Este fórum foi descontinuado. LEIA AQUI e participe da Comunidade BABOO :)

A área de Remoção de Malwares está aberta na Comunidade BABOO. LEIA AQUI

Ir para conteúdo

lzfred

Participante
  • Postagens

    3
  • Desde

  • Última visita

  1. lzfred

    Notebook lento

    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:47:37, on 29/04/2019 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17689) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Program Files\IDT\WDM\sttray.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe C:\Program Files\EPSON Software\Event Manager\EEventManager.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Windows\System32\spool\drivers\w32x86\3\E_TATII2E.EXE C:\Windows\System32\spool\drivers\w32x86\3\E_TATII2E.EXE C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Cleber\Downloads\HijackThis.exe C:\Windows\system32\SearchProtocolHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = YouTube.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={5388482E-E7B1-4219-AFC3-233F677C0059}&mid=c1beb21bc07e47cdb9611151c334e2b8-45a2026c967f5d800fdf3fd63862d8c96ed8029b&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0916tb&pr=fr&d=2015-05-06 11:30:08&v=4.3.5.160&pid=wtu&sg=&sap=hp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = YouTube.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = YouTube.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe" O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe" O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [RemoteControl11] "C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe" O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKCU\..\Run: [Spotify] C:\Users\Cleber\AppData\Roaming\Spotify\Spotify.exe --autostart O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII2E.EXE /EPT "EPLTarget\P0000000000000000" /M "L210 Series" O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII2E.EXE /EPT "EPLTarget\P0000000000000001" /M "L210 Series" O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GRA32A~1.DLL O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\Windows\system32\EscSvc.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files\Google\Chrome\Application\73.0.3683.103\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mobile Broadband HL Service - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: QMEmulatorService - Tencent - C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe O23 - Service: Componente de Segurança Bradesco (scpbradserv) - Scopus Soluções em TI Ltda - C:\Program Files\scpbrad\scpbradserv.exe O23 - Service: @%SystemRoot%\system32\stlang.dll,-10102 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe -- End of file - 8553 bytes Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 29/04/2019 Hora da análise: 20:28 Arquivo de registro: 7971492c-6ad6-11e9-bb5d-a0b3cc79799c.json -Informação do software- Versão: 3.7.1.2839 Versão de componentes: 1.0.586 Versão do pacote de definições: 1.0.10384 Licença: Gratuita -Informação do sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x86 Sistema de arquivos: NTFS Usuário: Cleber-PC\Cleber -Resumo da análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 186097 Ameaças detectadas: 5 Ameaças em quarentena: 5 Tempo decorrido: 13 min, 27 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 1 Adware.Norassie, HKU\S-1-5-21-2230795732-2137327385-2247328133-1000\SOFTWARE\Norassie, Quarentena, [6826], [361347],1.0.10384 Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 2 PUP.Optional.DoSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\Internet Explorer\MAIN|DEFAULT_SEARCH_URL, Substituído, [1033], [292837],1.0.10384 PUP.Optional.DoSearch.ShrtCln, HKLM\SOFTWARE\MICROSOFT\Internet Explorer\MAIN|SEARCH PAGE, Substituído, [1033], [292837],1.0.10384 Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 2 Generic.Malware/Suspicious, C:\USERS\CLEBER\DOWNLOADS\DOWNLOAD_NETFRAMEWORK-2018-05-16-19-48-02.ZIP, Quarentena, [0], [392686],1.0.10384 PUP.Optional.BundleInstaller, C:\USERS\CLEBER\DOWNLOADS\5585 - POKEMON - BLACK VERSION (DSI ENHANCED)(USA) (E)_2072927949.EXE, Quarentena, [448], [486142],1.0.10384 Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end)
  2. lzfred

    Notebook lento

    ~ ZHPCleaner v2019.4.29.56 by Nicolas Coolman (2019/04/29) ~ Run by Cleber (Administrator) (29/04/2019 20:18:33) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\Cleber\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\Cleber\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Professional, 32-bit Service Pack 1 (Build 7601) ---\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. (ADS) ---\ Services (0) ~ No malicious or unnecessary items found. (Service) ---\ Browser internet (1) DELETED data: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : 127.0.0.1;localhost;*.local] =>Hijacker.Proxy ---\ Hosts file (1) ~ The hosts file is legitimate (21) ---\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. (Task) ---\ Explorer ( File, Folder) (29) MOVED file: C:\Users\Cleber\Desktop\PUBG MOBILE.lnk [Bad : C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe](.Tencent.) =>.SUP.Tencent MOVED file: C:\Users\Cleber\Desktop\Tencent Gaming Buddy.lnk [Bad : C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe](.Tencent.) =>.SUP.Tencent MOVED file: C:\Users\Cleber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Tencent Gaming Buddy.lnk [Bad : C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe](.Tencent.) =>.SUP.Tencent MOVED file: C:\Users\Cleber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Tencent Gaming Buddy.lnk [Bad : C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe](.Tencent.) =>.SUP.Tencent MOVED file: C:\Windows\Installer\wix{D9F3D66A-9885-4DDD-A800-9DDF488359A1}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\wix{E1DB0812-2D60-43DB-AE09-6C7027D93B28}.SchedServiceConfig.rmi =>.SUP.Empty MOVED file: C:\Windows\Installer\MSI1169.tmp =>.SUP.MSIInstaller MOVED file: C:\Windows\Installer\125247.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\135b3d.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\1584bd2f.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\29d417.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\318ff91.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\522d8c.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\cf5d40.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\fd1e846.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Windows\Installer\fdc095a.msp =>.SUP.Obsolete.Adobe MOVED file: C:\Users\Cleber\Downloads\GameDownload_PUBG_MOBILE_100103_1.0.5226.123.exe [Tencent - Tencent Gaming Buddy - Install] =>.SUP.Tencent MOVED file: C:\Users\Cleber\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe [Tencent - 腾讯游戏云加速下载引擎(旋风Inside)] =>.SUP.Tencent MOVED folder: C:\Program Files\Skillbrains =>.SUP.Skillbrains MOVED folder: C:\ProgramData\Tencent =>.SUP.Tencent MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software =>.SUP.Tencent MOVED folder: C:\Windows\System32\config\systemprofile\AppData\Roaming\Tencent =>.SUP.Tencent MOVED folder: C:\Users\Cleber\AppData\Roaming\Elex-tech =>.SUP.Elex MOVED folder: C:\Users\Cleber\AppData\Roaming\Gameo =>.SUP.IronSourceLtd MOVED folder: C:\Users\Cleber\AppData\Roaming\Tencent =>.SUP.Tencent MOVED folder: C:\Users\Cleber\AppData\Local\Gameo =>.SUP.IronSourceLtd MOVED folder: C:\Users\Cleber\AppData\LocalLow\EmieBrowserModeList =>.SUP.Empty MOVED folder: C:\Users\Cleber\AppData\LocalLow\EmieSiteList =>.SUP.Empty MOVED folder: C:\Users\Cleber\AppData\LocalLow\EmieUserList =>.SUP.Empty ---\ Registry ( Key, Value, Data) (21) DELETED key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [https://mysearch.avg.com/search?cid={5388482E-E7B1-4219-AFC3-233F677C0059}&mid=c1beb21bc07e47cdb9611[...]] [AVG Secure Search] =>PUP.Optional.MySearch DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{700616F2-D878-45F5-BE2F-D5C48881F85C}\\DhcpNameServer [Bad : 181.213.132.2 181.213.132.3] =>Hijacker.Browser DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D0D42ECF-061F-4012-8C44-489943D7E30C}\\DhcpNameServer [Bad : 181.213.132.3 181.213.132.2] =>Hijacker.Browser DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 181.213.132.3 181.213.132.2] =>Hijacker.Browser DELETED key**: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [https://mysearch.avg.com/search?cid={5388482E-E7B1-4219-AFC3-233F677C0059}&mid=c1beb21bc07e47cdb9611151c334e2b8-45a2026c967f5d800fdf3fd63862d8c96ed8029b&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0717tb&pr=fr&d=2015-05-06 11:30:08&v=4.3.8.510&pid=wtu&sg=&sap=dsp&q={searchTerms}] =>PUP.Optional.MySearch DELETED key*: HKEY_USERS\S-1-5-21-2230795732-2137327385-2247328133-1000\SOFTWARE\drpsu [] =>.SUP.DriverPack DELETED key*: HKEY_USERS\S-1-5-21-2230795732-2137327385-2247328133-1000\SOFTWARE\SkillBrains [] =>.SUP.Skillbrains DELETED key*: HKEY_USERS\S-1-5-21-2230795732-2137327385-2247328133-1000\SOFTWARE\Tencent [] =>.SUP.Tencent DELETED key**: HKCU\Software\drpsu [] =>.SUP.DriverPack DELETED key**: HKCU\Software\SkillBrains [] =>.SUP.Skillbrains DELETED key**: HKCU\Software\Tencent [] =>.SUP.Tencent DELETED key*: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi [ScriptHelperApi Class] =>Toolbar.Agent DELETED key*: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 [ScriptHelperApi Class] =>Toolbar.Agent DELETED key*: HKLM\SOFTWARE\Skillbrains [] =>.SUP.Skillbrains DELETED key*: HKLM\SOFTWARE\Tencent [] =>.SUP.Tencent DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileGamePC [Tencent Technology Company] =>.SUP.Tencent DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AVG\Zen\ [No Folder] =>.SUP.Obsolete.NoFolder DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{F59B45B8-1E5C-4425-9AEC-EB46161385F7} [C:\Users\Cleber\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe] =>.SUP.Tencent DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{C467B133-AB27-4AD0-99B5-CAD159697C2F} [C:\Users\Cleber\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe] =>.SUP.Tencent DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{80F9A7F7-DE43-4CED-BF62-03B11C1C4944} [C:\Users\Cleber\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe] =>.SUP.Tencent DELETED value: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{7B99783B-1DE4-47A7-9A9A-034814AB5E68} [C:\Users\Cleber\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe] =>.SUP.Tencent ---\ Summary of the elements found (13) https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy https://nicolascoolman.eu/2017/02/23/tencentadressbar/ =>.SUP.Tencent https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.MSIInstaller https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Obsolete.Adobe https://nicolascoolman.eu/2019/01/sup-skillbrains =>.SUP.Skillbrains https://nicolascoolman.eu/2017/03/28/superfluous-elex/ =>.SUP.Elex https://www.anti-malware.top/2016/05/02/superfluous-ironsourceltd/ =>.SUP.IronSourceLtd https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.MySearch https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser https://nicolascoolman.eu/2018/07/04/sup-driverpack/ =>.SUP.DriverPack https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>Toolbar.Agent https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Obsolete.NoFolder ---\ Other deletions. (25) ~ Registry Keys Tracing deleted (25) ~ Remove the old reports ZHPCleaner. (0) ---\ Result of repair ~ Repair carried out successfully ~ Browser not found (Mozilla Firefox) ~ Browser not found (Opera Software) ---\ Statistics ~ Items scanned : 514 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 12/12 ~ Space saving (bytes) : 0 ~ End of clean in 00h00mn38s ---\ Reports (2) ZHPCleaner-[S]-29042019-20_14_16.txt ZHPCleaner-[R]-29042019-20_19_11.txt Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:19:54, on 29/04/2019 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17689) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\IDT\WDM\sttray.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe C:\Program Files\EPSON Software\Event Manager\EEventManager.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Windows\System32\spool\drivers\w32x86\3\E_TATII2E.EXE C:\Windows\System32\spool\drivers\w32x86\3\E_TATII2E.EXE C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Users\Cleber\Downloads\HijackThis.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = YouTube.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={5388482E-E7B1-4219-AFC3-233F677C0059}&mid=c1beb21bc07e47cdb9611151c334e2b8-45a2026c967f5d800fdf3fd63862d8c96ed8029b&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0916tb&pr=fr&d=2015-05-06 11:30:08&v=4.3.5.160&pid=wtu&sg=&sap=hp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = YouTube.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=1427494651&from=cor&uid=HitachiXHTS547564A9E384_J2130053DZV20BDZV20BX&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=1427494651&from=cor&uid=HitachiXHTS547564A9E384_J2130053DZV20BDZV20BX&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = YouTube.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe" O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe" O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [RemoteControl11] "C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe" O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKCU\..\Run: [Spotify] C:\Users\Cleber\AppData\Roaming\Spotify\Spotify.exe --autostart O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII2E.EXE /EPT "EPLTarget\P0000000000000000" /M "L210 Series" O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII2E.EXE /EPT "EPLTarget\P0000000000000001" /M "L210 Series" O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GRA32A~1.DLL O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\Windows\system32\EscSvc.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files\Google\Chrome\Application\73.0.3683.103\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Mobile Broadband HL Service - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: QMEmulatorService - Tencent - C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe O23 - Service: Componente de Segurança Bradesco (scpbradserv) - Scopus Soluções em TI Ltda - C:\Program Files\scpbrad\scpbradserv.exe O23 - Service: @%SystemRoot%\system32\stlang.dll,-10102 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe -- End of file - 8165 bytes
  3. lzfred

    Notebook lento

    Boa noite, há algum tempo meu notebook vem ficando lento, principalmente quando há muitas abas abertas e na inicialização Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:26:50, on 29/04/2019 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17689) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\IDT\WDM\sttray.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe C:\Program Files\EPSON Software\Event Manager\EEventManager.exe C:\Program Files\AVG\Framework\Common\avguix.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\AVG\antivírus\AVGUI.exe C:\Windows\System32\spool\drivers\w32x86\3\E_TATII2E.EXE C:\Windows\System32\spool\drivers\w32x86\3\E_TATII2E.EXE C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Users\Cleber\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = YouTube.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={5388482E-E7B1-4219-AFC3-233F677C0059}&mid=c1beb21bc07e47cdb9611151c334e2b8-45a2026c967f5d800fdf3fd63862d8c96ed8029b&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0916tb&pr=fr&d=2015-05-06 11:30:08&v=4.3.5.160&pid=wtu&sg=&sap=hp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = YouTube.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com/web/?type=ds&ts=1427494651&from=cor&uid=HitachiXHTS547564A9E384_J2130053DZV20BDZV20BX&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com/web/?type=ds&ts=1427494651&from=cor&uid=HitachiXHTS547564A9E384_J2130053DZV20BDZV20BX&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = YouTube.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe" O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe" O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [RemoteControl11] "C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe" O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [AvgUi] "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVGUI.exe] "C:\Program Files\AVG\antivírus\AvLaunch.exe" /gui O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKCU\..\Run: [Spotify] C:\Users\Cleber\AppData\Roaming\Spotify\Spotify.exe --autostart O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII2E.EXE /EPT "EPLTarget\P0000000000000000" /M "L210 Series" O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII2E.EXE /EPT "EPLTarget\P0000000000000001" /M "L210 Series" O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GRA32A~1.DLL O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Framework\Common\avgsvcx.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\Windows\system32\EscSvc.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files\Google\Chrome\Application\73.0.3683.103\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Mobile Broadband HL Service - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: QMEmulatorService - Tencent - C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe O23 - Service: Componente de Segurança Bradesco (scpbradserv) - Scopus Soluções em TI Ltda - C:\Program Files\scpbrad\scpbradserv.exe O23 - Service: @%SystemRoot%\system32\stlang.dll,-10102 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe -- End of file - 8287 bytes
×
×
  • Criar Novo...