129E8ED5E6CE20210ED370DCA1A7D4 MBR_SHA1 : A008C21DF0D184865F6410A423787B3817E6DCFC Device\Harddisk1\Partition1 7.45 Go 0x07 NTFS / HPFS ________________________________________________________________________________ ############################### Additional scan ################################ DRIVER : C:\Windows\system32\hal.dll => Invisible on the disk ADDRESS : 0x03802000 SIZE : 292.0 Ko DRIVER : C:\Windows\system32\kdcom.dll => Invisible on the disk ADDRESS : 0x00BBA000 SIZE : 40.0 Ko DRIVER : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk ADDRESS : 0x00C33000 SIZE : 504.0 Ko DRIVER : C:\Windows\system32\CLFS.SYS => Invisible on the disk ADDRESS : 0x00CC5000 SIZE : 380.0 Ko DRIVER : C:\Windows\system32\CI.dll => Invisible on the disk ADDRESS : 0x00D24000 SIZE : 468.0 Ko DRIVER : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk ADDRESS : 0x00EF7000 SIZE : 776.0 Ko DRIVER : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk ADDRESS : 0x00FB9000 SIZE : 64.0 Ko DRIVER : C:\Windows\system32\drivers\ACPI.sys => Invisible on the disk ADDRESS : 0x00E00000 SIZE : 348.0 Ko DRIVER : C:\Windows\system32\drivers\WMILIB.SYS => Invisible on the disk ADDRESS : 0x00E57000 SIZE : 36.0 Ko DRIVER : C:\Windows\system32\drivers\msisadrv.sys => Invisible on the disk ADDRESS : 0x00E60000 SIZE : 40.0 Ko DRIVER : C:\Windows\system32\drivers\pci.sys => Invisible on the disk ADDRESS : 0x00E6A000 SIZE : 204.0 Ko DRIVER : C:\Windows\system32\drivers\vdrvroot.sys => Invisible on the disk ADDRESS : 0x00E9D000 SIZE : 52.0 Ko DRIVER : C:\Windows\system32\drivers\iusb3hcs.sys => Invisible on the disk ADDRESS : 0x00EAA000 SIZE : 36.0 Ko DRIVER : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk ADDRESS : 0x00EB3000 SIZE : 84.0 Ko DRIVER : C:\Windows\system32\DRIVERS\compbatt.sys => Invisible on the disk ADDRESS : 0x00EC8000 SIZE : 36.0 Ko DRIVER : C:\Windows\system32\DRIVERS\BATTC.SYS => Invisible on the disk ADDRESS : 0x00ED1000 SIZE : 48.0 Ko DRIVER : C:\Windows\system32\drivers\volmgr.sys => Invisible on the disk ADDRESS : 0x00EDD000 SIZE : 84.0 Ko DRIVER : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk ADDRESS : 0x00D99000 SIZE : 368.0 Ko DRIVER : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk ADDRESS : 0x00FC9000 SIZE : 104.0 Ko DRIVER : C:\Windows\system32\drivers\iaStor.sys => Invisible on the disk ADDRESS : 0x01026000 SIZE : 3.64 Mo DRIVER : C:\Windows\system32\drivers\amdxata.sys => Invisible on the disk ADDRESS : 0x013CA000 SIZE : 44.0 Ko DRIVER : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk ADDRESS : 0x01414000 SIZE : 304.0 Ko DRIVER : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk ADDRESS : 0x01460000 SIZE : 80.0 Ko DRIVER : C:\Windows\system32\DRIVERS\MpFilter.sys => Invisible on the disk ADDRESS : 0x01474000 SIZE : 288.0 Ko DRIVER : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk ADDRESS : 0x0160A000 SIZE : 1.65 Mo DRIVER : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk ADDRESS : 0x014BC000 SIZE : 376.0 Ko DRIVER : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk ADDRESS : 0x017B1000 SIZE : 108.0 Ko DRIVER : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk ADDRESS : 0x0151A000 SIZE : 468.0 Ko DRIVER : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk ADDRESS : 0x017CC000 SIZE : 68.0 Ko DRIVER : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk ADDRESS : 0x017DD000 SIZE : 40.0 Ko DRIVER : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk ADDRESS : 0x018F5000 SIZE : 972.0 Ko DRIVER : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk ADDRESS : 0x01800000 SIZE : 388.0 Ko DRIVER : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk ADDRESS : 0x01861000 SIZE : 172.0 Ko DRIVER : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk ADDRESS : 0x01A02000 SIZE : 1.98 Mo DRIVER : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk ADDRESS : 0x0188C000 SIZE : 292.0 Ko DRIVER : C:\Windows\system32\drivers\volsnap.sys => Invisible on the disk ADDRESS : 0x0158F000 SIZE : 304.0 Ko DRIVER : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk ADDRESS : 0x018D5000 SIZE : 32.0 Ko DRIVER : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk ADDRESS : 0x01CAA000 SIZE : 232.0 Ko DRIVER : C:\Windows\System32\Drivers\RapportKE64.sys => Invisible on the disk ADDRESS : 0x01CE4000 SIZE : 464.0 Ko DRIVER : C:\Windows\System32\Drivers\RapportHades64.sys => Invisible on the disk ADDRESS : 0x01D58000 SIZE : 216.0 Ko DRIVER : C:\Windows\system32\DRIVERS\nvpciflt.sys => Invisible on the disk ADDRESS : 0x01D8E000 SIZE : 44.0 Ko DRIVER : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk ADDRESS : 0x01D99000 SIZE : 72.0 Ko DRIVER : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk ADDRESS : 0x01DAB000 SIZE : 36.0 Ko DRIVER : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk ADDRESS : 0x01DB4000 SIZE : 232.0 Ko DRIVER : C:\Windows\system32\drivers\disk.sys => Invisible on the disk ADDRESS : 0x01C00000 SIZE : 84.0 Ko DRIVER : C:\Windows\system32\drivers\CLASSPNP.SYS => Invisible on the disk ADDRESS : 0x01C15000 SIZE : 192.0 Ko DRIVER : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the disk ADDRESS : 0x04600000 SIZE : 168.0 Ko DRIVER : C:\Windows\System32\drivers\Bfilter.sys => Invisible on the disk ADDRESS : 0x049E8000 SIZE : 64.0 Ko DRIVER : C:\Windows\System32\drivers\Bfmon.sys => Invisible on the disk ADDRESS : 0x01C53000 SIZE : 44.0 Ko DRIVER : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk ADDRESS : 0x031C2000 SIZE : 36.0 Ko DRIVER : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk ADDRESS : 0x031CB000 SIZE : 28.0 Ko DRIVER : C:\Windows\System32\drivers\Bprotect.sys => Invisible on the disk ADDRESS : 0x031D2000 SIZE : 120.0 Ko DRIVER : C:\Windows\System32\drivers\vga.sys => Invisible on the disk ADDRESS : 0x031F0000 SIZE : 56.0 Ko DRIVER : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk ADDRESS : 0x01C5E000 SIZE : 148.0 Ko DRIVER : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk ADDRESS : 0x01C83000 SIZE : 64.0 Ko DRIVER : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk ADDRESS : 0x01C93000 SIZE : 36.0 Ko DRIVER : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk ADDRESS : 0x01C9C000 SIZE : 36.0 Ko DRIVER : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk ADDRESS : 0x01DEE000 SIZE : 36.0 Ko DRIVER : C:\Windows\system32\drivers\wsddfac.sys => Invisible on the disk ADDRESS : 0x018DD000 SIZE : 48.0 Ko DRIVER : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk ADDRESS : 0x018E9000 SIZE : 44.0 Ko DRIVER : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk ADDRESS : 0x019E8000 SIZE : 68.0 Ko DRIVER : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk ADDRESS : 0x015DB000 SIZE : 136.0 Ko DRIVER : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk ADDRESS : 0x017E7000 SIZE : 52.0 Ko DRIVER : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk ADDRESS : 0x04E8B000 SIZE : 276.0 Ko DRIVER : C:\Windows\system32\drivers\afd.sys => Invisible on the disk ADDRESS : 0x04ED0000 SIZE : 548.0 Ko DRIVER : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk ADDRESS : 0x04F59000 SIZE : 36.0 Ko DRIVER : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk ADDRESS : 0x04F62000 SIZE : 152.0 Ko DRIVER : C:\Windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk ADDRESS : 0x04F88000 SIZE : 88.0 Ko DRIVER : C:\Windows\system32\DRIVERS\wsddntf.sys => Invisible on the disk ADDRESS : 0x04F9E000 SIZE : 48.0 Ko DRIVER : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk ADDRESS : 0x04FAA000 SIZE : 60.0 Ko DRIVER : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk ADDRESS : 0x04FC2000 SIZE : 108.0 Ko DRIVER : C:\Windows\system32\DRIVERS\termdd.sys => Invisible on the disk ADDRESS : 0x04FDD000 SIZE : 80.0 Ko DRIVER : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk ADDRESS : 0x04E00000 SIZE : 324.0 Ko DRIVER : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk ADDRESS : 0x04DA2000 SIZE : 48.0 Ko DRIVER : C:\Windows\system32\DRIVERS\mssmbios.sys => Invisible on the disk ADDRESS : 0x04DAE000 SIZE : 44.0 Ko DRIVER : C:\Windows\System32\drivers\discache.sys => Invisible on the disk ADDRESS : 0x04DB9000 SIZE : 60.0 Ko DRIVER : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk ADDRESS : 0x04DC8000 SIZE : 124.0 Ko DRIVER : C:\Windows\system32\DRIVERS\blbdrive.sys => Invisible on the disk ADDRESS : 0x04DE7000 SIZE : 68.0 Ko DRIVER : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the disk ADDRESS : 0x04C00000 SIZE : 152.0 Ko DRIVER : C:\Windows\system32\DRIVERS\wmiacpi.sys => Invisible on the disk ADDRESS : 0x04C26000 SIZE : 36.0 Ko DRIVER : C:\Windows\system32\DRIVERS\nvlddmkm.sys => Invisible on the disk ADDRESS : 0x0F44C000 SIZE : 12.21 Mo DRIVER : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk ADDRESS : 0x10083000 SIZE : 980.0 Ko DRIVER : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk ADDRESS : 0x10178000 SIZE : 280.0 Ko DRIVER : C:\Windows\system32\DRIVERS\igdkmd64.sys => Invisible on the disk ADDRESS : 0x102D6000 SIZE : 14.07 Mo DRIVER : C:\Windows\system32\DRIVERS\iusb3xhc.sys => Invisible on the disk ADDRESS : 0x110E7000 SIZE : 784.0 Ko DRIVER : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the disk ADDRESS : 0x111AB000 SIZE : 8.0 Ko DRIVER : C:\Windows\system32\DRIVERS\HECIx64.sys => Invisible on the disk ADDRESS : 0x111AD000 SIZE : 76.0 Ko DRIVER : C:\Windows\system32\drivers\usbehci.sys => Invisible on the disk ADDRESS : 0x111C0000 SIZE : 72.0 Ko DRIVER : C:\Windows\system32\drivers\USBPORT.SYS => Invisible on the disk ADDRESS : 0x10200000 SIZE : 348.0 Ko DRIVER : C:\Windows\system32\DRIVERS\HDAudBus.sys => Invisible on the disk ADDRESS : 0x10257000 SIZE : 144.0 Ko DRIVER : C:\Windows\system32\DRIVERS\athrx.sys => Invisible on the disk ADDRESS : 0x05AD3000 SIZE : 4.13 Mo DRIVER : C:\Windows\system32\DRIVERS\vwifibus.sys => Invisible on the disk ADDRESS : 0x05EF5000 SIZE : 52.0 Ko DRIVER : C:\Windows\system32\DRIVERS\L1C62x64.sys => Invisible on the disk ADDRESS : 0x05F02000 SIZE : 108.0 Ko DRIVER : C:\Windows\system32\DRIVERS\i8042prt.sys => Invisible on the disk ADDRESS : 0x05F1D000 SIZE : 120.0 Ko DRIVER : C:\Windows\system32\DRIVERS\kbdclass.sys => Invisible on the disk ADDRESS : 0x05F3B000 SIZE : 60.0 Ko DRIVER : C:\Windows\system32\DRIVERS\Apfiltr.sys => Invisible on the disk ADDRESS : 0x05F4A000 SIZE : 424.0 Ko DRIVER : C:\Windows\system32\DRIVERS\mouclass.sys => Invisible on the disk ADDRESS : 0x05FB4000 SIZE : 60.0 Ko DRIVER : C:\Windows\system32\DRIVERS\CmBatt.sys => Invisible on the disk ADDRESS : 0x05FC3000 SIZE : 20.0 Ko DRIVER : C:\Windows\system32\DRIVERS\intelppm.sys => Invisible on the disk ADDRESS : 0x05FC8000 SIZE : 88.0 Ko DRIVER : C:\Windows\system32\DRIVERS\CompositeBus.sys => Invisible on the disk ADDRESS : 0x05FDE000 SIZE : 64.0 Ko DRIVER : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk ADDRESS : 0x05A00000 SIZE : 88.0 Ko DRIVER : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk ADDRESS : 0x05A16000 SIZE : 144.0 Ko DRIVER : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk ADDRESS : 0x05A3A000 SIZE : 48.0 Ko DRIVER : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk ADDRESS : 0x05A46000 SIZE : 188.0 Ko DRIVER : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk ADDRESS : 0x05A75000 SIZE : 108.0 Ko DRIVER : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the disk ADDRESS : 0x05A90000 SIZE : 132.0 Ko DRIVER : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the disk ADDRESS : 0x05AB1000 SIZE : 104.0 Ko DRIVER : C:\Windows\system32\DRIVERS\swenum.sys => Invisible on the disk ADDRESS : 0x05ACB000 SIZE : 8.0 Ko DRIVER : C:\Windows\system32\DRIVERS\ks.sys => Invisible on the disk ADDRESS : 0x1027B000 SIZE : 268.0 Ko DRIVER : C:\Windows\system32\DRIVERS\btath_bus.sys => Invisible on the disk ADDRESS : 0x05FEE000 SIZE : 52.0 Ko DRIVER : C:\Windows\system32\DRIVERS\umbus.sys => Invisible on the disk ADDRESS : 0x102BE000 SIZE : 72.0 Ko DRIVER : C:\Windows\system32\drivers\nvvad64v.sys => Invisible on the disk ADDRESS : 0x111D2000 SIZE : 56.0 Ko DRIVER : C:\Windows\system32\drivers\portcls.sys => Invisible on the disk ADDRESS : 0x101BE000 SIZE : 244.0 Ko DRIVER : C:\Windows\system32\drivers\drmk.sys => Invisible on the disk ADDRESS : 0x0F400000 SIZE : 136.0 Ko DRIVER : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk ADDRESS : 0x05ACD000 SIZE : 24.0 Ko DRIVER : C:\Windows\system32\DRIVERS\nvvhci.sys => Invisible on the disk ADDRESS : 0x111E0000 SIZE : 60.0 Ko DRIVER : C:\Windows\system32\drivers\usbhub.sys => Invisible on the disk ADDRESS : 0x04C2F000 SIZE : 360.0 Ko DRIVER : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the disk ADDRESS : 0x0F422000 SIZE : 84.0 Ko DRIVER : C:\Windows\system32\DRIVERS\iusb3hub.sys => Invisible on the disk ADDRESS : 0x0609C000 SIZE : 372.0 Ko DRIVER : C:\Windows\system32\drivers\CHDRT64.sys => Invisible on the disk ADDRESS : 0x0620D000 SIZE : 1.58 Mo DRIVER : C:\Windows\system32\DRIVERS\IntcDAud.sys => Invisible on the disk ADDRESS : 0x063A2000 SIZE : 344.0 Ko DRIVER : C:\Windows\System32\Drivers\usbVM305.sys => Invisible on the disk ADDRESS : 0x06404000 SIZE : 1.47 Mo DRIVER : C:\Windows\System32\Drivers\STREAM.SYS => Invisible on the disk ADDRESS : 0x0657D000 SIZE : 72.0 Ko DRIVER : C:\Windows\system32\drivers\vvftav.sys => Invisible on the disk ADDRESS : 0x0658F000 SIZE : 296.0 Ko DRIVER : C:\Windows\system32\DRIVERS\CtClsFlt.sys => Invisible on the disk ADDRESS : 0x060F9000 SIZE : 172.0 Ko DRIVER : C:\Windows\system32\DRIVERS\USBSTOR.SYS => Invisible on the disk ADDRESS : 0x065D9000 SIZE : 108.0 Ko DRIVER : C:\Windows\system32\drivers\hidusb.sys => Invisible on the disk ADDRESS : 0x06124000 SIZE : 56.0 Ko DRIVER : C:\Windows\system32\drivers\HIDCLASS.SYS => Invisible on the disk ADDRESS : 0x06132000 SIZE : 100.0 Ko DRIVER : C:\Windows\system32\drivers\HIDPARSE.SYS => Invisible on the disk ADDRESS : 0x065F4000 SIZE : 36.0 Ko DRIVER : C:\Windows\system32\DRIVERS\mouhid.sys => Invisible on the disk ADDRESS : 0x06200000 SIZE : 52.0 Ko DRIVER : C:\Windows\System32\win32k.sys => Invisible on the disk ADDRESS : 0x00090000 SIZE : 3.16 Mo DRIVER : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the disk ADDRESS : 0x0619A000 SIZE : 48.0 Ko DRIVER : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk ADDRESS : 0x061A6000 SIZE : 56.0 Ko DRIVER : C:\Windows\System32\Drivers\dump_iaStor.sys => Invisible on the disk ADDRESS : 0x0462A000 SIZE : 3.64 Mo DRIVER : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk ADDRESS : 0x061B4000 SIZE : 76.0 Ko DRIVER : C:\Windows\system32\drivers\usbccgp.sys => Invisible on the disk ADDRESS : 0x061C7000 SIZE : 116.0 Ko DRIVER : C:\Windows\System32\Drivers\usbvideo.sys => Invisible on the disk ADDRESS : 0x06000000 SIZE : 184.0 Ko DRIVER : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the disk ADDRESS : 0x0602E000 SIZE : 56.0 Ko DRIVER : C:\Windows\System32\TSDDD.dll => Invisible on the disk ADDRESS : 0x004F0000 SIZE : 40.0 Ko DRIVER : C:\Windows\System32\cdd.dll => Invisible on the disk ADDRESS : 0x00790000 SIZE : 156.0 Ko DRIVER : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk ADDRESS : 0x0603C000 SIZE : 140.0 Ko DRIVER : C:\Windows\system32\DRIVERS\stflt.sys => Invisible on the disk ADDRESS : 0x0605F000 SIZE : 176.0 Ko DRIVER : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk ADDRESS : 0x0614B000 SIZE : 84.0 Ko DRIVER : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the disk ADDRESS : 0x06ADB000 SIZE : 332.0 Ko DRIVER : C:\Windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk ADDRESS : 0x06B2E000 SIZE : 76.0 Ko DRIVER : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk ADDRESS : 0x06B41000 SIZE : 96.0 Ko DRIVER : C:\Windows\system32\DRIVERS\TurboB.sys => Invisible on the disk ADDRESS : 0x06B59000 SIZE : 28.0 Ko DRIVER : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk ADDRESS : 0x06A00000 SIZE : 800.0 Ko DRIVER : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk ADDRESS : 0x06B60000 SIZE : 116.0 Ko DRIVER : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk ADDRESS : 0x06B7D000 SIZE : 96.0 Ko DRIVER : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk ADDRESS : 0x06B95000 SIZE : 180.0 Ko DRIVER : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk ADDRESS : 0x06E04000 SIZE : 312.0 Ko DRIVER : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk ADDRESS : 0x06E52000 SIZE : 144.0 Ko DRIVER : C:\Windows\system32\Drivers\rikvm_9EC60124.sys => Invisible on the disk ADDRESS : 0x076D9000 SIZE : 6.28 Mo DRIVER : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk ADDRESS : 0x07D21000 SIZE : 680.0 Ko DRIVER : C:\Windows\system32\DRIVERS\vwifimp.sys => Invisible on the disk ADDRESS : 0x07DCB000 SIZE : 40.0 Ko DRIVER : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk ADDRESS : 0x07600000 SIZE : 196.0 Ko DRIVER : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk ADDRESS : 0x07631000 SIZE : 72.0 Ko DRIVER : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk ADDRESS : 0x07652000 SIZE : 416.0 Ko DRIVER : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk ADDRESS : 0x06EE5000 SIZE : 596.0 Ko DRIVER : C:\Windows\System32\Drivers\fastfat.SYS => Invisible on the disk ADDRESS : 0x06F7A000 SIZE : 216.0 Ko DRIVER : C:\Windows\system32\DRIVERS\NisDrvWFP.sys => Invisible on the disk ADDRESS : 0x07DD5000 SIZE : 128.0 Ko DRIVER : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the disk ADDRESS : 0x06FE6000 SIZE : 100.0 Ko DRIVER : C:\Windows\system32\DRIVERS\WUDFRd.sys => Invisible on the disk ADDRESS : 0x06FB0000 SIZE : 216.0 Ko DRIVER : C:\Windows\system32\DRIVERS\asyncmac.sys => Invisible on the disk ADDRESS : 0x0BAFA000 SIZE : 44.0 Ko DRIVER : C:\Windows\System32\smss.exe => Invisible on the disk ADDRESS : 0x47EA0000 SIZE : 128.0 Ko SystemStartOptions : NOEXECUTE=OPTIN ________________________________________________________________________________ _______MBR \Device\Harddisk0\DR0 0x00000000 33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00 3À.м.|.À.ؾ.|¿. 0x00000010 06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00 .¹..üó¤Ph..Ëû¹.. 0x00000020 BD BE 07 80 7E 00 00 7C 0B 0F 85 10 01 83 C5 10 ½¾..~..|......Å. 0x00000030 E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00 âñÍ..V.UÆF..ÆF.. 0x00000040 B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09 ´A»ªUÍ.]r..ûUªu. 0x00000050 F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74 ÷Á..t.þF.f`.~..t 0x00000060 26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00 &fh....f.v.h..h. 0x00000070 7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13 |h..h..´B.V..ôÍ. 0x00000080 9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00 ..Ä..ë.¸..».|.V. 0x00000090 8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1E FE .v..N..n.Í.fas.þ 0x000000A0 4E 11 0F 85 0C 00 80 7E 00 80 0F 84 8A 00 B2 80 N......~......². 0x000000B0 EB 82 55 32 E4 8A 56 00 CD 13 5D EB 9C 81 3E FE ë.U2ä.V.Í.]ë..>þ 0x000000C0 7D 55 AA 75 6E FF 76 00 E8 8A 00 0F 85 15 00 B0 }Uªun.v.è......° 0x000000D0 D1 E6 64 E8 7F 00 B0 DF E6 60 E8 78 00 B0 FF E6 Ñædè..°ßæ`èx.°.æ 0x000000E0 64 E8 71 00 B8 00 BB CD 1A 66 23 C0 75 3B 66 81 dèq.¸.»Í.f#Àu;f. 0x000000F0 FB 54 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 ûTCPAu2.ù..r,fh. 0x00000100 BB 00 00 66 68 00 02 00 00 66 68 08 00 00 00 66 »..fh....fh....f 0x00000110 53 66 53 66 55 66 68 00 00 00 00 66 68 00 7C 00 SfSfUfh....fh.|. 0x00000120 00 66 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 .fah...Í.Z2öê.|. 0x00000130 00 CD 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 .Í..·.ë..¶.ë..µ. 0x00000140 32 E4 05 00 07 8B F0 AC 3C 00 74 FC BB 07 00 B4 2ä....ð¬<.tü»..´ 0x00000150 0E CD 10 EB F2 2B C9 E4 64 EB 00 24 02 E0 F8 24 .Í.ëò+Éädë.$.àø$ 0x00000160 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 74 .ÃInvalid partit 0x00000170 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 20 ion table.Error 0x00000180 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 6E loading operatin 0x00000190 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E 67 g system.Missing 0x000001A0 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 65 operating syste 0x000001B0 6D 00 00 00 00 62 7A 99 5D 4E 2A 87 00 00 00 01 m....bz.]N*..... 0x000001C0 01 00 DE 03 3F 04 3F 00 00 00 86 39 01 00 80 19 ..Þ.?.?....9.... 0x000001D0 15 05 07 FE FF FF 00 40 01 00 00 F0 B9 01 00 FE ...þ...@...ð¹..þ 0x000001E0 FF FF 07 FE FF FF 00 30 BB 01 00 30 B5 72 00 00 ...þ...0»..0µr.. 0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª _______MBR \Device\Harddisk1\DR1 0x00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000000A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000000B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000000C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000000D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000000E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000001B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000001C0 21 00 07 22 D5 CD 20 00 00 00 E0 8B EE 00 00 00 !.."ÕÍ ...à.î... 0x000001D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª
  7. Pedido de análise de log.

    Oi pessoal do forum.baboo. Alguém pode, por favor fazer uma análise do arquivo de log do meu sistema? Já fiz os procedimentos iniciais de verificação de vírus, e limpeza dor arquivos desnecessários do Windows. Gostaria de saber quais arquivos maliciosos estão escondidos em minha máquina, e principalmente Quais programas e serviços eu posso desabilitar, destes que estão inicializando junto com o Windows. Obs: quero deixar iniciando junto com o sistema somente programas e serviços que realmente forem essenciais, importantes. Desde já agradeço pela atenção, à quem puder me ajudar. Muito obrigado Fabiano. Segue o arquivo de log. _______________________________________________________________________ Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 02:08:27, on 14/09/2017 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.18792) Boot mode: Normal Running processes: C:\PROGRA~2\GbPlugin\GbpSv.exe C:\Users\Fabua\Documents\programas baixados\pgm HijackThis 2.0.5\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehabn.dll O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~2\TEXTAL~1\TAForIE.dll O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Broken Internet access because of LSP provider 'c:\program files (x86)\common files\microsoft shared\Windows live\wlidnsp.dll' missing O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://www.bancoreal.com.br O15 - Trusted Zone: http://www.bancosantander.com.br O15 - Trusted Zone: http://www.caixa.gov.br O15 - Trusted Zone: http://www.santander.com.br O15 - Trusted Zone: http://www.santanderempresarial.com.br O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4 O18 - Protocol: WSWSVCUchrome - (no CLSID) - (no file) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O20 - Winlogon Notify: GbPluginAbn - C:\Program Files (x86)\GbPlugin\gbiehAbn.dll O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: BlueStacks Plus Android Service (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe O23 - Service: CyberLink Product - 2012/08/21 17:28:17 (CLKMSVC10_9EC60124) - CyberLink - C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: CxUtilSvc - Conexant Systems, Inc. - C:\Program Files\Conexant\SA3\CxUtilSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: Proteção de Software (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Spyware Terminator 2015 Realtime Shield Service (ST2012_Svc) - Crawler Group, LLC - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe O23 - Service: TrueKeyServiceHelper - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe -- End of file - 11465 bytes
×