Conteúdo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Fundo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Desenho: Liso Onda Linha Retalho Madeira Rocha Couro Colméia Vertical Triângulo
Bem-vindo ao Fórum do BABOO!

Desde 2000 o Fórum do BABOO tem ajudado milhões de internautas de Windows a resolverem seus problemas e dúvidas, além de ajudar na remoção de vírus e malwares de seus computadores. Somos o único fórum brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows, então se você tem uma dúvida ou problema que nenhum outro fórum resolve, poste-a aqui pois o MVP Babooadora desafios!
  

O Fórum do BABOO também conta com a participação exclusiva do administrador da área de Segurança MVP Mr.Million que tem reconhecimento internacional da Microsoft pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Se o seu computador está infectado por algum vírus, ele te ajudará a removê-lo!
  

Nosso time de especialistas também inclui Patropi  Osvaldomp  Caze  Ciro-Mota  XERLOUCO ROUMS  Tatha que responderão suas dúvidas sobre diversos assuntos.
 

Participe da nossa comunidade! 

 

Entre para seguir isso  
Seguidores 0
aninhatrl

virus think point

2 posts neste tópico

Oi,

Eu estava com o virus think point no meu computador, aí li os tópicos a respeito e usei o combofix, porem ele fez toda a atualizaçao e aparentemente não tem mais o virus, pois agora consigo acessar a internet e outros programas que estavam bloqueados. Mas preciso de uma análise do log, pois sou leiga nesse assunto. Como faço?

Agradeço desde já.

ComboFix 10-11-29.05 - iarh 30/11/2010 10:53:42.1.4 - x86

Microsoft Windows XP Professional 5.1.2600.2.1252.55.1046.18.1015.460 [GMT -2:00]

Executando de: c:\documents and settings\iarh\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\ComboFix.exe

AV: avast! antivírus *On-access scanning disabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

ADS - system32: deleted 2 bytes in 1 streams.

ADS - drivers: deleted 204 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\autorun.inf

c:\documents and settings\iarh\Dados de aplicativos\completescan

c:\documents and settings\iarh\Dados de aplicativos\hotfix.exe

c:\documents and settings\iarh\Dados de aplicativos\install

c:\Windows\system32\sshnas21.dll

D:\autorun.inf

.

((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_SSHNAS

-------\Service_SSHNAS

(((((((((((((((( Arquivos/Ficheiros criados de 2010-10-28 to 2010-11-30 ))))))))))))))))))))))))))))

.

2010-11-30 12:40 . 2010-11-30 12:34 3982557 ----a-r- c:\documents and settings\iarh\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\ComboFix.exe

2010-11-30 11:05 . 2010-11-30 11:05 178176 ----a-w- c:\Windows\Wpujaa.exe

2010-11-16 13:07 . 2010-11-16 13:07 -------- d-----w- c:\arquivos de programas\ABSVD

2010-11-13 12:12 . 2010-11-13 12:13 -------- d-----w- c:\Windows\ShellNew

2010-11-13 10:10 . 2010-11-13 10:10 -------- d-----w- c:\documents and settings\iarh\Configurações locais\Dados de aplicativos\Identities

2010-11-12 13:58 . 2010-11-12 13:58 -------- d-----w- c:\documents and settings\iarh\Dados de aplicativos\Thinstall

2010-11-12 10:47 . 2007-03-31 10:04 129165278 ----a-w- c:\documents and settings\iarh\Dados de aplicativos\Microsoft\Internet Explorer\Quick Launch\CorelDRAW.exe

2010-11-06 13:37 . 2010-11-06 13:37 103864 ----a-w- c:\arquivos de programas\Mozilla Firefox\plugins\nppdf32.dll

2010-11-06 13:37 . 2010-11-06 13:37 103864 ----a-w- c:\arquivos de programas\Internet Explorer\PLUGINS\nppdf32.dll

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-10-25 11:02 . 2010-09-06 19:52 45472 ----a-w- c:\Windows\system32\drivers\gbpkm.sys

.

------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\atapi.sys

[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\Windows\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\atapi.sys

[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\Windows\system32\drivers\atapi.sys

[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\Windows\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\asyncmac.sys

[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\asyncmac.sys

[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\Windows\system32\drivers\asyncmac.sys

[-] 2001-10-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\Windows\system32\dllcache\beep.sys

[-] 2001-10-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\Windows\system32\drivers\beep.sys

[-] 2008-04-14 . D3D4832B494CBF9A87CF86D7517013CB . 25088 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\kbdclass.sys

[-] 2004-08-04 . 7FC1E330386610D5EB3E7C4C7893CA93 . 25088 . . [5.1.2600.2180] . . c:\Windows\system32\drivers\kbdclass.sys

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ndis.sys

[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\ndis.sys

[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\Windows\system32\drivers\ndis.sys

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ntfs.sys

[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\ntfs.sys

[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\Windows\system32\drivers\ntfs.sys

[-] 2001-10-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\Windows\system32\dllcache\null.sys

[-] 2001-10-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\Windows\system32\drivers\null.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\Windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys

[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\Windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys

[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\Windows\system32\dllcache\tcpip.sys

[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\Windows\system32\drivers\tcpip.sys

[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\Windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys

[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\tcpip.sys

[-] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\Windows\$NtUninstallKB951748$\tcpip.sys

[-] 2008-04-14 . 572AEDA840986672DA2BB9D4183E2AA9 . 77824 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\browser.dll

[-] 2004-08-04 . B90D6814CF36244818E8B4F0A4AC6F84 . 77312 . . [5.1.2600.2180] . . c:\Windows\system32\browser.dll

[-] 2004-08-04 . B90D6814CF36244818E8B4F0A4AC6F84 . 77312 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\browser.dll

[-] 2008-04-14 . 9607142710D3B64AB7FCCE4BE4E30D37 . 13312 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\lsass.exe

[-] 2004-08-04 . 35C6463B3C5F62D2B20C953B6E1538E9 . 13312 . . [5.1.2600.2180] . . c:\Windows\system32\lsass.exe

[-] 2004-08-04 . 35C6463B3C5F62D2B20C953B6E1538E9 . 13312 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\lsass.exe

[-] 2008-04-14 . B199C4F441DDAB10253ABC0AC4858BFF . 198144 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\netman.dll

[-] 2004-08-04 . BA900E1190BA4CCD70F218A23DEC89D1 . 198144 . . [5.1.2600.2180] . . c:\Windows\system32\netman.dll

[-] 2004-08-04 . BA900E1190BA4CCD70F218A23DEC89D1 . 198144 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\netman.dll

[-] 2008-04-14 . F0F5EEF8C4B0444E6E4D8E09F7A8F0A8 . 409088 . . [6.7.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\qmgr.dll

[-] 2004-08-04 . C1AA680B70BD0771A0850E04C3E634A5 . 382464 . . [6.6.2600.2180] . . c:\Windows\system32\qmgr.dll

[-] 2004-08-04 . C1AA680B70BD0771A0850E04C3E634A5 . 382464 . . [6.6.2600.2180] . . c:\Windows\system32\dllcache\qmgr.dll

[-] 2009-02-09 . B5AE6227853C4B6A723567A8DEF68F03 . 401408 . . [5.1.2600.5755] . . c:\Windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll

[-] 2009-02-09 . F3763E01E7536F7A6D0C6E392C603EC2 . 401408 . . [5.1.2600.5755] . . c:\Windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll

[-] 2009-02-09 . 2CB8373AC68E387BDF5472CB7AF347EF . 399360 . . [5.1.2600.3520] . . c:\Windows\system32\rpcss.dll

[-] 2009-02-09 . 2CB8373AC68E387BDF5472CB7AF347EF . 399360 . . [5.1.2600.3520] . . c:\Windows\system32\dllcache\rpcss.dll

[-] 2009-02-09 . CB6BBDCCC9F7984E2CA6CA5842746635 . 401408 . . [5.1.2600.3520] . . c:\Windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll

[-] 2008-04-14 . E34A1B6160A90C7CB90BF2EE8D6AD921 . 399360 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\rpcss.dll

[-] 2004-08-04 . 7461E79FD81D467A03CD35091D384D2B . 395776 . . [5.1.2600.2180] . . c:\Windows\$NtUninstallKB956572$\rpcss.dll

[-] 2009-02-09 . C52DEB6D8CD4B096BF1A9EC001F36507 . 111104 . . [5.1.2600.5755] . . c:\Windows\$hf_mig$\KB956572\SP3GDR\services.exe

[-] 2009-02-09 . 38867483E0CB504BB8F277E05729881E . 111104 . . [5.1.2600.5755] . . c:\Windows\$hf_mig$\KB956572\SP3QFE\services.exe

[-] 2009-02-09 . 96D7D86D3AA68A57BBE835441DC23107 . 111104 . . [5.1.2600.3520] . . c:\Windows\system32\services.exe

[-] 2009-02-09 . 96D7D86D3AA68A57BBE835441DC23107 . 111104 . . [5.1.2600.3520] . . c:\Windows\system32\dllcache\services.exe

[-] 2009-02-09 . E64296F1D45C776FAC6EE8F89EF3C303 . 111104 . . [5.1.2600.3520] . . c:\Windows\$hf_mig$\KB956572\SP2QFE\services.exe

[-] 2008-04-14 . EE7999BAACA84CFAA03726E677EE2A33 . 109056 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\services.exe

[-] 2004-08-04 . CC73C4430C2FC27FDE16A0A4E3678148 . 108544 . . [5.1.2600.2180] . . c:\Windows\$NtUninstallKB956572$\services.exe

[-] 2008-04-14 . AF1D9AE15C11163F576DF6ED6194B53C . 57856 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\spoolsv.exe

[-] 2004-08-04 . 3971289FA7072812CAF4D053BBC6352B . 57856 . . [5.1.2600.2180] . . c:\Windows\system32\spoolsv.exe

[-] 2004-08-04 . 3971289FA7072812CAF4D053BBC6352B . 57856 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\spoolsv.exe

[-] 2008-04-14 . 71D440F79B711627B12B567FB2EADB42 . 509952 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\winlogon.exe

[-] 2004-08-04 . 6F7BDE7A1126DEBF0CC359A54953EFC1 . 504320 . . [5.1.2600.2180] . . c:\Windows\system32\winlogon.exe

[-] 2004-08-04 . 6F7BDE7A1126DEBF0CC359A54953EFC1 . 504320 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\winlogon.exe

[-] 2008-04-14 . 085C5892D9C1E19B3CEFD1B79F5BBF13 . 617472 . . [5.82] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\comctl32.dll

[-] 2008-04-14 . 3356DF9145BC1AD45B43C528F9F7527C . 1054208 . . [6.0] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\asms\60\msft\Windows\common\controls\comctl32.dll

[-] 2004-08-04 . 021631D9D0729D9E52300CCEACE4F054 . 611328 . . [5.82] . . c:\Windows\system32\comctl32.dll

[-] 2004-08-04 . 021631D9D0729D9E52300CCEACE4F054 . 611328 . . [5.82] . . c:\Windows\system32\dllcache\comctl32.dll

[-] 2004-08-04 . 3680CF24C64348BFDC89E290790398E7 . 1050624 . . [6.0] . . c:\Windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

[-] 2001-10-28 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\Windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

[-] 2008-04-14 . 554798AAD881736DFC4D08C572DECD7A . 62464 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\cryptsvc.dll

[-] 2004-08-04 . 7836E32505D817311E8F8384A18C1128 . 60416 . . [5.1.2600.2180] . . c:\Windows\system32\cryptsvc.dll

[-] 2004-08-04 . 7836E32505D817311E8F8384A18C1128 . 60416 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\cryptsvc.dll

[-] 2008-07-07 20:31 . C8FDAFC91302E9E905182EC6A2D1612A . 253952 . . [2001.12.4414.320] . . c:\Windows\system32\es.dll

[-] 2008-07-07 20:31 . C8FDAFC91302E9E905182EC6A2D1612A . 253952 . . [2001.12.4414.320] . . c:\Windows\system32\dllcache\es.dll

[-] 2008-07-07 20:28 . B024AB8B7692D47C8176BE92AB36D316 . 253952 . . [2001.12.4414.706] . . c:\Windows\$hf_mig$\KB950974\SP3GDR\es.dll

[-] 2008-07-07 20:25 . 58586EB44E6FD9A711943647C8451741 . 253952 . . [2001.12.4414.706] . . c:\Windows\$hf_mig$\KB950974\SP3QFE\es.dll

[-] 2008-07-07 20:18 . 788A6C475F332290217C33921623CF48 . 253952 . . [2001.12.4414.320] . . c:\Windows\$hf_mig$\KB950974\SP2QFE\es.dll

[-] 2008-04-14 02:20 . 957E7822860EB8E5CD9EDB7BA04B7E65 . 246272 . . [2001.12.4414.701] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\es.dll

[-] 2004-08-04 03:45 . 74C397E17E946D61012C301186C84124 . 243200 . . [2001.12.4414.258] . . c:\Windows\$NtUninstallKB950974$\es.dll

[-] 2008-04-14 . 05C621EAA979D33A12F3B510FF4C6F9F . 110080 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\imm32.dll

[-] 2004-08-04 . 602B88592E0690D0DFB5E5F44A9EF820 . 110080 . . [5.1.2600.2180] . . c:\Windows\system32\imm32.dll

[-] 2004-08-04 . 602B88592E0690D0DFB5E5F44A9EF820 . 110080 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\imm32.dll

[-] 2009-03-21 . 407DEDFD4D52D6FFFBDF6A1D2F9FDAC7 . 1025024 . . [5.1.2600.3541] . . c:\Windows\system32\kernel32.dll

[-] 2009-03-21 . 407DEDFD4D52D6FFFBDF6A1D2F9FDAC7 . 1025024 . . [5.1.2600.3541] . . c:\Windows\system32\dllcache\kernel32.dll

[-] 2009-03-21 . 6A5A13A014F72F3C8E8A23B662C9DAF1 . 1028608 . . [5.1.2600.5781] . . c:\Windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll

[-] 2009-03-21 . 03DA51CE83B0D693A10C91B139BBD221 . 1030656 . . [5.1.2600.5781] . . c:\Windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll

[-] 2009-03-21 . 424919C0378FD828E0FE4683B480BE9B . 1028096 . . [5.1.2600.3541] . . c:\Windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll

[-] 2008-04-14 . 68ECDAD8AE2768DE61C20C41A28CC0B0 . 1028608 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\kernel32.dll

[-] 2004-08-04 . AD72A244955E89EBBB8FABF02F8041C6 . 1022464 . . [5.1.2600.2180] . . c:\Windows\$NtUninstallKB959426$\kernel32.dll

[-] 2008-04-14 . 1E47527C69E79ECC13326BFB2E178394 . 19968 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\linkinfo.dll

[-] 2004-08-04 . E9B587DBAE9F212A394618CE06013EAF . 18944 . . [5.1.2600.2180] . . c:\Windows\system32\linkinfo.dll

[-] 2004-08-04 . E9B587DBAE9F212A394618CE06013EAF . 18944 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\linkinfo.dll

[-] 2008-04-14 . 5F6337EAC9EA401AA0F9040CB6F16C80 . 22016 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\lpk.dll

[-] 2004-08-04 . CFFC7F8E8F898BE4561887EF301F8BF3 . 22016 . . [5.1.2600.2180] . . c:\Windows\system32\lpk.dll

[-] 2004-08-04 . CFFC7F8E8F898BE4561887EF301F8BF3 . 22016 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\lpk.dll

[-] 2010-04-16 . 434769906DF2EAAECE48E9D8AC39A6C2 . 3094016 . . [6.00.2900.5969] . . c:\Windows\$hf_mig$\KB982381\SP3GDR\mshtml.dll

[-] 2010-04-16 . 323D7959E60C22A0603A4960E36EBEE4 . 3094528 . . [6.00.2900.5969] . . c:\Windows\$hf_mig$\KB982381\SP3QFE\mshtml.dll

[-] 2010-04-16 . 65DFAA6586101DBD31102AEE98C83159 . 3086336 . . [6.00.2900.3698] . . c:\Windows\system32\mshtml.dll

[-] 2010-04-16 . 65DFAA6586101DBD31102AEE98C83159 . 3086336 . . [6.00.2900.3698] . . c:\Windows\system32\dllcache\mshtml.dll

[-] 2010-04-16 . F2C502DFB5CCC3002854B8F809E9E269 . 3094016 . . [6.00.2900.3698] . . c:\Windows\$hf_mig$\KB982381\SP2QFE\mshtml.dll

[-] 2008-04-14 . 64C5EB55D74A90AB4DC89F9A6C2E797F . 3066880 . . [6.00.2900.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\mshtml.dll

[-] 2004-08-04 . 2D36439FE3C0FBD30F5ABD8FDBAA31B5 . 3003392 . . [6.00.2900.2180] . . c:\Windows\$NtUninstallKB982381$\mshtml.dll

[-] 2008-04-14 . 63C2A8E1E33C8C714F11C91400F291E0 . 343040 . . [7.0.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\msvcrt.dll

[-] 2008-04-14 . 25E2B1C5D3CE1EC3517C755A1FCD3B0E . 343040 . . [7.0.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\asms\70\msft\Windows\mswincrt\msvcrt.dll

[-] 2004-08-04 . FD5A817258E47E54F4CF8F5E071D1DD8 . 343040 . . [7.0.2600.2180] . . c:\Windows\system32\msvcrt.dll

[-] 2004-08-04 . FD5A817258E47E54F4CF8F5E071D1DD8 . 343040 . . [7.0.2600.2180] . . c:\Windows\system32\dllcache\msvcrt.dll

[-] 2004-08-04 . B7BDD03E2D7422CE226DA4029CE8C13C . 343040 . . [7.0.2600.2180] . . c:\Windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll

[-] 2001-10-28 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\Windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll

[-] 2008-06-20 . 401BBBCD7A0116BF42BE81171510486A . 247808 . . [5.1.2600.5625] . . c:\Windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll

[-] 2008-06-20 . 5265EA72F599CF8277A34780F6369B60 . 247808 . . [5.1.2600.5625] . . c:\Windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll

[-] 2008-06-20 . 59AB513554BA8770BF493D6F2121637B . 247808 . . [5.1.2600.3394] . . c:\Windows\system32\mswsock.dll

[-] 2008-06-20 . 59AB513554BA8770BF493D6F2121637B . 247808 . . [5.1.2600.3394] . . c:\Windows\system32\dllcache\mswsock.dll

[-] 2008-06-20 . E8C71AECFD3B76407430A22C9EB371FF . 247808 . . [5.1.2600.3394] . . c:\Windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll

[-] 2008-04-14 . CF7C16037A5905AA5A173813D14D5C4A . 247808 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\mswsock.dll

[-] 2004-08-04 . DB19E9D916B10319A17572B3E7E63FAC . 247808 . . [5.1.2600.2180] . . c:\Windows\$NtUninstallKB951748$\mswsock.dll

[-] 2009-02-06 . B8F0B2CF73FD662A39F0E4392C28E73D . 408064 . . [5.1.2600.3520] . . c:\Windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll

[-] 2009-02-06 . B8F0B2CF73FD662A39F0E4392C28E73D . 408064 . . [5.1.2600.3520] . . c:\Windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll

[-] 2008-04-14 . 49897D67B04E62F8E59EB8B1C7DF7072 . 407040 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\netlogon.dll

[-] 2004-08-04 . 82777C1BE8E9F0B1574DAC5BC29C7D6F . 407040 . . [5.1.2600.2180] . . c:\Windows\system32\netlogon.dll

[-] 2004-08-04 . 82777C1BE8E9F0B1574DAC5BC29C7D6F . 407040 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\netlogon.dll

[-] 2008-04-14 . C008BBC88156E0EE109C7FF445CD9555 . 17408 . . [6.00.2900.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\powrprof.dll

[-] 2004-08-04 . 0F81EB414DE1D77DD315F4A3D324BC1E . 17408 . . [6.00.2900.2180] . . c:\Windows\system32\powrprof.dll

[-] 2004-08-04 . 0F81EB414DE1D77DD315F4A3D324BC1E . 17408 . . [6.00.2900.2180] . . c:\Windows\system32\dllcache\powrprof.dll

[-] 2008-04-14 . 879E802EF4EF2405014B170EA41E552B . 184832 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\scecli.dll

[-] 2004-08-04 . E95230A31F912E07B19F8335D4DFF110 . 183808 . . [5.1.2600.2180] . . c:\Windows\system32\scecli.dll

[-] 2004-08-04 . E95230A31F912E07B19F8335D4DFF110 . 183808 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\scecli.dll

[-] 2008-04-14 . 39FD0DD101277F7261C7D602462C9A95 . 5120 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\sfc.dll

[-] 2004-08-04 . FA7EE4A359AE09930904881982D22AB8 . 5120 . . [5.1.2600.2180] . . c:\Windows\system32\sfc.dll

[-] 2004-08-04 . FA7EE4A359AE09930904881982D22AB8 . 5120 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\sfc.dll

[-] 2008-04-14 . ED2D69CD4B0EBE37EFE11D4DC4ABC68F . 14336 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\svchost.exe

[-] 2004-08-04 . 5DE3E7B6F7624552F2F06664F110820D . 14336 . . [5.1.2600.2180] . . c:\Windows\system32\svchost.exe

[-] 2004-08-04 . 5DE3E7B6F7624552F2F06664F110820D . 14336 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\svchost.exe

[-] 2008-04-14 . FEFA8CEBD17A788FDCB9A1C78311AFC3 . 249856 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\tapisrv.dll

[-] 2004-08-04 . 573EFF2DBCAFDA95587FBB9B71F88464 . 246272 . . [5.1.2600.2180] . . c:\Windows\system32\tapisrv.dll

[-] 2004-08-04 . 573EFF2DBCAFDA95587FBB9B71F88464 . 246272 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\tapisrv.dll

[-] 2008-04-14 . 54907DB28872A7A6D3EE2B4747A23828 . 579072 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\user32.dll

[-] 2004-08-04 . E0FF28447D1038DE106D1F2FDF851647 . 577536 . . [5.1.2600.2180] . . c:\Windows\system32\user32.dll

[-] 2004-08-04 . E0FF28447D1038DE106D1F2FDF851647 . 577536 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\user32.dll

[-] 2008-04-14 . A7EA40F680163808D96F89B4FF991876 . 26112 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\userinit.exe

[-] 2004-08-04 . 4CA695EC1EE4C7CF2144DFA00EA0E1F7 . 24576 . . [5.1.2600.2180] . . c:\Windows\system32\userinit.exe

[-] 2004-08-04 . 4CA695EC1EE4C7CF2144DFA00EA0E1F7 . 24576 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\userinit.exe

[-] 2010-04-16 . 64CB96D9C7F4ACBD1CFC6952885353AD . 669184 . . [6.00.2900.5969] . . c:\Windows\$hf_mig$\KB982381\SP3GDR\wininet.dll

[-] 2010-04-16 . 354E4C3993B9B841828EB1F5231EE30C . 670720 . . [6.00.2900.5969] . . c:\Windows\$hf_mig$\KB982381\SP3QFE\wininet.dll

[-] 2010-04-16 . 2057F34641A97E76BAB5618AA8B7BC40 . 664064 . . [6.00.2900.3698] . . c:\Windows\system32\wininet.dll

[-] 2010-04-16 . 2057F34641A97E76BAB5618AA8B7BC40 . 664064 . . [6.00.2900.3698] . . c:\Windows\system32\dllcache\wininet.dll

[-] 2010-04-16 . 3A9839645E1935CF024010556EFBFF6B . 670720 . . [6.00.2900.3698] . . c:\Windows\$hf_mig$\KB982381\SP2QFE\wininet.dll

[-] 2008-04-14 . DF6D0F37A71883BE3505DD517EB8AD83 . 668160 . . [6.00.2900.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\wininet.dll

[-] 2004-08-04 . 398A619CE60090303042D1F8CC68F712 . 658432 . . [6.00.2900.2180] . . c:\Windows\$NtUninstallKB982381$\wininet.dll

[-] 2008-04-14 . 1FA3C4B2D7E35176E65FB69AB597B0F0 . 82432 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ws2_32.dll

[-] 2004-08-04 . A5163442377D3C305BBFF612F80047D7 . 82944 . . [5.1.2600.2180] . . c:\Windows\system32\ws2_32.dll

[-] 2004-08-04 . A5163442377D3C305BBFF612F80047D7 . 82944 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\ws2_32.dll

[-] 2008-04-14 . 6832C2FB8F0D4E97B850BC6515A49633 . 19968 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ws2help.dll

[-] 2004-08-04 . D781E40EEBC31A3C6AF96769F16205B4 . 19968 . . [5.1.2600.2180] . . c:\Windows\system32\ws2help.dll

[-] 2004-08-04 . D781E40EEBC31A3C6AF96769F16205B4 . 19968 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\ws2help.dll

[-] 2008-04-14 . 064EC7FF5F58B928C3E119402977FA6D . 1035776 . . [6.00.2900.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\explorer.exe

[-] 2004-08-04 . FA61A19050AE14BEC1A26DE82390DD65 . 1034240 . . [6.00.2900.2180] . . c:\Windows\explorer.exe

[-] 2004-08-04 . FA61A19050AE14BEC1A26DE82390DD65 . 1034240 . . [6.00.2900.2180] . . c:\Windows\system32\dllcache\explorer.exe

[-] 2008-04-14 . 4DA89C78A5AC43DD98E7497324000378 . 1287168 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ole32.dll

[-] 2004-08-04 . C44792D0F3070F7959E4DC4F49380595 . 1281024 . . [5.1.2600.2180] . . c:\Windows\system32\ole32.dll

[-] 2004-08-04 . C44792D0F3070F7959E4DC4F49380595 . 1281024 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\ole32.dll

[-] 2008-04-14 . A380011155FA92E1B374D9EA7FFA20CD . 406016 . . [1.0420.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\usp10.dll

[-] 2004-08-04 . 96405954A94A3890670D2648FBF22CC8 . 406528 . . [1.0420.2600.2180] . . c:\Windows\system32\usp10.dll

[-] 2004-08-04 . 96405954A94A3890670D2648FBF22CC8 . 406528 . . [1.0420.2600.2180] . . c:\Windows\system32\dllcache\usp10.dll

[-] 2008-04-14 . 4423787F4261EE43B7341429AF0CBB77 . 171520 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\srsvc.dll

[-] 2004-08-04 . 0B1D7BF8EB2BC685D154CB925F3629CB . 171008 . . [5.1.2600.2180] . . c:\Windows\system32\srsvc.dll

[-] 2004-08-04 . 0B1D7BF8EB2BC685D154CB925F3629CB . 171008 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\srsvc.dll

[-] 2008-04-14 . 3DBE0D011E911AADFB6ED17EDC525066 . 13824 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\wscntfy.exe

[-] 2004-08-04 . EDE207E8FFBCB3909C078DCB60E29044 . 13824 . . [5.1.2600.2180] . . c:\Windows\system32\wscntfy.exe

[-] 2004-08-04 . EDE207E8FFBCB3909C078DCB60E29044 . 13824 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\wscntfy.exe

[-] 2008-04-14 . 568DF6E220B431A92B57C4C3BD97870D . 129024 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\xmlprov.dll

[-] 2004-08-04 . DA44ACE43CCA958C7917D5115FC4DDEF . 129536 . . [5.1.2600.2180] . . c:\Windows\system32\xmlprov.dll

[-] 2004-08-04 . DA44ACE43CCA958C7917D5115FC4DDEF . 129536 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\xmlprov.dll

[-] 2008-04-14 . A8CDC8DECE4735B86BBEF28460996C30 . 56320 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\eventlog.dll

[-] 2004-08-04 . BD18C87A4E1EA136C44D374296B981DC . 55808 . . [5.1.2600.2180] . . c:\Windows\system32\eventlog.dll

[-] 2004-08-04 . BD18C87A4E1EA136C44D374296B981DC . 55808 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\eventlog.dll

[-] 2008-04-14 . 698F9583D1EB213B09F12DD5826A46E2 . 1571840 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\sfcfiles.dll

[-] 2004-08-04 . 1DD4FC7EEE3A45257528A34FDF7BC689 . 1548288 . . [5.1.2600.2180] . . c:\Windows\system32\sfcfiles.dll

[-] 2004-08-04 . 1DD4FC7EEE3A45257528A34FDF7BC689 . 1548288 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\sfcfiles.dll

[-] 2008-04-14 . 4E486ADFE3A0B9ED0EB0639902E9F64F . 15360 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ctfmon.exe

[-] 2004-08-04 . F40BC97996B8E53799EEF1D63996674B . 15360 . . [5.1.2600.2180] . . c:\Windows\system32\ctfmon.exe

[-] 2004-08-04 . F40BC97996B8E53799EEF1D63996674B . 15360 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\ctfmon.exe

[-] 2008-04-14 . 8FB4E8C957C22458452EBE96C36F1D94 . 135168 . . [6.00.2900.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\shsvcs.dll

[-] 2004-08-04 . 5810EFAEA004B3824B0487ECCF2EA32E . 134656 . . [6.00.2900.2180] . . c:\Windows\system32\shsvcs.dll

[-] 2004-08-04 . 5810EFAEA004B3824B0487ECCF2EA32E . 134656 . . [6.00.2900.2180] . . c:\Windows\system32\dllcache\shsvcs.dll

[-] 2008-04-14 . 70870E16BA3E1B4336C53F483D67FF25 . 59904 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\regsvc.dll

[-] 2004-08-04 . D1F735C4079E58D016C1AA2227C28F47 . 59904 . . [5.1.2600.2180] . . c:\Windows\system32\regsvc.dll

[-] 2004-08-04 . D1F735C4079E58D016C1AA2227C28F47 . 59904 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\regsvc.dll

[-] 2008-04-14 . 9C2C97DF8224061D9F7EE18BCA61B02E . 193536 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\schedsvc.dll

[-] 2004-08-04 . C386259AFC206462679867D3ED464C1D . 192000 . . [5.1.2600.2180] . . c:\Windows\system32\schedsvc.dll

[-] 2004-08-04 . C386259AFC206462679867D3ED464C1D . 192000 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\schedsvc.dll

[-] 2008-04-14 . 4424AE68E670D1270F5026E1AF417933 . 71680 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ssdpsrv.dll

[-] 2004-08-04 . C6822E1A5DAFDC1F9CCF8CB7B455AB53 . 71680 . . [5.1.2600.2180] . . c:\Windows\system32\ssdpsrv.dll

[-] 2004-08-04 . C6822E1A5DAFDC1F9CCF8CB7B455AB53 . 71680 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\ssdpsrv.dll

[-] 2008-04-14 . 0F4DB70DCE17B9DC1A5D835B1A5EE469 . 296960 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\termsrv.dll

[-] 2004-08-04 . 23DFF6DAA7565CC5802E057A6B9F585E . 296960 . . [5.1.2600.2180] . . c:\Windows\system32\termsrv.dll

[-] 2004-08-04 . 23DFF6DAA7565CC5802E057A6B9F585E . 296960 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\termsrv.dll

[-] 2008-04-14 . 27683D3EE8FCB7E620B25C8A84B329D6 . 172032 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\appmgmts.dll

[-] 2004-08-04 . 2E131621557A6EF486FC86D738CBC8B6 . 172032 . . [5.1.2600.2180] . . c:\Windows\system32\appmgmts.dll

[-] 2004-08-04 . 2E131621557A6EF486FC86D738CBC8B6 . 172032 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\appmgmts.dll

[-] 2001-10-28 . EBD5CF43AD9526EAB9B2A15A54760EA9 . 11904 . . [5.1.2600.0] . . c:\Windows\system32\drivers\acpiec.sys

[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\aec.sys

[-] 2004-08-04 00:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\Windows\system32\dllcache\aec.sys

[-] 2004-08-04 00:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\Windows\system32\drivers\aec.sys

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ip6fw.sys

[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\ip6fw.sys

[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\Windows\system32\drivers\ip6fw.sys

[-] 2008-04-14 02:20 . DAE8EC624824A8AD8660C2EF5F1ECE0B . 927504 . . [4.1.0.61] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\mfc40u.dll

[-] 2001-10-28 18:06 . 168C72C281EC3BE3201AC95F42A577CF . 924432 . . [4.1.6140] . . c:\Windows\system32\mfc40u.dll

[-] 2001-10-28 18:06 . 168C72C281EC3BE3201AC95F42A577CF . 924432 . . [4.1.6140] . . c:\Windows\system32\dllcache\mfc40u.dll

[-] 2008-04-14 . 1DCE231F3E55B71B66AA0B7B8FD9BD97 . 33792 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\msgsvc.dll

[-] 2004-08-04 . 0B572FBB16E7E10D7DAB749CD390017C . 33792 . . [5.1.2600.2180] . . c:\Windows\system32\msgsvc.dll

[-] 2004-08-04 . 0B572FBB16E7E10D7DAB749CD390017C . 33792 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\msgsvc.dll

[-] 2008-04-14 02:20 . 60103CA5992F18B1EEF8D4511318C4B3 . 52736 . . [9.0.1.56] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\mspmsnsv.dll

[-] 2004-08-04 03:45 . 2E693831AF9D63784F96018CE4E41897 . 52736 . . [9.0.1.56] . . c:\Windows\system32\mspmsnsv.dll

[-] 2004-08-04 03:45 . 2E693831AF9D63784F96018CE4E41897 . 52736 . . [9.0.1.56] . . c:\Windows\system32\dllcache\mspmsnsv.dll

[-] 2010-02-17 . E82629C3A6FA6BD524A91A68E430C461 . 2067968 . . [5.1.2600.3670] . . c:\Windows\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe

[-] 2010-02-16 . 87D05BF79B9BF6352B0C13CC8020037B . 2062592 . . [5.1.2600.3670] . . c:\Windows\Driver Cache\i386\ntkrnlpa.exe

[-] 2010-02-16 . 87D05BF79B9BF6352B0C13CC8020037B . 2062592 . . [5.1.2600.3670] . . c:\Windows\system32\dllcache\ntkrnlpa.exe

[-] 2010-02-16 . FC992F26DA531CB100319A4103F05C7D . 2020864 . . [5.1.2600.3670] . . c:\Windows\system32\ntkrnlpa.exe

[-] 2010-02-16 . 1F54DE75A9C8EC46E9FB53C1890C9ED3 . 2071040 . . [5.1.2600.5938] . . c:\Windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe

[-] 2010-02-16 . E94AC126E7ADFD40DC4E38D2E91236D8 . 2071168 . . [5.1.2600.5938] . . c:\Windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe

[-] 2009-02-10 . DBAD62B9A518249C1A1408CF3AB9064A . 2070272 . . [5.1.2600.5755] . . c:\Windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe

[-] 2009-02-09 . 22557C1B42929B1C5A0A42541C668D5A . 2019840 . . [5.1.2600.3520] . . c:\Windows\$NtUninstallKB979683$\ntkrnlpa.exe

[-] 2009-02-09 . 9CFC9992BF7C7AFE6FF7E5DE76D74A5F . 2067200 . . [5.1.2600.3520] . . c:\Windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe

[-] 2009-02-09 . FF7FE874B6DA494303EE3DD9B97AB007 . 2070400 . . [5.1.2600.5755] . . c:\Windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe

[-] 2008-04-14 . F84054BFD1D688B901AD907499879BBD . 2070144 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ntkrnlpa.exe

[-] 2004-08-04 . 31DFE96B6B6FA4C9CA098CEAF21B29A5 . 2019328 . . [5.1.2600.2180] . . c:\Windows\$NtUninstallKB956572$\ntkrnlpa.exe

[-] 2008-04-14 02:20 . 209683D85036AAA4E4D8CA732FA51A2B . 437248 . . [5.1.2400.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ntmssvc.dll

[-] 2004-08-04 03:45 . BC0F28B3C2AB6ACDA3361721442E4CB7 . 437248 . . [5.1.2400.2180] . . c:\Windows\system32\ntmssvc.dll

[-] 2004-08-04 03:45 . BC0F28B3C2AB6ACDA3361721442E4CB7 . 437248 . . [5.1.2400.2180] . . c:\Windows\system32\dllcache\ntmssvc.dll

[-] 2008-04-14 . E3C0A6F5732C9E9B2BD2FD3D0AFCEB87 . 186368 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\upnphost.dll

[-] 2004-08-04 . 6E7F6BAEA10965B2065585149DC5E7E6 . 185344 . . [5.1.2600.2180] . . c:\Windows\system32\upnphost.dll

[-] 2004-08-04 . 6E7F6BAEA10965B2065585149DC5E7E6 . 185344 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\upnphost.dll

[-] 2008-04-14 . 24713AE49611471DF8924D5FF562883D . 367616 . . [5.3.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\dsound.dll

[-] 2004-08-04 . 583C0FB31E40883676779E09587620FF . 367616 . . [5.3.2600.2180] . . c:\Windows\system32\dsound.dll

[-] 2004-08-04 . 583C0FB31E40883676779E09587620FF . 367616 . . [5.3.2600.2180] . . c:\Windows\system32\dllcache\dsound.dll

[-] 2008-04-14 . 22DCF487731B84C57807F85E16044073 . 1689088 . . [5.03.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\d3d9.dll

[-] 2004-08-04 . 7994AEA92DAF7CC66098F0ECF5BDE4C1 . 1689088 . . [5.03.2600.2180] . . c:\Windows\system32\d3d9.dll

[-] 2004-08-04 . 7994AEA92DAF7CC66098F0ECF5BDE4C1 . 1689088 . . [5.03.2600.2180] . . c:\Windows\system32\dllcache\d3d9.dll

[-] 2008-04-14 . B948C29C72073A7B8C9D822C66F9FADA . 279552 . . [5.03.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ddraw.dll

[-] 2004-08-04 . 55D16097F68A7C961A570855CACFCCCA . 266240 . . [5.03.2600.2180] . . c:\Windows\system32\ddraw.dll

[-] 2004-08-04 . 55D16097F68A7C961A570855CACFCCCA . 266240 . . [5.03.2600.2180] . . c:\Windows\system32\dllcache\ddraw.dll

[-] 2008-04-14 02:20 . 30A6FA4B34A2EC96CDFE2BA3B69233C0 . 84992 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\olepro32.dll

[-] 2004-08-04 03:45 . 53878A6AB006A6FC63B3CFD2404B85A9 . 83456 . . [5.1.2600.2180] . . c:\Windows\system32\olepro32.dll

[-] 2004-08-04 03:45 . 53878A6AB006A6FC63B3CFD2404B85A9 . 83456 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\olepro32.dll

[-] 2008-04-14 . 84A41B2B978AB366873CDB289118786C . 40960 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\perfctrs.dll

[-] 2004-08-04 . 30B30692A5BC889429887F59ACDA1E8C . 40960 . . [5.1.2600.2180] . . c:\Windows\system32\perfctrs.dll

[-] 2004-08-04 . 30B30692A5BC889429887F59ACDA1E8C . 40960 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\perfctrs.dll

[-] 2008-04-14 . 5383E4C03D7AAE01AA653E756CF20D2E . 18944 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\version.dll

[-] 2004-08-04 . EDF655E907022DF8006221DFF1C2439A . 18944 . . [5.1.2600.2180] . . c:\Windows\system32\version.dll

[-] 2004-08-04 . EDF655E907022DF8006221DFF1C2439A . 18944 . . [5.1.2600.2180] . . c:\Windows\system32\dllcache\version.dll

[-] 2008-04-14 . 04CABAD69BE78EB9C03CD4346D776DA5 . 93184 . . [6.00.2900.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\iexplore.exe

[-] 2004-08-04 . 69E3202DCB3F4C432262100A2175BDD5 . 93184 . . [6.00.2900.2180] . . c:\Windows\system32\dllcache\iexplore.exe

[-] 2010-02-17 . 124F4EC97A7683D1A67B3AECFE258ABD . 2194176 . . [5.1.2600.5938] . . c:\Windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe

[-] 2010-02-16 . E3AB5BB31F1E60E3E1E6121A85CBE281 . 2185600 . . [5.1.2600.3670] . . c:\Windows\Driver Cache\i386\ntoskrnl.exe

[-] 2010-02-16 . 0821020298A361B905343CE80B5BE2A3 . 2141184 . . [5.1.2600.3670] . . c:\Windows\system32\ntoskrnl.exe

[-] 2010-02-16 . E3AB5BB31F1E60E3E1E6121A85CBE281 . 2185600 . . [5.1.2600.3670] . . c:\Windows\system32\dllcache\ntoskrnl.exe

[-] 2010-02-16 . BB99D86301E766593A9E7398B942DC89 . 2191104 . . [5.1.2600.3670] . . c:\Windows\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe

[-] 2010-02-16 . 8A47EB27E99109826F8A54BB64BE8131 . 2194304 . . [5.1.2600.5938] . . c:\Windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe

[-] 2009-02-10 . B0BF079AF000D97D8C043D1DFF08086D . 2193408 . . [5.1.2600.5755] . . c:\Windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe

[-] 2009-02-09 . 514F2B2055B58556ACCFEE763E14D78F . 2140160 . . [5.1.2600.3520] . . c:\Windows\$NtUninstallKB979683$\ntoskrnl.exe

[-] 2009-02-09 . AF8A3B4150C87E692E5CD27836BFA83D . 2190336 . . [5.1.2600.3520] . . c:\Windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe

[-] 2009-02-09 . C667CA055AA4E24A0733061282276AA5 . 2193280 . . [5.1.2600.5755] . . c:\Windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe

[-] 2008-04-14 . 185F6C64734019E7E9F626E53CC37FB4 . 2193280 . . [5.1.2600.5512] . . c:\Windows\SoftwareDistribution\Download\f7670e43b3c19680acdc044a1fbe993f\ntoskrnl.exe

[-] 2004-08-04 . 91448D27F6DFAF50DD1D5FD3D8C1F3BD . 2152448 . . [5.1.2600.2180] . . c:\Windows\$NtUninstallKB956572$\ntoskrnl.exe

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\arquivos de programas\Arquivos comuns\Ahead\lib\NMBgMonitor.exe" [2006-03-01 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\Windows\system32\igfxtray.exe" [2008-02-15 135168]

"HotKeysCmds"="c:\Windows\system32\hkcmd.exe" [2008-02-15 159744]

"Persistence"="c:\Windows\system32\igfxpers.exe" [2008-02-15 131072]

"HDAudDeck"="c:\arquivos de programas\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-09-25 33517568]

"avast5"="c:\arquiv~1\ALWILS~1\Avast5\avastUI.exe" [2010-01-19 2743104]

"HPUsageTracking"="c:\arquivos de programas\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576]

"Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]

c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\

Microsoft Office.lnk - c:\arquivos de programas\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows nt\currentversion\winlogon\notify\ GbPluginBb]

2010-10-25 10:59 342816 ----a-w- c:\arquivos de programas\GbPlugin\gbieh.dll

[HKEY_LOCAL_MACHINE\software\Microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-09-21 02:07 932288 ----a-r- c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\Microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2006-01-12 17:40 155648 ----a-w- c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Documents and Settings\\iarh\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=

"c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=

"c:\\Windows\\system32\\spool\\drivers\\w32x86\\3\\HP1006MC.EXE"=

"c:\\Windows\\system32\\spool\\drivers\\w32x86\\3\\HP1005MC.EXE"=

R0 GbpKm;Gbp KernelMode;c:\Windows\system32\drivers\gbpkm.sys [6/9/2010 17:52 45472]

R1 aswSP;aswSP;c:\Windows\system32\drivers\aswSP.sys [20/1/2010 10:59 162640]

R2 aswFsBlk;aswFsBlk;c:\Windows\system32\drivers\aswFsBlk.sys [20/1/2010 10:59 19024]

R2 GbpSv;Gbp Service;c:\arquiv~1\GbPlugin\GbpSv.exe [6/9/2010 17:52 55072]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\Windows\system32\drivers\viahduaa.sys [20/1/2010 10:55 874880]

.

Conteúdo da pasta 'Tarefas Agendadas'

2010-11-30 c:\Windows\Tasks\OGALogon.job

- c:\Windows\system32\OGAEXEC.exe [2009-08-03 17:07]

2010-11-30 c:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job

- c:\Windows\Wpujaa.exe [2010-11-30 11:05]

.

.

------- Scan Suplementar -------

.

uStart Page = about:blank

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office10\EXCEL.EXE/3000

DPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} - hxxps://cpne.bradesco.com.br/certifexp.cab

DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - hxxps://www14.bancobrasil.com.br/plugin/GbpDist.cab

FF - ProfilePath - c:\documents and settings\iarh\Dados de aplicativos\Mozilla\Firefox\Profiles\aoy49wgr.default\

FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\arquivos de programas\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-11-30 10:59

Windows 5.1.2600 Service Pack 2 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

HDAudDeck = c:\arquivos de programas\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????????????

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

**************************************************************************

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'winlogon.exe'(540)

c:\arquivos de programas\GbPlugin\gbieh.dll

- - - - - - - > 'explorer.exe'(3972)

c:\arquivos de programas\GbPlugin\gbieh.dll

c:\arquivos de programas\Scpad\scpLIB.dll

c:\arquivos de programas\Scpad\scpMIB.dll

c:\arquivos de programas\Scpad\sshib.dll

.

------------------------ Outros Processos em Execução ------------------------

.

c:\arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

c:\arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe

c:\Windows\System32\spool\DRIVERS\W32X86\3\HP1005MC.EXE

c:\Windows\system32\wscntfy.exe

c:\Windows\system32\igfxsrvc.exe

.

**************************************************************************

.

Tempo para conclusão: 2010-11-30 11:03:06 - Máquina reiniciou

ComboFix-quarantined-files.txt 2010-11-30 13:03

Pré-execução: 8 pasta(s) 98.021.113.856 bytes disponíveis

Pós execução: 9 pasta(s) 98.575.945.728 bytes disponíveis

WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\Windows

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\Windows="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 337B0674097D7FA40300FF4B3D5FC215

Compartilhar este post


Link para o post
Compartilhar em outros sites

Baixe o Malwarebytes' Anti-Malware (MBAM) ou aqui.

Salve ou imprima estas instruções:

Dê um duplo-clique no mbam-setup.exe, escolha a linguagem e na instalação, aceite todas as opções padrão.

Verifique se as caixas Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware estão marcadas e clique então, em Concluir.

Se houver atualizações a serem feitas, serão baixadas e instaladas.

Ao final da atualização, com o programa aberto, marque Verificação Rápida e clique no botão Verificar.

Começará então o exame. Aguarde, pois pode demorar.

Ao acabar o exame, clique em OK, depois no botão Mostrar Resultados para ver o relatório.

Se houver ítens encontrados, certifique-se de que, estão todos marcados e clique no botão Remover.

Ao final da desinfecção, abrirá o Bloco de notas com um Log e poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)

O Log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Logs na janela principal do Programa.

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar

Selecione, copie e cole o conteúdo do Log do MBAM na sua próxima resposta + um novo Log do HijackThis .


assinatura-mrmillion.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisar ser um membro para fazer um comentário

Criar uma conta

Quer postar a sua dúvida? Cadastre-se pois é rápido e fácil!


Crie uma nova conta

Entrar

Já tem uma conta? Faça o login.


Entrar Agora
Esse tópico é útil para você?
Então compartilhe e ajude outros internautas!
Entre para seguir isso  
Seguidores 0

  • Vídeos do BABOO no YouTube

  • Posts

    • Ótimo, muito bom!! Continuando.. 1. Desabilite o seu Antivírus e AntiSpyware para não haver conflitos e Mantenha-os desativados até terminar as instruções. 2. Faça download do Zoek e execute-o. 3. Copie as linhas abaixo (selecione-as e tecle CTRL+C) e cole (CTRL+V) no espaço do Zoek: createsrpoint;
      autoclean;
      resetieproxy;
      resethosts;
      iedefaults;
      chrdefaults;
      emptyCHRcache;
      ffdefaults;
      firefoxlook;
      emptyalltemp;
      shortcutfix; 4. Feche todos os navegadores e clique em Run Script: Durante o Scan a mensagem abaixo será apresentada. Seja paciente e aguarde o término da execução do script pois a análise pode demorar alguns minutos.. 5. Caso seja solicitada a reinicialização do computador, faça isso clicando em OK 6.  O Zoek abrirá uma janela com o resultado da análise. Poste o conteúdo dessa janela e também um novo Log do HijackThis.
    • # AdwCleaner v6.047 - Logfile created 27/05/2017 at 15:08:49
      # Updated on 19/05/2017 by Malwarebytes
      # Database : 2017-05-26.6 [Server]
      # Operating System : Windows 10 Pro  (X64)
      # Username : Lucas - LUCAS
      # Running from : C:\Users\Lucas\Downloads\AdwCleaner.exe
      # Mode: Clean
      # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Lucas\AppData\Local\YSearchUtil
      [-] Folder deleted: C:\Users\Lucas\AppData\LocalLow\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
      [-] Folder deleted: C:\_acestream_cache_
      [-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
      ***** [ Files ] ***** [-] File deleted: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi
      ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** [-] Shortcut disinfected: C:\Users\Public\Desktop\Google Chrome.lnk
      [-] Shortcut disinfected: C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Kerbal Space Program.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
      ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Classes\acestream
      [#] Key deleted on reboot: HKCU\Software\Classes\acestream
      [#] Key deleted on reboot: [x64] HKCU\Software\Classes\acestream
      [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Conduit
      [#] Key deleted on reboot: HKCU\Software\Conduit
      [-] Key deleted: HKLM\SOFTWARE\Conduit
      [#] Key deleted on reboot: [x64] HKCU\Software\Conduit
      ***** [ Web browsers ] ***** [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Deleted: yhs
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [startup_urls] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D7%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [homepage] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D1%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      ************************* :: "Tracing" keys deleted
      :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [3928 Bytes] - [27/05/2017 15:08:49]
      C:\AdwCleaner\AdwCleaner[S0].txt - [4072 Bytes] - [27/05/2017 15:05:34] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4074 Bytes] ##########
        # AdwCleaner v6.047 - Logfile created 27/05/2017 at 15:08:49
      # Updated on 19/05/2017 by Malwarebytes
      # Database : 2017-05-26.6 [Server]
      # Operating System : Windows 10 Pro  (X64)
      # Username : Lucas - LUCAS
      # Running from : C:\Users\Lucas\Downloads\AdwCleaner.exe
      # Mode: Clean
      # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Lucas\AppData\Local\YSearchUtil
      [-] Folder deleted: C:\Users\Lucas\AppData\LocalLow\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
      [-] Folder deleted: C:\_acestream_cache_
      [-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
      ***** [ Files ] ***** [-] File deleted: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi
      ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** [-] Shortcut disinfected: C:\Users\Public\Desktop\Google Chrome.lnk
      [-] Shortcut disinfected: C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Kerbal Space Program.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
      ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Classes\acestream
      [#] Key deleted on reboot: HKCU\Software\Classes\acestream
      [#] Key deleted on reboot: [x64] HKCU\Software\Classes\acestream
      [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Conduit
      [#] Key deleted on reboot: HKCU\Software\Conduit
      [-] Key deleted: HKLM\SOFTWARE\Conduit
      [#] Key deleted on reboot: [x64] HKCU\Software\Conduit
      ***** [ Web browsers ] ***** [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Deleted: yhs
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [startup_urls] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D7%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [homepage] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D1%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      ************************* :: "Tracing" keys deleted
      :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [3928 Bytes] - [27/05/2017 15:08:49]
      C:\AdwCleaner\AdwCleaner[S0].txt - [4072 Bytes] - [27/05/2017 15:05:34] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4074 Bytes] ##########   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.3 (04.10.2017)
      Operating System: Windows 10 Pro x64 
      Ran by Lucas (Administrator) on Sat 05/27/2017 at 15:13:09.12
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      File System: 0 
      Registry: 0  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on Sat 05/27/2017 at 15:18:53.51
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~     Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 3:23:19 PM, on 5/27/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.14393.0953)
      Boot mode: Normal Running processes:
      C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      C:\Users\Lucas\Downloads\HijackThis (1).exe
      C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
      O1 - Hosts: ::1 tutorial2
      O1 - Hosts: ::1 test2
      O1 - Hosts: ::1 Projetos
      O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
      O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
      O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
      O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
      O4 - HKLM\..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [Chromium] "c:\users\lucas\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
      O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
      O4 - HKCU\..\Run: [Discord] C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
      O4 - HKCU\..\Run: [PokerStrategy.com SideKick] "C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStrategy.com\PokerStrategy.com SideKick.appref-ms"
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
      O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
      O8 - Extra context menu item: Enviar imagem para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Enviar página para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
      O8 - Extra context menu item: Send image to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Send page to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra button: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
      O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
      O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
      O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: Disc Soft Pro Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
      O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
      O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
      O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
      O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
      O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
      O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
      O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
      O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
      O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
      O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --
      End of file - 14181 bytes
         
    • digite winver no executar e poste sua versão do windows 10... Sua conta tem poderes de administrador? Se possivel poste imagem com o problema por favor...
    • 1. Desabilite o seu Antivírus e AntiSpyware para não haver conflitos e Mantenha-os desativados até terminar as instruções. 2. Faça download do AdwCleaner e salve-o na sua Área de Trabalho (desktop) 3. Execute o adwcleaner.exe Usuários do Windows 7, 8.1 ou 10: clique com o botão direito do mouse no ícone do adwcleaner.exe e selecione   4. Clique no botão Verificar e depois em Limpar 5. Salve o Log criado 6. Faça download do JRT (Junkware Removal Tool) e salve-o na sua Área de Trabalho 7. Dê um duplo-clique no arquivo JRT para executá-lo Usuários do Windows 7, 8.1 ou 10: clique com o botão direito do mouse no ícone do JRT.exe e selecione   8. O JRT começará o exame do seu Sistema. Tenha paciência pois pode demorar alguns minutos dependendo da quantidades de itens examinados 9. No final um novo arquivo JRT.txt aparecerá na sua Área de Trabalho e uma janela se abrirá com o conteúdo deste arquivo (log do JRT) 10. Selecione todo o conteúdo desse log (tecle CTRL+A), copie-o (CTRL+C) e cole-o (CTRL+V) na sua próxima resposta juntamente com o Log do AdwCleaner (item 5 acima) e o novo log do HijackThis
    • Estou com o mesmo problema, meu notbook n está carregando, porém eu coloco a bateria em outro computador e carrega normalmente. Mas quando coloco pra carregar no meu not, funciona normal se tiver com carga, mas n carrega. Mesmo com luzinha ligada e com a mensagem de que está carregando
    • Ok, desculpa novamente. Já editei e tirei da citação.
    • É só copiar os Logs clicar em Responder logo abaixo e os colar na sua resposta
    • Desculpe, acho que confundi quando li as instrucões de postagem.
    • ??????????????????????????????????
    • Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 1:19:15 PM, on 5/27/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.14393.0953)
      Boot mode: Normal Running processes:
      C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
      C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      C:\Program Files (x86)\Hotkey\Hotkey.exe
      C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      C:\Users\Lucas\Downloads\HijackThis (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
      O1 - Hosts: ::1 tutorial2
      O1 - Hosts: ::1 test2
      O1 - Hosts: ::1 Projetos
      O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
      O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
      O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
      O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
      O4 - HKLM\..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [Chromium] "c:\users\lucas\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
      O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
      O4 - HKCU\..\Run: [Discord] C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
      O4 - HKCU\..\Run: [PokerStrategy.com SideKick] "C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStrategy.com\PokerStrategy.com SideKick.appref-ms"
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
      O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
      O8 - Extra context menu item: Enviar imagem para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Enviar página para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
      O8 - Extra context menu item: Send image to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Send page to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra button: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
      O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
      O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
      O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: Disc Soft Pro Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
      O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
      O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
      O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
      O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
      O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
      O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
      O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
      O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
      O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
      O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --
      End of file - 14579 bytes     Malwarebytes
      www.malwarebytes.com -Log Details-
      Scan Date: 5/27/17
      Scan Time: 12:47 PM
      Log File: 
      Administrator: Yes -Software Information-
      Version: 3.1.2.1733
      Components Version: 1.0.122
      Update Package Version: 1.0.2032
      License: Trial -System Information-
      OS: Windows 10
      CPU: x64
      File System: NTFS
      User: LUCAS\Lucas -Scan Summary-
      Scan Type: Threat Scan
      Result: Completed
      Objects Scanned: 514331
      Threats Detected: 0
      (No malicious items detected)
      Threats Quarantined: 0
      (No malicious items detected)
      Time Elapsed: 30 min, 13 sec -Scan Options-
      Memory: Enabled
      Startup: Enabled
      Filesystem: Enabled
      Archives: Enabled
      Rootkits: Enabled
      Heuristics: Enabled
      PUP: Disabled
      PUM: Disabled -Scan Details-
      Process: 0
      (No malicious items detected) Module: 0
      (No malicious items detected) Registry Key: 0
      (No malicious items detected) Registry Value: 0
      (No malicious items detected) Registry Data: 0
      (No malicious items detected) Data Stream: 0
      (No malicious items detected) Folder: 0
      (No malicious items detected) File: 0
      (No malicious items detected) Physical Sector: 0
      (No malicious items detected)
      (end)  
O site BABOO está no ar para informar e ajudar o internauta de Windows. Este site foi publicado em 1999 por Aurélio "Baboo", engenheiro e um dos maiores especialistas brasileiros em Windows, que trabalha profissionalmente com esse sistema operacional desde 1987. Desde 2004 ele é premiado anualmente pela Microsoft como MVP (Most Valuable Professional) pela sua contribuição e ajuda à comunidade de usuários de Windows.

Em 2001 foi criado o
Fórum do BABOO para ajudar o internauta brasileiro a solucionar problemas e dúvidas sobre Windows, Segurança, Office, Hardware e outros temas. Desde 2010 a Microsoft também tem premiado o Mr.Million, administrador da área de Segurança do Fórum do BABOO, pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Atualmente ele é o único MVP brasileiro de Segurança em desktop.

O BABOO é o único site brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows e que participa diariamente e ativamente nos comentários e discussões do site e fórum BABOO.