Conteúdo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Fundo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Desenho: Liso Onda Linha Retalho Madeira Rocha Couro Colméia Vertical Triângulo
Bem-vindo ao Fórum do BABOO!

Desde 2000 o Fórum do BABOO tem ajudado milhões de internautas de Windows a resolverem seus problemas e dúvidas, além de ajudar na remoção de vírus e malwares de seus computadores. Somos o único fórum brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows, então se você tem uma dúvida ou problema que nenhum outro fórum resolve, poste-a aqui pois o MVP Babooadora desafios!
  

O Fórum do BABOO também conta com a participação exclusiva do administrador da área de Segurança MVP Mr.Million que tem reconhecimento internacional da Microsoft pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Se o seu computador está infectado por algum vírus, ele te ajudará a removê-lo!
  

Nosso time de especialistas também inclui Patropi  Osvaldomp  Caze  Ciro-Mota  XERLOUCO ROUMS  Tatha que responderão suas dúvidas sobre diversos assuntos.
 

Participe da nossa comunidade! 

 

Entre para seguir isso  
Seguidores 0
jrata

Computador travando

11 posts neste tópico

Solicitação de Análise de Logs

 

Já realizei todos os procedimeto solicitados.

Passei também o Malwarebytes.

Meu computador está travando muito e a barra de ferramentas some ou fica sem acesso.

Seguem os logs para análise:

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:02:23, on 08/02/2013
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal
 
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\System32\slui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Visagesoft\eXPert PDF 5\vspdfprsrv.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\MILTON VILELA 3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MILTON VILELA 3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MILTON VILELA 3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MILTON VILELA 3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MILTON VILELA 3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
C:\Users\MILTON VILELA 3\Downloads\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ig.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files\Scpad\scpsssh2.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll
O2 - BHO: G-Buster Browser Defense Sicredi - {C41A1C0E-EA6C-11D4-B1B8-444553540011} - C:\Program Files\GbPlugin\gbiehscd.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Chew7Hale] "C:\Windows\System32\hale.exe" /nolog
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF 5\vspdfprsrv.exe --background
O4 - HKCU\..\Run: [Google Update] "C:\Users\MILTON VILELA 3\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\MILTON VILELA 3\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - Global Startup: HP Digital Imaging Monitor.lnk = HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: http://cmt.caixa.gov.br
O15 - Trusted Zone: ibpj.sicredi.com.br
O15 - Trusted Zone: si-plg.sicredi.com.br
O15 - Trusted Zone: www.sicredi.com.br
O15 - Trusted Zone: internet.sicreditotal.com.br
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://si-plg.sicredi.com.br/Cab/GbpDist.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com//activex/ractrl.cab?lmi=1007
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll
O20 - Winlogon Notify:  GbPluginScd - C:\Program Files\GbPlugin\gbiehScd.dll
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files\Scpad\scpLIB.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! antivírus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Gbp Service (GbpSv) -   - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: scpVista - Banco Bradesco S.A. - C:\Program Files\Scpad\scpVista.exe
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
 
--
End of file - 10028 bytes
 
 
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
 
Versão da Base de Dados:  v2013.02.08.06
 
Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
MILTON VILELA 3 :: MILTONVILELA3 [administrador]
 
08/02/2013 14:48:57
mbam-log-2013-02-08 (14-48-57).txt
 
Tipo de Verificação:  Verificação Rápida 
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos  | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados:  223916
Tempo decorrido: 6 minuto(s), 55 segundo(s)
 
Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
 
Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
 
Chaves de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
 
Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
 
Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
 
Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)
 
Arquivos Detectados: 0
(Não foram detectados ítens maliciosos)
 
(fim)
 
 
Obrigado.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desabilite o seu Antivírus, AntiSpyware e Firewall para não haver conflitos. Mantenha-os desativados até terminar as instruções.

Download ComboFix

Salve no seu Desktop ( Para que a Ferramenta seja executada corretamente é necessário que esteja no Desktop (Área de trabalho)

Feche todas as janelas e programas.

É necessário estar conectado durante o procedimento com o ComboFix;

Execute o combofix.exe, tecle "Sim" para prosseguir. Aguarde, pois é um pouco demorado.

OBS: Caso não queira que seja instalado o Console de Recuperação do Windows, clique em "Não" e depois concorde para que a verificação prossiga.

Ao ser instalado o Console, na Inicialização do Sistema será apresentada a tela para Seleção dos Sistemas Operacionais.

Mais informações sobre o Console: http://support.micro...kb/307654/pt-br

O ComboFix reiniciará o PC automaticamente para completar o processo de remoção. Caso isso não aconteça, reinicie manualmente.

Quando acabar, será gerado um Log, que estará em C:\ComboFix.txt. Selecione, copie e cole o conteúdo do ComboFix.txt na sua próxima resposta + um novo Log do HijackThis .

IMPORTANTE: Não use o mouse nem o teclado quando o ComboFix estiver rodando. Para parar ou sair do ComboFix, tecle "N".

OBS 2: Não execute o ComboFix mais do que uma vez. Isso irá sobreescrever o Log e dificultará a remoção do(s) malware(s)

Caso ocorra algum erro, reinicie o computador em Modo Seguro (pressione a tecla F8 intermitentemente, ou F5 em alguns casos, durante a inicialização) e repita o procedimento.



MVP Mr.Million

Compartilhar este post


Link para o post
Compartilhar em outros sites

Quando executo o Combofix, aparece a seguinte janela com a mensagem, para pressionar OK:

 

Warning!

Do not run Combofix in Compatibility Mode.

Doing so may damage the machine.

Editado por Mr.Million

Compartilhar este post


Link para o post
Compartilhar em outros sites

Para o seu Post não ficar muito extenso, saindo a citação do meu post, não use o Responder do post, use o Editor que fica abaixo no tópico ou clique em Editor Completo.

Download o Kaspersky Virus Removal Tool.

Você será conduzido a uma página da Kaspersky, solicitando um email para cadastro, nome e sobrenome. Somente o campo "email" é obrigatório.

Informe seu email depois clique no botão Submit Form.

A página será recarregada. Clique no botão Download

Salve-o em sua Área de trabalho.

Duplo clique no arquivo "setup" e aguarde a instalação;

Na próxima tela marque I accept the licence agreement e clique em Start

Clique no botão f4uZX.png e marque:

  • Meu Computador
  • Disco local (C:) (a letra do disco local pode variar)
Clique em Actions e marque os dois quadros ( se já não estiverem marcados):

Zqewdl.jpg

- Clique na aba Automatic Scan e aguarde o término da verificação.

- Clique no botão AouIc.png, em Detected threats e no botão "Save".

- Copie o conteúdo do arquivo salvo (se houver algo detectado) e poste na sua próxima resposta.



MVP Mr.Million

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite.

 

Não estou conseguindo executar o Kaspersky.

Em 2 horas, trava em 4% e não progride.

Desativei o meu antivírus, o firewall, mas não adiantou.

O Kaspersky que consegui baixar foi o 10, porque o 11, dá erro de página.

 

Obrigado.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:19:37, on 10/02/2013

Platform: Windows 7  (WinNT 6.00.3504)

MSIE: Internet Explorer v9.00 (9.00.8112.16448)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Windows\System32\hale.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Visagesoft\eXPert PDF 5\vspdfprsrv.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Windows\System32\cmd.exe

C:\Windows\system32\conhost.exe

C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe

C:\Users\MILTON VILELA 3\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\MILTON VILELA 3\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\MILTON VILELA 3\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\MILTON VILELA 3\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\MILTON VILELA 3\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\MILTON VILELA 3\Downloads\HijackThis.exe

C:\Windows\system32\cmd.exe

C:\Users\MILTON VILELA 3\AppData\Local\Temp\A10F.tmp\crc32.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ig.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896


R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files\Scpad\scpsssh2.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll

O2 - BHO: G-Buster Browser Defense Sicredi - {C41A1C0E-EA6C-11D4-B1B8-444553540011} - C:\Program Files\GbPlugin\gbiehscd.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [Chew7Hale] "C:\Windows\System32\hale.exe" /nolog

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF 5\vspdfprsrv.exe --background

O4 - HKCU\..\Run: [Google Update] "C:\Users\MILTON VILELA 3\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\MILTON VILELA 3\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO

O4 - Global Startup: HP Digital Imaging Monitor.lnk = HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: www.bancobrasil.com.br

O15 - Trusted Zone: www14.bancobrasil.com.br

O15 - Trusted Zone: www2.bancobrasil.com.br

O15 - Trusted Zone: www.bb.com.br

O15 - Trusted Zone: http://cmt.caixa.gov.br

O15 - Trusted Zone: ibpj.sicredi.com.br

O15 - Trusted Zone: si-plg.sicredi.com.br

O15 - Trusted Zone: www.sicredi.com.br

O15 - Trusted Zone: internet.sicreditotal.com.br

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://si-plg.sicredi.com.br/Cab/GbpDist.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com//activex/ractrl.cab?lmi=1007

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - Winlogon Notify:  GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll

O20 - Winlogon Notify:  GbPluginScd - C:\Program Files\GbPlugin\gbiehScd.dll

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files\Scpad\scpLIB.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Unknown owner - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: avast! antivírus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe

O23 - Service: Gbp Service (GbpSv) -   - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe

O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe

O23 - Service: scpVista - Banco Bradesco S.A. - C:\Program Files\Scpad\scpVista.exe

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

 

--

End of file - 9921 bytes

 

 

Não consegui postar o log do Norman, mas ele achou 17 supostas infecções.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Para o seu Post não ficar muito extenso, saindo a citação do meu post, não use o "Citar" do post, use o Editor que fica abaixo no tópico ou clique em Editor Completo.

Desabilite o seu Antivírus, AntiSpyware e Firewall para não haver conflitos. Mantenha-os desativados até terminar as instruções

Download bouton-telecharger.png Salve-o no Desktop. (Área de Trabalho)

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista ou do Windows 7, clicar com o botão direito do mouse no arquivo e selecionar:Executar como administrador

AdwCleanerCustom-1.jpg

Clique [Delete]

Salve o Log criado.

Donload 1268r49.png Salve no seu Desktop (Área de trabalho).

Dê um duplo-clique para executar o Junkware Removal Tool (JRT)

* No Windows Vista e Windows 7:

Clique com o botão direito do mousesobre o JRT.exe e selecione run_as_adm1.png

A Ferramenta começará o exame do seu Sistema. Tenha paciência pois pode demorar um pouco, dependendo da quantidades de ítens a serem examinados.

Ao final, um Log se abrirá e salvo no Desktop com o nome de JRT.txt.

Selecione, copie e cole o conteúdo deste Log na sua próxima resposta + o Log do AdwCleaner e um novo Log do HijackThis.



MVP Mr.Million

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde.

 

Seguem os logs solicitados:

 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:30:06, on 13/02/2013
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal
 
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\PROGRA~1\GbPlugin\GbpSv.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\hale.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Visagesoft\eXPert PDF 5\vspdfprsrv.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\cmd.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\HPSIsvc.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Scpad\scpVista.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_168_ActiveX.exe
C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\explorer.exe
C:\Windows\system32\notepad.exe
C:\Users\MILTON VILELA 3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MILTON VILELA 3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MILTON VILELA 3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MILTON VILELA 3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MILTON VILELA 3\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\MILTON VILELA 3\Downloads\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ig.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files\Scpad\scpsssh2.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll
O2 - BHO: G-Buster Browser Defense Sicredi - {C41A1C0E-EA6C-11D4-B1B8-444553540011} - C:\Program Files\GbPlugin\gbiehscd.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Chew7Hale] "C:\Windows\System32\hale.exe" /nolog
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF 5\vspdfprsrv.exe --background
O4 - HKCU\..\Run: [Google Update] "C:\Users\MILTON VILELA 3\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\MILTON VILELA 3\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: http://cmt.caixa.gov.br
O15 - Trusted Zone: ibpj.sicredi.com.br
O15 - Trusted Zone: si-plg.sicredi.com.br
O15 - Trusted Zone: www.sicredi.com.br
O15 - Trusted Zone: internet.sicreditotal.com.br
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://si-plg.sicredi.com.br/Cab/GbpDist.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com//activex/ractrl.cab?lmi=1007
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll
O20 - Winlogon Notify:  GbPluginScd - C:\Program Files\GbPlugin\gbiehScd.dll
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files\Scpad\scpLIB.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! antivírus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Gbp Service (GbpSv) -   - C:\PROGRA~1\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: scpVista - Banco Bradesco S.A. - C:\Program Files\Scpad\scpVista.exe
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
 
--
End of file - 12069 bytes
 
 
# AdwCleaner v2.112 - Relatório criado em 13/02/2013 às 17:03:51
# Atualizado em 10/02/2013 por Xplode
# Sistema Operacional : Windows 7 Ultimate  (32 bits)
# Usuário : MILTON VILELA 3 - MILTONVILELA3
# Modo de Boot : Normal
# Executado de : C:\Users\MILTON VILELA 3\Desktop\adwcleaner0.exe
# Opção [Remover]
 
 
***** [serviços] *****
 
 
***** [Arquivos/Pastas] *****
 
Arquivo Removido : C:\Users\MILTON VILELA 3\AppData\Local\funmoods-speeddial.crx
 
***** [Registro] *****
 
Chave Removida : HKCU\Software\InstallCore
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Chave Removida : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Chave Removida : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Chave Removida : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32
Chave Removida : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS
 
***** [Navegadores] *****
 
-\\ Internet Explorer v9.0.8112.16448
 
Substituído : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEtD0Azy0BtA0BtA0F0FyCtN0D0Tzu0StByEtCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=501509553 --> hxxp://www.google.com
 
-\\ Google Chrome v24.0.1312.57
 
Arquivo : C:\Users\MILTON VILELA 3\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
Removida [l.14] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/home?affID=17265&tt=3012_2", "ab[...]
Removida [l.2221] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/home?affID=17265&tt=3012_2", "about[...]
 
*************************
 
AdwCleaner[s1].txt - [2171 octets] - [13/02/2013 17:03:51]
 
########## EOF - C:\AdwCleaner[s1].txt - [2231 octets] ##########
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.3 (02.12.2013:1)
OS: Windows 7 Ultimate x86
Ran by MILTON VILELA 3 on 13/02/2013 at 17:23:46,19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\Internet Explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\Internet Explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\Internet Explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/02/2013 at 17:26:16,34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
Obrigado.

Compartilhar este post


Link para o post
Compartilhar em outros sites

O PC ainda não está lá grande coisa, mas melhorou um pouco.

Quando tiver um tempo vou formatá-lo.

Agradeço a atenção.

 

Obrigado.

Editado por jrata

''

Compartilhar este post


Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisar ser um membro para fazer um comentário

Criar uma conta

Quer postar a sua dúvida? Cadastre-se pois é rápido e fácil!


Crie uma nova conta

Entrar

Já tem uma conta? Faça o login.


Entrar Agora
Esse tópico é útil para você?
Então compartilhe e ajude outros internautas!
Entre para seguir isso  
Seguidores 0

  • NOVIDADES DO SITE BABOO

  • Posts

    • Utilizando: Windows 10 Home Single 1607 64bits Office Pro Plus 2013 >>> Estava criando um documento (em .docx) a partir de vários outros docs que tenho. Inclui um rodapé numerado. Tudo estava ok até a página 30 quando algumas páginas depois percebi que a visualização da numeração tinha sido interrompida em uma pág e recomeçado em outra. Como recupero a sequência?
    • Opa Proberio, cursos tem muitos por ai, mais bons mesmo, como você já deve saber são poucos. Estou fazendo um curso que estou achando muito bom. A didática do professor é muito boa. Ensina muitas coisas do básico ao avançado. Dê uma conferida em http://www.notebooksemsegredo.com.br/ e veja o que acha. Eu to achando esse curso ótimo. Ensina coisas como Regravação de BIOS e BGA, entre outros assuntos que não é comum de encontrar por ai. Até mais,
    • MBRScan v1.1.1 OS             : Windows 8  (64 bit) PROCESSOR      : Intel64 Family 6 Model 58 Stepping 9, GenuineIntel BOOT           : Normal Boot DATE           : 2017/02/27 (ISO 8601) at 09:38:58 ________________________________________________________________________________ Device\Harddisk0\DR0    931.5 Go  [Fixed] ==> Unknown MBR Code ==> PARTITION TABLE FAKED !! MBR_MD5   : CC5302A24F97C64E4622A8B0E560C656 MBR_SHA1  : 47626CEB20ABB6FCD62897A2EA76BD5A2F785B6E Device\Harddisk0\Partition1    2.00 To      0xEE EFI GPT[1]  ________________________________________________________________________________ ############################### Additional scan ################################ DRIVER  : C:\Windows\system32\ntoskrnl.exe => Invisible on the disk ADDRESS : 0xE9A78000 SIZE    : 8.13 Mo DRIVER  : C:\Windows\system32\hal.dll => Invisible on the disk ADDRESS : 0xE9A03000 SIZE    : 468.0 Ko DRIVER  : C:\Windows\system32\kd.dll => Invisible on the disk ADDRESS : 0xE89ED000 SIZE    : 44.0 Ko DRIVER  : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk ADDRESS : 0xDCCD0000 SIZE    : 568.0 Ko DRIVER  : C:\Windows\System32\drivers\werkernel.sys => Invisible on the disk ADDRESS : 0xDCD60000 SIZE    : 64.0 Ko DRIVER  : C:\Windows\System32\drivers\CLFS.SYS => Invisible on the disk ADDRESS : 0xDCD70000 SIZE    : 396.0 Ko DRIVER  : C:\Windows\System32\drivers\tm.sys => Invisible on the disk ADDRESS : 0xDC600000 SIZE    : 148.0 Ko DRIVER  : C:\Windows\System32\drivers\FLTMGR.SYS => Invisible on the disk ADDRESS : 0xDC660000 SIZE    : 392.0 Ko DRIVER  : C:\Windows\System32\drivers\msrpc.sys => Invisible on the disk ADDRESS : 0xDC6D0000 SIZE    : 372.0 Ko DRIVER  : C:\Windows\System32\drivers\ksecdd.sys => Invisible on the disk ADDRESS : 0xDC730000 SIZE    : 160.0 Ko DRIVER  : C:\Windows\System32\drivers\clipsp.sys => Invisible on the disk ADDRESS : 0xDC760000 SIZE    : 704.0 Ko DRIVER  : C:\Windows\System32\drivers\cmimcext.sys => Invisible on the disk ADDRESS : 0xDC810000 SIZE    : 52.0 Ko DRIVER  : C:\Windows\System32\drivers\ntosext.sys => Invisible on the disk ADDRESS : 0xDC820000 SIZE    : 48.0 Ko DRIVER  : C:\Windows\system32\CI.dll => Invisible on the disk ADDRESS : 0xDC830000 SIZE    : 640.0 Ko DRIVER  : C:\Windows\System32\drivers\cng.sys => Invisible on the disk ADDRESS : 0xDC8D0000 SIZE    : 632.0 Ko DRIVER  : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk ADDRESS : 0xDC970000 SIZE    : 848.0 Ko DRIVER  : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk ADDRESS : 0xDCA50000 SIZE    : 76.0 Ko DRIVER  : C:\Windows\System32\Drivers\acpiex.sys => Invisible on the disk ADDRESS : 0xDCA70000 SIZE    : 140.0 Ko DRIVER  : C:\Windows\System32\Drivers\WppRecorder.sys => Invisible on the disk ADDRESS : 0xDCAA0000 SIZE    : 56.0 Ko DRIVER  : C:\Windows\System32\drivers\ACPI.sys => Invisible on the disk ADDRESS : 0xDCAB0000 SIZE    : 716.0 Ko DRIVER  : C:\Windows\System32\drivers\WMILIB.SYS => Invisible on the disk ADDRESS : 0xDCB70000 SIZE    : 48.0 Ko DRIVER  : C:\Windows\System32\drivers\intelpep.sys => Invisible on the disk ADDRESS : 0xDCB80000 SIZE    : 68.0 Ko DRIVER  : C:\Windows\system32\drivers\WindowsTrustedRT.sys => Invisible on the disk ADDRESS : 0xDCBA0000 SIZE    : 124.0 Ko DRIVER  : C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys => Invisible on the disk ADDRESS : 0xDCBC0000 SIZE    : 44.0 Ko DRIVER  : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk ADDRESS : 0xDCBD0000 SIZE    : 72.0 Ko DRIVER  : C:\Windows\System32\drivers\msisadrv.sys => Invisible on the disk ADDRESS : 0xDCBF0000 SIZE    : 44.0 Ko DRIVER  : C:\Windows\System32\drivers\pci.sys => Invisible on the disk ADDRESS : 0xDCC00000 SIZE    : 348.0 Ko DRIVER  : C:\Windows\System32\drivers\vdrvroot.sys => Invisible on the disk ADDRESS : 0xDCC60000 SIZE    : 72.0 Ko DRIVER  : C:\Windows\system32\drivers\pdc.sys => Invisible on the disk ADDRESS : 0xDCC80000 SIZE    : 132.0 Ko DRIVER  : C:\Windows\system32\drivers\CEA.sys => Invisible on the disk ADDRESS : 0xDCCB0000 SIZE    : 100.0 Ko DRIVER  : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk ADDRESS : 0xDDDA0000 SIZE    : 144.0 Ko DRIVER  : C:\Windows\System32\drivers\spaceport.sys => Invisible on the disk ADDRESS : 0xDCE00000 SIZE    : 564.0 Ko DRIVER  : C:\Windows\System32\drivers\volmgr.sys => Invisible on the disk ADDRESS : 0xDCE90000 SIZE    : 96.0 Ko DRIVER  : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk ADDRESS : 0xDCEB0000 SIZE    : 376.0 Ko DRIVER  : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk ADDRESS : 0xDCF10000 SIZE    : 120.0 Ko DRIVER  : C:\Windows\System32\drivers\storahci.sys => Invisible on the disk ADDRESS : 0xDCF30000 SIZE    : 144.0 Ko DRIVER  : C:\Windows\System32\drivers\storport.sys => Invisible on the disk ADDRESS : 0xDCF60000 SIZE    : 520.0 Ko DRIVER  : C:\Windows\System32\drivers\EhStorClass.sys => Invisible on the disk ADDRESS : 0xDCFF0000 SIZE    : 112.0 Ko DRIVER  : C:\Windows\System32\drivers\fileinfo.sys => Invisible on the disk ADDRESS : 0xDD010000 SIZE    : 100.0 Ko DRIVER  : C:\Windows\System32\Drivers\Wof.sys => Invisible on the disk ADDRESS : 0xDD030000 SIZE    : 224.0 Ko DRIVER  : C:\Windows\System32\Drivers\NTFS.sys => Invisible on the disk ADDRESS : 0xDD070000 SIZE    : 2.20 Mo DRIVER  : C:\Windows\system32\drivers\gbpddreg64.sys => Invisible on the disk ADDRESS : 0xDD2B0000 SIZE    : 44.0 Ko DRIVER  : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk ADDRESS : 0xDD2C0000 SIZE    : 52.0 Ko DRIVER  : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk ADDRESS : 0xDD2D0000 SIZE    : 1.16 Mo DRIVER  : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk ADDRESS : 0xDD400000 SIZE    : 484.0 Ko DRIVER  : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk ADDRESS : 0xDD480000 SIZE    : 192.0 Ko DRIVER  : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk ADDRESS : 0xDD4B0000 SIZE    : 2.47 Mo DRIVER  : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk ADDRESS : 0xDD730000 SIZE    : 420.0 Ko DRIVER  : C:\Windows\System32\drivers\wfplwfs.sys => Invisible on the disk ADDRESS : 0xDD7A0000 SIZE    : 168.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk ADDRESS : 0xDD7D0000 SIZE    : 652.0 Ko DRIVER  : C:\Windows\System32\drivers\volume.sys => Invisible on the disk ADDRESS : 0xDD880000 SIZE    : 44.0 Ko DRIVER  : C:\Windows\System32\drivers\volsnap.sys => Invisible on the disk ADDRESS : 0xDD890000 SIZE    : 400.0 Ko DRIVER  : C:\Windows\System32\Drivers\SmartDefragDriver.sys => Invisible on the disk ADDRESS : 0xDD900000 SIZE    : 32.0 Ko DRIVER  : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk ADDRESS : 0xDD910000 SIZE    : 288.0 Ko DRIVER  : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk ADDRESS : 0xDD960000 SIZE    : 148.0 Ko DRIVER  : C:\Windows\system32\drivers\iorate.sys => Invisible on the disk ADDRESS : 0xDD990000 SIZE    : 64.0 Ko DRIVER  : C:\Windows\System32\drivers\disk.sys => Invisible on the disk ADDRESS : 0xDD9B0000 SIZE    : 120.0 Ko DRIVER  : C:\Windows\System32\drivers\CLASSPNP.SYS => Invisible on the disk ADDRESS : 0xDD9D0000 SIZE    : 392.0 Ko DRIVER  : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk ADDRESS : 0xDDA60000 SIZE    : 100.0 Ko DRIVER  : C:\Windows\System32\drivers\cdrom.sys => Invisible on the disk ADDRESS : 0xDDB40000 SIZE    : 196.0 Ko DRIVER  : C:\Windows\system32\drivers\filecrypt.sys => Invisible on the disk ADDRESS : 0xDDB80000 SIZE    : 116.0 Ko DRIVER  : C:\Windows\system32\drivers\tbs.sys => Invisible on the disk ADDRESS : 0xDDBA0000 SIZE    : 56.0 Ko DRIVER  : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk ADDRESS : 0xDDBB0000 SIZE    : 40.0 Ko DRIVER  : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk ADDRESS : 0xDDBC0000 SIZE    : 40.0 Ko DRIVER  : C:\Windows\System32\drivers\BasicDisplay.sys => Invisible on the disk ADDRESS : 0xDDBD0000 SIZE    : 80.0 Ko DRIVER  : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk ADDRESS : 0xDDBF0000 SIZE    : 80.0 Ko DRIVER  : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk ADDRESS : 0xDEC10000 SIZE    : 2.12 Mo DRIVER  : C:\Windows\System32\drivers\BasicRender.sys => Invisible on the disk ADDRESS : 0xDEE30000 SIZE    : 72.0 Ko DRIVER  : C:\Windows\system32\drivers\wsddfac.sys => Invisible on the disk ADDRESS : 0xDEE50000 SIZE    : 48.0 Ko DRIVER  : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk ADDRESS : 0xDEE60000 SIZE    : 100.0 Ko DRIVER  : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk ADDRESS : 0xDEE80000 SIZE    : 64.0 Ko DRIVER  : C:\Windows\system32\drivers\gbpddfac64.sys => Invisible on the disk ADDRESS : 0xDEE90000 SIZE    : 48.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk ADDRESS : 0xDEEA0000 SIZE    : 140.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk ADDRESS : 0xDEED0000 SIZE    : 64.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk ADDRESS : 0xDEEE0000 SIZE    : 300.0 Ko DRIVER  : C:\Windows\system32\drivers\afd.sys => Invisible on the disk ADDRESS : 0xDEF30000 SIZE    : 596.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\wsddntf.sys => Invisible on the disk ADDRESS : 0xDEFD0000 SIZE    : 48.0 Ko DRIVER  : C:\Windows\System32\drivers\vwififlt.sys => Invisible on the disk ADDRESS : 0xDEFE0000 SIZE    : 100.0 Ko DRIVER  : C:\Windows\System32\drivers\pacer.sys => Invisible on the disk ADDRESS : 0xDE400000 SIZE    : 172.0 Ko DRIVER  : C:\Windows\system32\drivers\netbios.sys => Invisible on the disk ADDRESS : 0xDE430000 SIZE    : 72.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk ADDRESS : 0xDE450000 SIZE    : 468.0 Ko DRIVER  : C:\Windows\system32\drivers\wsddpp.sys => Invisible on the disk ADDRESS : 0xDE520000 SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\VBoxUSBMon.sys => Invisible on the disk ADDRESS : 0xDE530000 SIZE    : 152.0 Ko DRIVER  : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk ADDRESS : 0xDE560000 SIZE    : 68.0 Ko DRIVER  : C:\Windows\System32\drivers\npsvctrig.sys => Invisible on the disk ADDRESS : 0xDE580000 SIZE    : 52.0 Ko DRIVER  : C:\Windows\System32\drivers\mssmbios.sys => Invisible on the disk ADDRESS : 0xDE590000 SIZE    : 64.0 Ko DRIVER  : C:\Windows\System32\drivers\gpuenergydrv.sys => Invisible on the disk ADDRESS : 0xDE5B0000 SIZE    : 40.0 Ko DRIVER  : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk ADDRESS : 0xDE5C0000 SIZE    : 168.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\ahcache.sys => Invisible on the disk ADDRESS : 0xDE610000 SIZE    : 252.0 Ko DRIVER  : C:\Windows\System32\drivers\kdnic.sys => Invisible on the disk ADDRESS : 0xDE670000 SIZE    : 56.0 Ko DRIVER  : C:\Windows\System32\drivers\umbus.sys => Invisible on the disk ADDRESS : 0xDE680000 SIZE    : 84.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\igdkmd64.sys => Invisible on the disk ADDRESS : 0xDE6A0000 SIZE    : 3.72 Mo DRIVER  : C:\Windows\System32\drivers\HECIx64.sys => Invisible on the disk ADDRESS : 0xDEA60000 SIZE    : 76.0 Ko DRIVER  : C:\Windows\System32\drivers\usbehci.sys => Invisible on the disk ADDRESS : 0xDEA80000 SIZE    : 112.0 Ko DRIVER  : C:\Windows\System32\drivers\USBPORT.SYS => Invisible on the disk ADDRESS : 0xDEAA0000 SIZE    : 472.0 Ko DRIVER  : C:\Windows\System32\drivers\HDAudBus.sys => Invisible on the disk ADDRESS : 0xDEB20000 SIZE    : 108.0 Ko DRIVER  : C:\Windows\System32\drivers\portcls.sys => Invisible on the disk ADDRESS : 0xDEB40000 SIZE    : 388.0 Ko DRIVER  : C:\Windows\System32\drivers\drmk.sys => Invisible on the disk ADDRESS : 0xDEBB0000 SIZE    : 132.0 Ko DRIVER  : C:\Windows\System32\drivers\ks.sys => Invisible on the disk ADDRESS : 0xDDC10000 SIZE    : 416.0 Ko DRIVER  : C:\Windows\System32\drivers\intelppm.sys => Invisible on the disk ADDRESS : 0xDEBE0000 SIZE    : 172.0 Ko DRIVER  : C:\Windows\System32\drivers\wmiacpi.sys => Invisible on the disk ADDRESS : 0xDE5F0000 SIZE    : 48.0 Ko DRIVER  : C:\Windows\System32\drivers\NdisVirtualBus.sys => Invisible on the disk ADDRESS : 0xDE600000 SIZE    : 52.0 Ko DRIVER  : C:\Windows\System32\drivers\swenum.sys => Invisible on the disk ADDRESS : 0xDDD70000 SIZE    : 48.0 Ko DRIVER  : C:\Windows\System32\drivers\iwdbus.sys => Invisible on the disk ADDRESS : 0xDDD80000 SIZE    : 48.0 Ko DRIVER  : C:\Windows\System32\drivers\rdpbus.sys => Invisible on the disk ADDRESS : 0xDDD90000 SIZE    : 56.0 Ko DRIVER  : C:\Windows\System32\drivers\usbhub.sys => Invisible on the disk ADDRESS : 0xDE160000 SIZE    : 512.0 Ko DRIVER  : C:\Windows\System32\drivers\USBD.SYS => Invisible on the disk ADDRESS : 0xDE1E0000 SIZE    : 56.0 Ko DRIVER  : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk ADDRESS : 0xE0A40000 SIZE    : 56.0 Ko DRIVER  : C:\Windows\System32\Drivers\fastfat.SYS => Invisible on the disk ADDRESS : 0xE0A50000 SIZE    : 364.0 Ko DRIVER  : C:\Windows\System32\drivers\hidusb.sys => Invisible on the disk ADDRESS : 0xE0AB0000 SIZE    : 68.0 Ko DRIVER  : C:\Windows\System32\drivers\HIDCLASS.SYS => Invisible on the disk ADDRESS : 0xE0AD0000 SIZE    : 188.0 Ko DRIVER  : C:\Windows\System32\drivers\HIDPARSE.SYS => Invisible on the disk ADDRESS : 0xE0B00000 SIZE    : 72.0 Ko DRIVER  : C:\Windows\System32\drivers\mouhid.sys => Invisible on the disk ADDRESS : 0xE0B20000 SIZE    : 60.0 Ko DRIVER  : C:\Windows\System32\drivers\mouclass.sys => Invisible on the disk ADDRESS : 0xE0B30000 SIZE    : 72.0 Ko DRIVER  : C:\Windows\System32\drivers\usbccgp.sys => Invisible on the disk ADDRESS : 0xE0B50000 SIZE    : 192.0 Ko DRIVER  : C:\Windows\System32\drivers\kbdhid.sys => Invisible on the disk ADDRESS : 0xE0BB0000 SIZE    : 64.0 Ko DRIVER  : C:\Windows\System32\drivers\kbdclass.sys => Invisible on the disk ADDRESS : 0xE0BC0000 SIZE    : 76.0 Ko DRIVER  : C:\Windows\system32\Drivers\RtsUer.sys => Invisible on the disk ADDRESS : 0xDF600000 SIZE    : 420.0 Ko DRIVER  : C:\Windows\System32\Drivers\dump_diskdump.sys => Invisible on the disk ADDRESS : 0xDF680000 SIZE    : 60.0 Ko DRIVER  : C:\Windows\System32\Drivers\dump_storahci.sys => Invisible on the disk ADDRESS : 0xDF6C0000 SIZE    : 144.0 Ko DRIVER  : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk ADDRESS : 0xDF710000 SIZE    : 116.0 Ko DRIVER  : C:\Windows\System32\win32kbase.sys => Invisible on the disk ADDRESS : 0xAC400000 SIZE    : 1.50 Mo DRIVER  : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk ADDRESS : 0xDFC40000 SIZE    : 412.0 Ko DRIVER  : C:\Windows\System32\drivers\monitor.sys => Invisible on the disk ADDRESS : 0xDFCB0000 SIZE    : 64.0 Ko DRIVER  : C:\Windows\System32\drivers\dxgmms2.sys => Invisible on the disk ADDRESS : 0xDFCC0000 SIZE    : 668.0 Ko DRIVER  : C:\Windows\System32\TSDDD.dll => Invisible on the disk ADDRESS : 0xAC590000 SIZE    : 40.0 Ko DRIVER  : C:\Windows\system32\drivers\wcifs.sys => Invisible on the disk ADDRESS : 0xDFD70000 SIZE    : 128.0 Ko DRIVER  : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk ADDRESS : 0xDFD90000 SIZE    : 152.0 Ko DRIVER  : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk ADDRESS : 0xDFDC0000 SIZE    : 1.07 Mo DRIVER  : C:\Windows\system32\drivers\storqosflt.sys => Invisible on the disk ADDRESS : 0xDFEE0000 SIZE    : 100.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\gzflt.sys => Invisible on the disk ADDRESS : 0xDFF00000 SIZE    : 208.0 Ko DRIVER  : C:\Windows\system32\drivers\wcnfs.sys => Invisible on the disk ADDRESS : 0xDFF40000 SIZE    : 88.0 Ko DRIVER  : C:\Windows\System32\drivers\registry.sys => Invisible on the disk ADDRESS : 0xDFF60000 SIZE    : 96.0 Ko DRIVER  : C:\Windows\system32\drivers\lltdio.sys => Invisible on the disk ADDRESS : 0xDFF90000 SIZE    : 88.0 Ko DRIVER  : C:\Windows\system32\drivers\mslldp.sys => Invisible on the disk ADDRESS : 0xDFFB0000 SIZE    : 96.0 Ko DRIVER  : C:\Windows\system32\drivers\rspndr.sys => Invisible on the disk ADDRESS : 0xDFFD0000 SIZE    : 104.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\wanarp.sys => Invisible on the disk ADDRESS : 0xDFFF0000 SIZE    : 108.0 Ko DRIVER  : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the disk ADDRESS : 0xE0010000 SIZE    : 120.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk ADDRESS : 0xE0030000 SIZE    : 136.0 Ko DRIVER  : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk ADDRESS : 0xE0060000 SIZE    : 100.0 Ko DRIVER  : C:\Windows\System32\drivers\condrv.sys => Invisible on the disk ADDRESS : 0xE0080000 SIZE    : 72.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk ADDRESS : 0xE00A0000 SIZE    : 468.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk ADDRESS : 0xE0120000 SIZE    : 236.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk ADDRESS : 0xE0160000 SIZE    : 272.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk ADDRESS : 0xE01B0000 SIZE    : 720.0 Ko DRIVER  : C:\Windows\system32\drivers\mmcss.sys => Invisible on the disk ADDRESS : 0xE0270000 SIZE    : 80.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk ADDRESS : 0xE0290000 SIZE    : 308.0 Ko DRIVER  : C:\Windows\system32\drivers\npf.sys => Invisible on the disk ADDRESS : 0xE02E0000 SIZE    : 48.0 Ko DRIVER  : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk ADDRESS : 0xE02F0000 SIZE    : 776.0 Ko DRIVER  : C:\Windows\system32\drivers\Ndu.sys => Invisible on the disk ADDRESS : 0xE03C0000 SIZE    : 152.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk ADDRESS : 0xE03F0000 SIZE    : 560.0 Ko DRIVER  : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk ADDRESS : 0xE0480000 SIZE    : 80.0 Ko DRIVER  : C:\Windows\system32\Drivers\SSPORT.sys => Invisible on the disk ADDRESS : 0xE04A0000 SIZE    : 32.0 Ko DRIVER  : C:\Windows\system32\drivers\wsddprm.sys => Invisible on the disk ADDRESS : 0xDF770000 SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\TRUFOS.sys => Invisible on the disk ADDRESS : 0xDF7F0000 SIZE    : 480.0 Ko DRIVER  : C:\Windows\System32\drivers\rdpvideominiport.sys => Invisible on the disk ADDRESS : 0xDF8F0000 SIZE    : 52.0 Ko DRIVER  : C:\Windows\system32\drivers\qwavedrv.sys => Invisible on the disk ADDRESS : 0xDF9B0000 SIZE    : 72.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\usbscan.sys => Invisible on the disk ADDRESS : 0xDFBE0000 SIZE    : 76.0 Ko DRIVER  : C:\Windows\System32\drivers\usbprint.sys => Invisible on the disk ADDRESS : 0xDFC00000 SIZE    : 60.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\cdfs.sys => Invisible on the disk ADDRESS : 0xDF8D0000 SIZE    : 120.0 Ko DRIVER  : C:\Windows\System32\cdd.dll => Invisible on the disk ADDRESS : 0xAC910000 SIZE    : 256.0 Ko DRIVER  : C:\Windows\System32\drivers\rt640x64.sys => Invisible on the disk ADDRESS : 0xDDC80000 SIZE    : 928.0 Ko DRIVER  : C:\Windows\System32\drivers\tunnel.sys => Invisible on the disk ADDRESS : 0xDFB10000 SIZE    : 188.0 Ko DRIVER  : C:\Windows\system32\drivers\RTKVHD64.sys => Invisible on the disk ADDRESS : 0xE04C0000 SIZE    : 5.50 Mo BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020) SystemStartOptions :  NOEXECUTE=OPTIN  NOVGA ________________________________________________________________________________ _______MBR   \Device\Harddisk0\DR0   0x00000000   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000010   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000020   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000030   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000040   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x000000A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x000000B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x000000C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x000000D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x000000E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x000001B0   00 00 00 00 00 00 00 00 2E 1C CD 45 00 00 00 00   ..........ÍE.... 0x000001C0   02 00 EE FF FF FF 01 00 00 00 FF FF FF FF 00 00   ..î............. 0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª Farbar Service Scanner Version: 27-01-2016
      Ran by Recepção (administrator) on 27-02-2017 at 09:44:32
      Running from "C:\Users\Recepção\Desktop"
      Microsoft Windows 10 Home Single Language  (X64)
      Boot Mode: Normal
      **************************************************************** Internet Services:
      ============ Connection Status:
      ==============
      Localhost is accessible.
      LAN connected.
      Google IP is accessible.
      Google.com is accessible.
      Yahoo.com is accessible.
      Windows Firewall:
      ============= Firewall Disabled Policy: 
      ==================
      System Restore:
      ============ System Restore Policy: 
      ========================
      Security Center:
      ============
      Windows Update:
      ============ Windows Autoupdate Disabled Policy: 
      ============================
      Windows Defender:
      ==============
      WinDefend Service is not running. Checking service configuration:
      The start type of WinDefend service is set to Demand. The default start type is Auto.
      The ImagePath of WinDefend service is OK.
      Windows Defender Disabled Policy: 
      ==========================
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
      "DisableAntiSpyware"=DWORD:1
      Other Services:
      ==============
      File Check:
      ========
      C:\Windows\System32\nsisvc.dll => File is digitally signed
      C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
      C:\Windows\System32\drivers\afd.sys => File is digitally signed
      C:\Windows\System32\drivers\tdx.sys => File is digitally signed
      C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
      C:\Windows\System32\dnsrslvr.dll => File is digitally signed
      C:\Windows\System32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\System32\mpssvc.dll => File is digitally signed
      C:\Windows\System32\bfe.dll => File is digitally signed
      C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
      C:\Windows\System32\SDRSVC.dll => File is digitally signed
      C:\Windows\System32\vssvc.exe => File is digitally signed
      C:\Windows\System32\wscsvc.dll => File is digitally signed
      C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
      C:\Windows\System32\wuaueng.dll => File is digitally signed
      C:\Windows\System32\qmgr.dll => File is digitally signed
      C:\Windows\System32\es.dll => File is digitally signed
      C:\Windows\System32\cryptsvc.dll => File is digitally signed
      C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
      C:\Windows\System32\svchost.exe => File is digitally signed
      C:\Windows\System32\rpcss.dll => File is digitally signed
      **** End of log ****
    • Amigo, baixe MbrScan.exe by Eric_71 > salve no desktop. Dê um duplo-clique para executar a ferramenta. Clique no botão Scan. Ao final do exame clique no botão Report. Abrirá um bloco de notas com o resultado do exame. É salvo no desktop com o nome de MbrScan.log. Selecione, copie e cole o seu conteúdo na próxima resposta. Baixe Farbar Service Scanner e salve no desktop. Execute a ferramenta. Além das checkboxes que já estão marcadas por padrão, marque as seguintes:
      Windows Firewall System Restore Security Center/Action Center Windows Update Windows Defender

      Clique em Scan e aguarde o exame acabar, Ao final será gerado um log chamado FSS.txt que é salvo no mesmo diretório que está o FSS, ou seja, no desktop. Selecione, copie e cole o seu conteúdo na próxima resposta.  
    • Está solicitando senha ou a serial do windows ? Pergunto porque ficou meio confuso uma vez que disse que tentou com a do note... Se possivel poste a mensagem exata do erro ou até uma imagem....
    • Por gentileza, solicito ajuda com o PC... desde sexta feira ele apresenta uma lentidão muitoooo ferrada, hoje tentei navegar e nada... tudo ferrado, tudo trava, nada responde.    Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 09:20:13, on 27/02/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.14393.0000)
      Boot mode: Normal Running processes:
      C:\PROGRA~2\GbPlugin\GbpSv.exe
      C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
      C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
      C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe
      C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
      C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
      C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
      C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
      C:\Windows\SysWOW64\cmd.exe
      C:\Windows\SysWOW64\schtasks.exe
      C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
      C:\Windows\SysWOW64\cmd.exe
      C:\Windows\SysWOW64\schtasks.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Users\Recepção\AppData\Roaming\uTorrent\updates\3.4.9_43085.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Users\Recepção\AppData\Roaming\uTorrent\updates\updates\3.4.9_43085\utorrentie.exe
      C:\Users\Recepção\AppData\Roaming\uTorrent\updates\updates\3.4.9_43085\utorrentie.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Users\Recepção\Downloads\HijackThis.exe
      C:\Program Files (x86)\IObit\Driver Booster\FaultFixes.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=
      O1 - Hosts: 192.99.197.31 wxsda.com
      O2 - BHO: PDF Architect 4 Helper - {38279E1A-7019-40C1-B579-E99DFB3312E8} - C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll
      O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
      O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
      O2 - BHO: IObit Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
      O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
      O2 - BHO: G-Buster Browser Defense BMB - {C41A1C0E-EA6C-11D4-B1B8-444553540001} - C:\Program Files (x86)\GbPlugin\gbiehbmb.dll
      O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehcef.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
      O2 - BHO: IObit Ads Removal - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll
      O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
      O4 - HKLM\..\Run: [Intel AppUp(R) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
      O4 - HKLM\..\Run: [Cobian Backup 10 Interface] "C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe" -service
      O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
      O4 - HKCU\..\Run: [Advanced SystemCare 10] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Recepção\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Recepção\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Recepção\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Recepção\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
      O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE')
      O4 - Global Startup: Samsung Network PC Fax.lnk = C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
      O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
      O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O15 - Trusted Zone: www.bancobrasil.com.br
      O15 - Trusted Zone: www14.bancobrasil.com.br
      O15 - Trusted Zone: www2.bancobrasil.com.br
      O15 - Trusted Zone: aapj.bb.com.br
      O15 - Trusted Zone: seg.bb.com.br
      O15 - Trusted Zone: www.bb.com.br
      O15 - Trusted Zone: http://www.bb.com.br
      O15 - Trusted Zone: bdu.bmb.com.br
      O15 - Trusted Zone: http://www.caixa.gov.br
      O15 - Trusted Zone: cloud.gastecnologia.com.br
      O15 - Trusted Zone: *.mercantil.com.br
      O15 - Trusted Zone: *.mercantildobrasil.com.br
      O16 - DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} - 
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
      O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
      O20 - Winlogon Notify:  GbPluginBmb - C:\Program Files (x86)\GbPlugin\gbiehBmb.dll
      O20 - Winlogon Notify:  GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
      O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      O23 - Service: Advanced SystemCare Service 10 (AdvancedSystemCareService10) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
      O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
      O23 - Service: Cobian Backup 10 (CobianBackup10) - Luis Cobian, CobianSoft - C:\Program Files (x86)\Cobian Backup 10\cbService.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: Fleet Admin Pro Management Application (Fleet Admin Pro) - Unknown owner - C:\Program Files (x86)\Samsung Network Printer Utilities\Fleet Admin Pro\UniThruTargetPlatform\unithru.exe
      O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
      O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
      O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
      O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
      O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
      O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
      O23 - Service: PDF Architect 4 - pdfforge GmbH - C:\Program Files\PDF Architect 4\ws.exe
      O23 - Service: PDF Architect 4 CrashHandler - pdfforge GmbH - C:\Program Files\PDF Architect 4\crash-handler-ws.exe
      O23 - Service: PDF Architect 4 Creator - pdfforge GmbH - C:\Program Files\PDF Architect 4\creator-ws.exe
      O23 - Service: PDF Architect 4 Manager - © pdfforge GmbH. - C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
      O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Samsung Network Fax Server - Samsung Electronics Co., Ltd. - C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
      O23 - Service: Samsung Printer Dianostics Service - Unknown owner - C:\Windows\system32\\spdsvc.exe
      O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWOW64\SecUPDUtilSvc.exe
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
      O23 - Service: Skdaemon Service (Sks8821) - Unknown owner - C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe
      O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --
      End of file - 15026 bytes
       
    • Sem um computador de backup, há escolha para você são pouco. Há uma escolha para você clonar outro sistema Windows para fazer um CD inicializável e restaurar para o seu PC, mas seus dados de unidade C e programas podem ser perdidos.
    • olá galera alguém usa o firewall do Windows só ou recomenda um para mim por favor sem comodo este software é uma das maiores pragas que possa existir na internet 
    • Já ouvi falar muito desse teclado. Tentou trocar ele de USB e fazer o Windows detectar novamente?
    • Oi! Você usa o próprio aplicativo do Windows para a mudança de papel de parede? Eu nunca usei mas é muito estranho mesmo um note potente desses travar. Ele tava com vírus? Será q não sobrou algo?
O site BABOO está no ar para informar e ajudar o internauta de Windows. Este site foi publicado em 1999 por Aurélio "Baboo", engenheiro e um dos maiores especialistas brasileiros em Windows, que trabalha profissionalmente com esse sistema operacional desde 1987. Desde 2004 ele é premiado anualmente pela Microsoft como MVP (Most Valuable Professional) pela sua contribuição e ajuda à comunidade de usuários de Windows.

Em 2001 foi criado o
Fórum do BABOO para ajudar o internauta brasileiro a solucionar problemas e dúvidas sobre Windows, Segurança, Office, Hardware e outros temas. Desde 2010 a Microsoft também tem premiado o Mr.Million, administrador da área de Segurança do Fórum do BABOO, pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Atualmente ele é o único MVP brasileiro de Segurança em desktop.

O BABOO é o único site brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows e que participa diariamente e ativamente nos comentários e discussões do site e fórum BABOO.