Conteúdo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Fundo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Desenho: Liso Onda Linha Retalho Madeira Rocha Couro Colméia Vertical Triângulo
Bem-vindo ao Fórum do BABOO!

Desde 2000 o Fórum do BABOO tem ajudado milhões de internautas de Windows a resolverem seus problemas e dúvidas, além de ajudar na remoção de vírus e malwares de seus computadores. Somos o único fórum brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows, então se você tem uma dúvida ou problema que nenhum outro fórum resolve, poste-a aqui pois o MVP Babooadora desafios!
  

O Fórum do BABOO também conta com a participação exclusiva do administrador da área de Segurança MVP Mr.Million que tem reconhecimento internacional da Microsoft pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Se o seu computador está infectado por algum vírus, ele te ajudará a removê-lo!
  

Nosso time de especialistas também inclui Patropi  Osvaldomp  Caze  Ciro-Mota  XERLOUCO ROUMS  Tatha que responderão suas dúvidas sobre diversos assuntos.
 

Participe da nossa comunidade! 

 

Entre para seguir isso  
Seguidores 0
zinhoooriginal

Computador infectado

13 posts neste tópico

Bom dia colegas,fiz todo o procedimento e gostaria se possível que analisassem meu Log, pois meu Note está muito lento e abrindo páginas de Vírus o tempo todo,segue Log conforme orientação:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:14:14, on 11/01/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWoW64\cmd.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Users\J.P\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\3reedom Connection Manager\UIExec.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\HijackThis.exe
C:\Windows\SysWoW64\NOTEPAD.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://noblockingweb.com/wpad.dat?1ceea4cfe30f1ef3daedef55f2551c4f23003854
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [UIExec] "C:\Program Files (x86)\3reedom Connection Manager\UIExec.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\J.P\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [OSDownloaderUpdate] "C:\Program Files (x86)\OSDownloader\OSDownloaderUpdate.exe" "sleep"
O4 - HKCU\..\Run: [OSDownloader] "C:\Program Files (x86)\OSDownloader\OSDownloader.exe" AutoStart
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F418A0558D832A2F494D8D0D97004497] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\J.P\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\J.P\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - Startup: Monitorar alertas de tinta - HP Deskjet 2540 series (Copy 1).lnk = ?
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: aapj.bb.com.br
O15 - Trusted Zone: seg.bb.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: http://www.bb.com.br
O15 - Trusted Zone: cloud.gastecnologia.com.br
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc.  - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Boot Delay Start Service (McBootDelayStartSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: McAfee Module Core Service (ModuleCoreService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Intel Security PEF Service (PEFService) - Intel Security, Inc. - C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Printer Dianostics Service - Unknown owner - C:\Windows\system32\\spdsvc.exe
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWoW64\SecUPDUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files (x86)\3reedom Connection Manager\AssistantServices.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WD Rules (WDRulesService) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

--
End of file - 17505 bytes
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia!

Baixe o Malwarebytes Anti-Malware (MBAM) e salve ou imprima estas instruções:

1. Execute o MBAM e prossiga com a instalação até chegar na tela abaixo. Você deve desmarcar a opção Ativar trial gratuito do Malwarebytes Anti-Malware Pro 

desclicar-mbam.png

2. O programa de instalação será finalizado e o MBAM será executado e automaticamente atualizará o seu banco de dados. Enquanto ele faz isso, clique no menu Configurações > Detecção e proteção (à esquerda) e clique na opção Procurar rootkits. Verifique também se as duas opções mostradas abaixo estão ambas configuradas como Tratar detecções como malware:

tratar-deteccoes.png

3. Clique no menu Painel para voltar à tela principal e clique no botão Verificar. O MBAM iniciará a verificação de malwares no seu computador. Essa tarefa pode demorar bastante se houverem muitos arquivos. Aguarde a finalização de todos os processos. Se no final o MBAM detectou algum malware, inicialmente clique na opção Salvar resultados > escolha a opção Arquivo de texto (*.txt) > Salve o arquivo:

salvar-txt.png

Agora clique no botão Remover selecionados para as ameaças serem removidas. 

Se o MBAM encontrar arquivos que não podem ser removidos, ele solicitará a reinicialização do computador (talvez mais de uma vez). Se isso acontecer, reinicie o computador imediatamente.

4. Agora abra o arquivo que você salvou no item anterior.  Selecione todo o conteúdo desse log (tecle CTRL+A), copie-o (CTRL+C) e cole-o (CTRL+V) na sua próxima resposta juntamente com um novo Log do HiJackThis .



MVP Mr.Million

Compartilhar este post


Link para o post
Compartilhar em outros sites

Segue:

Malwarebytes
www.malwarebytes.com

-Detalhes de registro-
Data da análise: 11/01/17
Hora da análise: 09:56
Arquivo de registro: 
Administrador: Sim

-Informação do software-
Versão: 3.0.5.1299
Versão de componentes: 1.0.43
Versão do pacote de definições: 1.0.978
Licença: Versão de avaliação

-Informação do sistema-
Sistema operacional: Windows 10
CPU: x64
Sistema de arquivos: NTFS
Usuário: JPNOTE\J.P

-Resumo da análise-
Tipo de análise: Análise de Ameaças
Resultado: Concluído
Objetos verificados: 489033
Tempo decorrido: 9 min, 46 seg

-Opções da análise-
Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado

-Detalhes da análise-
Processo: 0
(Nenhum item malicioso detectado)

Módulo: 0
(Nenhum item malicioso detectado)

Chave de registro: 1
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Nenhuma ação do usuário, [132], [-1],0.0.0

Valor de registro: 5
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-2723134861-882596846-4248002994-1001\SOFTWARE\MICROSOFT\Windows\CURRENTVERSION\INTERNET SETTINGS|AUTOCONFIGURL, Nenhuma ação do usuário, [132], [356708],1.0.978
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-2723134861-882596846-4248002994-1001\SOFTWARE\MICROSOFT\Windows\CURRENTVERSION\INTERNET SETTINGS|AUTOCONFIGURL, Nenhuma ação do usuário, [132], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\Windows\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Nenhuma ação do usuário, [132], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-2723134861-882596846-4248002994-1001\SOFTWARE\MICROSOFT\Windows\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Nenhuma ação do usuário, [132], [-1],0.0.0
Hijack.AutoConfigURL.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\Windows\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Nenhuma ação do usuário, [132], [-1],0.0.0

Fluxo de dados: 0
(Nenhum item malicioso detectado)

Pasta: 0
(Nenhum item malicioso detectado)

Arquivo: 0
(Nenhum item malicioso detectado)

Setor físico: 0
(Nenhum item malicioso detectado)


(end)

 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:08:36, on 11/01/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Users\J.P\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\3reedom Connection Manager\UIExec.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWoW64\cmd.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Windows\SysWoW64\NOTEPAD.EXE
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [UIExec] "C:\Program Files (x86)\3reedom Connection Manager\UIExec.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\J.P\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [OSDownloaderUpdate] "C:\Program Files (x86)\OSDownloader\OSDownloaderUpdate.exe" "sleep"
O4 - HKCU\..\Run: [OSDownloader] "C:\Program Files (x86)\OSDownloader\OSDownloader.exe" AutoStart
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F418A0558D832A2F494D8D0D97004497] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\J.P\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\J.P\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE')
O4 - Startup: Monitorar alertas de tinta - HP Deskjet 2540 series (Copy 1).lnk = ?
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: aapj.bb.com.br
O15 - Trusted Zone: seg.bb.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: http://www.bb.com.br
O15 - Trusted Zone: cloud.gastecnologia.com.br
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc.  - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Boot Delay Start Service (McBootDelayStartSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: McAfee Module Core Service (ModuleCoreService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Intel Security PEF Service (PEFService) - Intel Security, Inc. - C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Printer Dianostics Service - Unknown owner - C:\Windows\system32\\spdsvc.exe
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWoW64\SecUPDUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files (x86)\3reedom Connection Manager\AssistantServices.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WD Rules (WDRulesService) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

--
End of file - 17589 bytes
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

1. Desabilite o seu Antivírus e AntiSpyware para não haver conflitos e Mantenha-os desativados até terminar as instruções.

2. Faça download do AdwCleaner e salve-o na sua Área de Trabalho (desktop)

3. Execute o adwcleaner.exe

Usuários do Windows 7, 8.1 ou 10: clique com o botão direito do mouse no ícone do adwcleaner.exe e selecione  executar-como-administrador.png

adwcleaner.png

4. Clique no botão Verificar e depois em Limpar

5. Salve o Log criado

6. Faça download do JRT (Junkware Removal Tool) e salve-o na sua Área de Trabalho

7. Dê um duplo-clique no arquivo JRT para executá-lo

Usuários do Windows 7, 8.1 ou 10: clique com o botão direito do mouse no ícone do JRT.exe e selecione  executar-como-administrador.png

8. O JRT começará o exame do seu Sistema. Tenha paciência pois pode demorar alguns minutos dependendo da quantidades de itens examinados

9. No final um novo arquivo JRT.txt aparecerá na sua Área de Trabalho e uma janela se abrirá com o conteúdo deste arquivo (log do JRT)

10. Selecione todo o conteúdo desse log (tecle CTRL+A), copie-o (CTRL+C) e cole-o (CTRL+V) na sua próxima resposta juntamente com o Log do AdwCleaner (item 5 acima) e o novo log do HijackThis



MVP Mr.Million

Compartilhar este post


Link para o post
Compartilhar em outros sites

Segue:

# AdwCleaner v6.042 - Relatório criado 11/01/2017 às 11:45:59
# *Updated on 06/01/2017 by Malwarebytes
# Banco de dados : 2017-01-11.1 [Servidor]
# Sistema operacional : Windows 10 Home Single Language  (X64)
# Usuário : J.P - JPNOTE
# Executando de : C:\Users\J.P\Desktop\AdwCleaner.exe
# *Mode: Scan
# Apoio : https://www.malwarebytes.com/support

***** [ Serviços ] *****

*No malicious services found.


***** [ Pastas ] *****

Encontrado C:\Users\J.P\AppData\Local\YSearchUtil


***** [ Arquivos ] *****

*No malicious files found.


***** [ DLL ] *****

*No malicious DLLs found.


***** [ WMI ] *****

*No malicious keys found.


***** [ Atalhos ] *****

Procurando por atalhos infectados ...


***** [ Tarefas agendadas ] *****

*No malicious task found.


***** [ Registro ] *****

Encontrado HKCU\Software\Microsoft\Internet Explorer\DOMStorage\colorask.com
Encontrado HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.torrentz.colorask.com
Encontrado [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\colorask.com
Encontrado [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.torrentz.colorask.com


***** [ Navegadores ] *****

Procurando por itens do registro 
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://search.conduit.com/?ctid=CT3325592&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPC953A994-C2D6-40A2-B850
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://search.babylon.com/?affID=110823&tt=120912_ccp_3812_8&babsrc=HP_ss&mntrId=18f28271000000000000001d19efde55
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://searchfunmoods.com/?f=1&a=01543&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0AyB0FzztAtD0AtDyCtCyEtN0D0Tzu0CyEyEzytN1L2XzutBtFt
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://searchfunmoods.com/?f=1&a=1543n&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0AyB0FzztAtD0A0ByEyByEtN0D0Tzu0CyDyByCtN1L2XzutBtFt
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://search.iminent.com/?appId=2C9193E3-DBC6-4A28-816D-A428312C2151
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://searchfunmoods.com/?f=1&a=pc0102&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0CyB0EtDzy0E0AyDyByCtN0D0Tzu0SzztCtBtN1L2XzutBtF
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://searchfunmoods.com/?f=1&a=pc0102&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0CyB0EtDzy0E0AyDyByCtN0D0Tzu0SzztCtBtN1L2XzutBtF
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.awesomehp.com/?type=hp&ts=1395513602&from=pcm&uid=ST9500325AS_5VEW2AYBXXXX5VEW2AYB
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.sweet-page.com/?type=hp&ts=1395514369&from=cor&uid=ST9500325AS_5VEW2AYBXXXX5VEW2AYB
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.sweet-page.com/?type=hp&ts=1395515612&from=cor&uid=ST9500325AS_5VEW2AYBXXXX5VEW2AYB
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://br.hao123.com/?tn=incore_pay_hp_05_hao123_br
*Chromium pref Found: [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.yessearches.com/?mode=nnnb&ptid=wak&uid=0EF38EFFEB19E131B74F1B2509B8A195&v=20160301&ts=AHEpBnMoA3MoAE..

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [3783 *Bytes] - [11/01/2017 11:45:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3857 *Bytes] ##########
 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home Single Language x64 
Ran by J.P (Administrator) on 11/01/2017 at 11:54:53,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 5 

Successfully deleted: C:\ProgramData\osdownloader (Folder) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\J.P\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_J.P (Task)
Successfully deleted: C:\Program Files (x86)\osdownloader (Folder) 

Registry: 2 

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_F418A0558D832A2F494D8D0D97004497 (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A52FF9F7-79F8-4E87-8001-20B41DBC13A3} (Registry Key)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11/01/2017 at 12:26:27,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:02:56, on 11/01/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWoW64\cmd.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [UIExec] "C:\Program Files (x86)\3reedom Connection Manager\UIExec.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\J.P\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [OSDownloaderUpdate] "C:\Program Files (x86)\OSDownloader\OSDownloaderUpdate.exe" "sleep"
O4 - HKCU\..\Run: [OSDownloader] "C:\Program Files (x86)\OSDownloader\OSDownloader.exe" AutoStart
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\J.P\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\J.P\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F418A0558D832A2F494D8D0D97004497] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE')
O4 - Startup: Monitorar alertas de tinta - HP Deskjet 2540 series (Copy 1).lnk = ?
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: aapj.bb.com.br
O15 - Trusted Zone: seg.bb.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: http://www.bb.com.br
O15 - Trusted Zone: cloud.gastecnologia.com.br
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc.  - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Boot Delay Start Service (McBootDelayStartSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: McAfee Module Core Service (ModuleCoreService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Intel Security PEF Service (PEFService) - Intel Security, Inc. - C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Printer Dianostics Service - Unknown owner - C:\Windows\system32\\spdsvc.exe
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWoW64\SecUPDUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files (x86)\3reedom Connection Manager\AssistantServices.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WD Rules (WDRulesService) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

--
End of file - 16919 bytes
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

1 hora atrás, zinhoooriginal disse:

# AdwCleaner v6.042 - Relatório criado 11/01/2017 às 11:45:59
# *Updated on 06/01/2017 by Malwarebytes
# Banco de dados : 2017-01-11.1 [Servidor]
# Sistema operacional : Windows 10 Home Single Language  (X64)
# Usuário : J.P - JPNOTE
# Executando de : C:\Users\J.P\Desktop\AdwCleaner.exe
# *Mode: Scan
# Apoio : https://www.malwarebytes.com/support

É pra usar LIMPAR e postar o Log do AdwCleaner



MVP Mr.Million

Compartilhar este post


Link para o post
Compartilhar em outros sites

Perdão,eu tinha copiado o Log errado,segue:

 

# AdwCleaner v6.042 - Relatório criado 11/01/2017 às 11:47:59
# *Updated on 06/01/2017 by Malwarebytes
# Banco de dados : 2017-01-11.1 [Servidor]
# Sistema operacional : Windows 10 Home Single Language  (X64)
# Usuário : J.P - JPNOTE
# Executando de : C:\Users\J.P\Desktop\AdwCleaner.exe
# Limpar
# Apoio : https://www.malwarebytes.com/support

***** [ Serviços ] *****

***** [ Pastas ] *****

[-] RestauradoC:\Users\J.P\AppData\Local\YSearchUtil


***** [ Arquivos ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Atalhos ] *****

***** [ Tarefas agendadas ] *****

***** [ Registro ] *****

[-] RestauradoHKCU\Software\Microsoft\Internet Explorer\DOMStorage\colorask.com
[-] RestauradoHKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.torrentz.colorask.com
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\colorask.com
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.torrentz.colorask.com


***** [ Verificando navegadores ... ] *****

[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://search.conduit.com/?ctid=CT3325592&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=5&UP=SPC953A994-C2D6-40A2-B850-9D0231340228&SSPV=
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://search.babylon.com/?affID=110823&tt=120912_ccp_3812_8&babsrc=HP_ss&mntrId=18f28271000000000000001d19efde55
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://searchfunmoods.com/?f=1&a=01543&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0AyB0FzztAtD0AtDyCtCyEtN0D0Tzu0CyEyEzytN1L2XzutBtFtBtFtCtFyDtCyDtN1L1CzutDtCyDyE&cr=649340180&ir=
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://searchfunmoods.com/?f=1&a=1543n&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0AyB0FzztAtD0A0ByEyByEtN0D0Tzu0CyDyByCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1CzutCyDyE&cr=1021918151&ir=
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://search.iminent.com/?appId=2C9193E3-DBC6-4A28-816D-A428312C2151
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://searchfunmoods.com/?f=1&a=pc0102&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0CyB0EtDzy0E0AyDyByCtN0D0Tzu0SzztCtBtN1L2XzutBtFtCzztFyCtFtDtN1L1Czu1E1RtDtCtDtBtN1L1G1B1V1N2Y1L1Qzu2StA0E0BtC0E0DzytAtGtDzytAtAtGyByB0C0EtG0FtDzy0DtGtCtD0E0FyBtB0AtC0EtC0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByBtAzy0CtA0DyEtG0CyBzzyEtG0A0CzyyEtG0F0BtDzztGyD0A0EyByDyByDtB0CyEyEyC2Q&cr=432758003&ir=
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://searchfunmoods.com/?f=1&a=pc0102&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0CyB0EtDzy0E0AyDyByCtN0D0Tzu0SzztCtBtN1L2XzutBtFtCzztFyCtFtDtN1L1Czu1E1RtDtCtDtBtN1L1G1B1V1N2Y1L1Qzu2StBtB0DyE0DyD0A0EtGtBtAzy0CtG0C0CyByCtGyBtA0C0DtGtAyE0DzytD0Czz0CyB0EtA0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByBtAzy0CtA0DyEtG0CyBzzyEtG0A0CzyyEtG0F0BtDzztGyD0A0EyByDyByDtB0CyEyEyC2Q&cr=105808977&ir=
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://www.awesomehp.com/?type=hp&ts=1395513602&from=pcm&uid=ST9500325AS_5VEW2AYBXXXX5VEW2AYB
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://www.sweet-page.com/?type=hp&ts=1395514369&from=cor&uid=ST9500325AS_5VEW2AYBXXXX5VEW2AYB
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://www.sweet-page.com/?type=hp&ts=1395515612&from=cor&uid=ST9500325AS_5VEW2AYBXXXX5VEW2AYB
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://br.hao123.com/?tn=incore_pay_hp_05_hao123_br
[-] [C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Excluídohxxp://www.yessearches.com/?mode=nnnb&ptid=wak&uid=0EF38EFFEB19E131B74F1B2509B8A195&v=20160301&ts=AHEpBnMoA3MoAE..


*************************

:: Chaves "Tracing" excluídas
:: Configurações Winsock restauradas

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4144 *Bytes] - [11/01/2017 11:47:59]
C:\AdwCleaner\AdwCleaner[S0].txt - [3945 *Bytes] - [11/01/2017 11:45:59]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4292 *Bytes] ##########
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

1. Desabilite o seu Antivírus e AntiSpyware para não haver conflitos e Mantenha-os desativados até terminar as instruções.

2. Faça download do Zoek e execute-o.

3. Copie as linhas abaixo (selecione-as e tecle CTRL+C) e cole (CTRL+V) no espaço do Zoek:

createsrpoint;
autoclean;
resetieproxy;
resethosts;
iedefaults;
chrdefaults;
emptyCHRcache;
ffdefaults;
firefoxlook;
emptyalltemp;
shortcutfix;

4. Feche todos os navegadores e clique em Run Script:

zoek-run.png

Durante o Scan a mensagem abaixo será apresentada. Seja paciente e aguarde o término da execução do script pois a análise pode demorar alguns minutos..

zoek-executando.PNG

5. Caso seja solicitada a reinicialização do computador, faça isso clicando em OK

6.  O Zoek abrirá uma janela com o resultado da análise. Poste o conteúdo dessa janela e também um novo Log do HijackThis.

ZOEK



MVP Mr.Million

Compartilhar este post


Link para o post
Compartilhar em outros sites

Seguem Logs:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:15:12, on 11/01/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Users\J.P\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\3reedom Connection Manager\UIExec.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\3reedom Connection Manager\UIMain.exe
C:\Program Files (x86)\3reedom Connection Manager\CMUpdater.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
O4 - HKLM\..\Run: [UIExec] "C:\Program Files (x86)\3reedom Connection Manager\UIExec.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\J.P\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [OSDownloaderUpdate] "C:\Program Files (x86)\OSDownloader\OSDownloaderUpdate.exe" "sleep"
O4 - HKCU\..\Run: [OSDownloader] "C:\Program Files (x86)\OSDownloader\OSDownloader.exe" AutoStart
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\J.P\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\J.P\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F418A0558D832A2F494D8D0D97004497] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE')
O4 - Startup: Monitorar alertas de tinta - HP Deskjet 2540 series (Copy 1).lnk = ?
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: aapj.bb.com.br
O15 - Trusted Zone: seg.bb.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: http://www.bb.com.br
O15 - Trusted Zone: cloud.gastecnologia.com.br
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACC3866A-C9FB-4BDA-99E1-DFDF9DAF0B3E}: NameServer = 201.10.128.2 201.10.120.2
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc.  - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Boot Delay Start Service (McBootDelayStartSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: McAfee Module Core Service (ModuleCoreService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Intel Security PEF Service (PEFService) - Intel Security, Inc. - C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Printer Dianostics Service - Unknown owner - C:\Windows\system32\\spdsvc.exe
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWoW64\SecUPDUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files (x86)\3reedom Connection Manager\AssistantServices.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: WD Rules (WDRulesService) - Western Digital  - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

--
End of file - 17417 bytes
 

 


Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by J.P on 11/01/2017 at 16:05:09,25.
Microsoft Windows 10 Home Single Language 10.0.14393  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\J.P\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

11/01/2017 16:07:59 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 

# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 

# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 

# For example: 

#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
127.0.0.1       localhost 

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\COMMON~1\EAInstaller deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\IDM deleted successfully
C:\PROGRA~3\ProductData deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} deleted successfully
C:\Users\Administrador\AppData\LocalLow deleted successfully
C:\Users\Administrador\AppData\Local\ActiveSync deleted successfully
C:\Users\J.P\AppData\Local\ActiveSync deleted successfully
C:\Users\J.P\AppData\Local\CrashDumps deleted successfully
C:\Users\J.P\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2723134861-882596846-4248002994-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{50BD9674-014A-4879-9A4C-3CED93E78338} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} not found
C:\PROGRA~2\SamsungPrinterLiveUpdateInstaller deleted
C:\PROGRA~2\Universal Extractor deleted
C:\NetworkCfg.xml deleted
C:\HijackThis.exe deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\tasks\ASC9_PerformanceMonitor deleted
C:\Users\Public\Desktop\OSDownloader.lnk deleted
"C:\Windows\Installer\4ac89.msi" deleted
"C:\Users\J.P\AppData\Roaming\MPC-HC" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [28/12/2016 07:04]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [28/12/2016 07:04]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[13/06/2016 11:18]
jeaohhlajejodfjadcponpnjgkiikocn - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx[11/02/2016 10:49]
kpdmjodecdegfglgaapafjleomjjlpnh - No path found[]
ngpampappnmepgilojfohadhhmbhlaek - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx[11/02/2016 10:49]

Google Cast - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd
Videostream for Google Chromecastâ„¢ - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl
browse-by-netflixers - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\efpojaaaadkmgcgafajaapmehnenjflp
McAfee® WebAdvisor - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
MagicScroll eBook Reader - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble
IDM Integration Module - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek
Chrome Media Router - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Google Cast - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd
Videostream for Google Chromecastâ„¢ - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl
browse-by-netflixers - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\efpojaaaadkmgcgafajaapmehnenjflp
McAfee® WebAdvisor - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
MagicScroll eBook Reader - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble
IDM Integration Module - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek
Chrome Media Router - J.P\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage deleted successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{A52FF9F7-79F8-4E87-8001-20B41DBC13A3}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A52FF9F7-79F8-4E87-8001-20B41DBC13A3}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{A52FF9F7-79F8-4E87-8001-20B41DBC13A3}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{A52FF9F7-79F8-4E87-8001-20B41DBC13A3} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&PC=MAARJS
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{A52FF9F7-79F8-4E87-8001-20B41DBC13A3}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{A52FF9F7-79F8-4E87-8001-20B41DBC13A3} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&PC=MAARJS
HKCU\SearchScopes "DefaultScope"="{A52FF9F7-79F8-4E87-8001-20B41DBC13A3}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{A52FF9F7-79F8-4E87-8001-20B41DBC13A3} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&PC=MAARJS

==== Reset Google Chrome ======================

C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\J.P\Desktop\api.dll - Atalho.lnk - C:\Users\J.P\Desktop\FSX\SP1_with_crack\Crack for SP1\api.dll 
C:\Users\J.P\Desktop\fsui.dll - Atalho.lnk - C:\Users\J.P\Desktop\FSX\SP1_with_crack\Crack for SP1\fsui.dll 
C:\Users\J.P\Desktop\Internet Download Manager.lnk - C:\Program Files (x86)\Internet Download Manager\IDMan.exe 
C:\Users\J.P\Desktop\KMPlayer.lnk - C:\KMPlayer\KMPlayer.exe 
C:\Users\J.P\Desktop\main.dll - Atalho.lnk - C:\Users\J.P\Desktop\FSX\SP1_with_crack\Crack for SP1\main.dll 
C:\Users\J.P\Desktop\Media Player Classic - HC.lnk - C:\Program Files (x86)\XP Codec Pack\mpc-hc\mpc-hc.exe 
C:\Users\J.P\Desktop\Spotify.lnk - C:\Users\J.P\AppData\Roaming\Spotify\Spotify.exe 
C:\Users\J.P\Desktop\UniExtract.exe - Atalho.lnk - C:\Program Files (x86)\Universal Extractor\UniExtract.exe 
C:\Users\J.P\Desktop\api.dll - Atalho.lnk - C:\Users\J.P\Desktop\FSX\SP1_with_crack\Crack for SP1\api.dll 
C:\Users\J.P\Desktop\fsui.dll - Atalho.lnk - C:\Users\J.P\Desktop\FSX\SP1_with_crack\Crack for SP1\fsui.dll 
C:\Users\J.P\Desktop\Internet Download Manager.lnk - C:\Program Files (x86)\Internet Download Manager\IDMan.exe 
C:\Users\J.P\Desktop\KMPlayer.lnk - C:\KMPlayer\KMPlayer.exe 
C:\Users\J.P\Desktop\main.dll - Atalho.lnk - C:\Users\J.P\Desktop\FSX\SP1_with_crack\Crack for SP1\main.dll 
C:\Users\J.P\Desktop\Media Player Classic - HC.lnk - C:\Program Files (x86)\XP Codec Pack\mpc-hc\mpc-hc.exe 
C:\Users\J.P\Desktop\Spotify.lnk - C:\Users\J.P\AppData\Roaming\Spotify\Spotify.exe 
C:\Users\J.P\Desktop\UniExtract.exe - Atalho.lnk - C:\Program Files (x86)\Universal Extractor\UniExtract.exe 

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\3reedom Connection Manager.lnk - C:\Program Files (x86)\3reedom Connection Manager\UIMain.exe 
C:\Users\Public\Desktop\Acer Backup Manager.lnk - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe 
C:\Users\Public\Desktop\Acrobat Reader DC.lnk - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 
C:\Users\Public\Desktop\Advanced SystemCare 9.lnk -  
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe 
C:\Users\Public\Desktop\BlueSoleil.lnk - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe 
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\Users\Public\Desktop\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe 
C:\Users\Public\Desktop\Comprar suprimentos - HP Deskjet 2540 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\hpqDTSS.exe 
C:\Users\Public\Desktop\DAEMON Tools Pro.lnk - C:\Program Files (x86)\DAEMON Tools Pro\DTPro.exe 
C:\Users\Public\Desktop\Diagnóstico da impressora Samsung.lnk -  
C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk - C:\Program Files (x86)\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe 
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Public\Desktop\Help and Support.lnk -  
C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\HP Deskjet 2540 series.exe -Start UDCDevicePage
C:\Users\Public\Desktop\HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe 
C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk - C:\Program Files (x86)\HP\Diagnostics\PSDR\HPPSDr.exe 
C:\Users\Public\Desktop\HP Support Assistant.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /p 2
C:\Users\Public\Desktop\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe 
C:\Users\Public\Desktop\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe 
C:\Users\Public\Desktop\McAfee Total Protection .lnk - C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /desktopicon /platui
C:\Users\Public\Desktop\Microsoft Flight Simulator 2004.lnk - E:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe 
C:\Users\Public\Desktop\MV RegClean 6.9.lnk - C:\Program Files (x86)\Marcos Velasco Security\MV RegClean 6.9\MVREGCLEAN.EXE 
C:\Users\Public\Desktop\Prático Artigo.lnk -  
C:\Users\Public\Desktop\Prático TCC.lnk -  
C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe 
C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk - C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe 
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe 
C:\Users\Public\Desktop\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe 
C:\Users\Public\Desktop\WD Drive Utilities.lnk - C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilities.exe 
C:\Users\Public\Desktop\WD Security.lnk - C:\Program Files (x86)\Western Digital\WD Security\WDDriveSecurity.exe 
C:\Users\Public\Desktop\WinSCP.lnk - C:\Program Files (x86)\WinSCP\WinSCP.exe 

==== shortcuts in Users Start Menu ======================

C:\Users\J.P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk - C:\Users\J.P\AppData\Roaming\Spotify\Spotify.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 2540 series (Copy 1).lnk - C:\Windows\system32\RunDll32.exe "C:\Program Files\HP\HP Deskjet 2540 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=BR586FB3MB05XK;CONNECTION=USB;MONITOR=1;
C:\Users\J.P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk - C:\Users\J.P\AppData\Roaming\Spotify\Spotify.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 2540 series (Copy 1).lnk - C:\Windows\system32\RunDll32.exe "C:\Program Files\HP\HP Deskjet 2540 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=BR586FB3MB05XK;CONNECTION=USB;MONITOR=1;
C:\Users\J.P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe 

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}\SC_Reader.ico 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk - C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk - C:\Program Files (x86)\WinSCP\WinSCP.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3reedom Connection Manager\3reedom Connection Manager.lnk - C:\Program Files (x86)\3reedom Connection Manager\UIMain.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3reedom Connection Manager\Uninstall.lnk - C:\Windows\SysWOW64\SupportAppCB\EXETimer.exe "C:\Windows\SysWoW64\SupportAppCB\Uninstall.bat"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk - C:\Program Files\7-Zip\7zFM.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk - C:\Program Files\7-Zip\7-zip.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Advanced SystemCare 9.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Atualização HP.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 2540 series\HP Deskjet 2540 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\HP Deskjet 2540 series.exe -Start UDCDevicePage
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photo Creations\Desinstalar HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\uninst.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photo Creations\HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Support Assistant.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /p 1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_101\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_101\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_101\bin\javacpl.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Java Mission Control.lnk - C:\Program Files (x86)\Java\jdk1.7.0_45\bin\jmc.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Reference Documentation.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk - C:\Program Files (x86)\Malwarebytes\Anti-Malware\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee Total Protection .lnk - C:\Program Files (x86)\Common Files\mcafee\Platform\McUICnt.exe /desktopicon /platui
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Microsoft Flight Simulator 2004\Flight Instructor.lnk - E:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe /INSTRUCTOR
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Microsoft Flight Simulator 2004\Microsoft Flight Simulator 2004 Readme.lnk - E:\Program Files (x86)\Microsoft Games\Flight Simulator 9\Readme.rtf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Microsoft Flight Simulator 2004\Microsoft Flight Simulator 2004.lnk - E:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Microsoft Flight Simulator 2004\Uninstall Microsoft Flight Simulator 2004.lnk - E:\Program Files (x86)\Microsoft Games\Flight Simulator 9\UNINSTAL.EXE /runtemp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Microsoft Flight Simulator 2004\Troubleshooting\Configuration Support.lnk - E:\Program Files (x86)\Microsoft Games\Flight Simulator 9\Config\ConfigSupport.htm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Microsoft Flight Simulator 2004\Troubleshooting\Reset Defaults.lnk - E:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe -RESETINI
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Microsoft Flight Simulator 2004\Troubleshooting\Safe Mode.lnk - E:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe -SWREND
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories\Ajuda do Microsoft Xbox 360 Accessories.lnk - C:\Program Files (x86)\Microsoft Xbox 360 Accessories\Xboxhelp.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories\Status do Microsoft Xbox 360 Accessories.lnk - C:\Program Files (x86)\Microsoft Xbox 360 Accessories\XBoxStat.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories\Verificar se Há Atualizações.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Diagnóstico da impressora Samsung.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Order Supplies.lnk - C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Samsung Easy Printer Manager.lnk - C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Samsung Easy Wireless Setup.lnk - C:\Program Files (x86)\Samsung\Samsung Easy Wireless Setup\SEInstall\Setup\bin\SSWSPExe.exe /MSamsung /P"Easy Wireless Setup"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Samsung Printer Center.lnk - C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Uninstall Samsung Printer Software.lnk - C:\Program Files (x86)\Samsung\TotalUninstaller\TotalUninstaller.exe /N"Samsung" /REMOVE_ALL
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Update Software.lnk - C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\ESM.exe /J_Update /Target "PRINT_COMMON_SW"

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\OSDownloader.lnk - C:\Program Files (x86)\OSDownloader\OSDownloader.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Device Fast-lane.lnk - C:\Program Files (x86)\Acer\Acer Device Fast-lane\DeviceFastLaneUI.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Power Button.lnk - C:\Program Files (x86)\Acer\Acer Power Management\ePowerButton.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AcerCloud Docs.lnk - C:\Program Files (x86)\Acer\AcerCloud Docs\AcerCloud Docs.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Advanced SystemCare 9.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\clear.fi Media.lnk - C:\Program Files (x86)\Acer\clear.fi Media\ClearfiMedia.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\clear.fi Photo.lnk - C:\Program Files (x86)\Acer\clear.fi Photo\ClearfiPhoto.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Flight Simulator®.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Videostream for Google Chromecast™.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\OSDownloader.lnk - C:\Program Files (x86)\OSDownloader\OSDownloader.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Device Fast-lane.lnk - C:\Program Files (x86)\Acer\Acer Device Fast-lane\DeviceFastLaneUI.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Power Button.lnk - C:\Program Files (x86)\Acer\Acer Power Management\ePowerButton.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AcerCloud Docs.lnk - C:\Program Files (x86)\Acer\AcerCloud Docs\AcerCloud Docs.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Advanced SystemCare 9.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\clear.fi Media.lnk - C:\Program Files (x86)\Acer\clear.fi Media\ClearfiMedia.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\clear.fi Photo.lnk - C:\Program Files (x86)\Acer\clear.fi Photo\ClearfiPhoto.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Flight Simulator®.lnk -  
C:\Users\J.P\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Videostream for Google Chromecast™.lnk -  

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrador\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\J.P\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\J.P\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\J.P\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\J.P\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Administrador\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\J.P\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\J.P\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Users\J.P\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\J.P\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\J.P\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=222 folders=22 33602706 bytes)

==== Empty Temp Folders ======================

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\J.P\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 11/01/2017 at 20:07:03,53 ======================
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok, o PC está limpo (Y)
Finalizando.......
Limpe a Restauração do Sistema, criando um Ponto de Restauração do sistema limpo.
Clique com o botão direito do mouse em cima do MEU COMPUTADOR > Propiedades > Proteção do Sistema > Configurar > Excluir. Ainda em Proteção do Sistema > Criar.


MVP Mr.Million

Compartilhar este post


Link para o post
Compartilhar em outros sites

Entre para seguir isso  
Seguidores 0

  • NOVIDADES DO SITE BABOO

  • Posts

    • Pessoal. bom dia. Tenho interesse em comprar um notebook da Asus.  A minha necessidade é criar no virtual box, Windows, linux, servidores de ambos e outros os para teste. Eu não jogo nenhum game.  (mesmo assim vale uma placa dedicada?) Tenho até 2.200 para isso. Não tenho necessidade de ssd. Tenho interesse em um asus core i 5 (5 ou 6) geração, hd de 1 tera, tela no minimo 14, 8 gb de ram( mas que seja expansivel até 16gb)   Pensei nesse . Se puderem me ajudar. Muito obrigado     notebook Asus Z450UA-WX003T com Intel® Core™ i5-6200U, 8GB, 1TB, Gravador de DVD, Leitor de Cartões, HDMI, Wireless, Bluetooth, LED 14" 
    • Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 19:37:25, on 21/02/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.9600.18123)
      Boot mode: Normal Running processes:
      C:\PROGRA~2\GbPlugin\GbpSv.exe
      C:\SHARMAQ\SHOficina\SHBackUp.exe
      C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
      C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
      C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
      C:\Windows\SysWOW64\ACEngSvr.exe
      C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
      C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
      C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
      C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
      C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
      C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
      C:\Users\NOT\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&PC=UE12&ocid=UE12DHP
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=userinit.exe
      O1 - Hosts: 23.13.171.66 guardiao.itau.com.br # GbPlugin
      O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll
      O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
      O4 - HKCU\..\Run: [BatteryCare] C:\Program Files (x86)\BatteryCare\BatteryCare.exe
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\NOT\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe /BACKUP
      O4 - HKCU\..\Run: [SHBackUp3] C:\SHARMAQ\SHOficina\SHBackUp.exe
      O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
      O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
      O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
      O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O15 - Trusted Zone: www.google.com.br
      O15 - Trusted Zone: www.itau.b.br
      O15 - Trusted Zone: *.itau.b.br
      O15 - Trusted Zone: bankline.itau.com.br
      O15 - Trusted Zone: banklineplus.itau.com.br
      O15 - Trusted Zone: clickbanking.itau.com.br
      O15 - Trusted Zone: guardiao.itau.com.br
      O15 - Trusted Zone: www.itau.com.br
      O15 - Trusted Zone: http://www.itau.com.br
      O15 - Trusted Zone: *.itau.com.br
      O15 - Trusted Zone: www.itaupersonnalite.com.br
      O15 - Trusted Zone: http://www.itaupersonnalite.com.br
      O17 - HKLM\System\CCS\Services\Tcpip\..\{22D3C863-0496-49CB-B4EB-BE7C4760C712}: NameServer = 8.8.8.8,8.8.4.4
      O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
      O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
      O20 - Winlogon Notify:  GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll
      O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
      O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
      O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
      O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
      O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
      O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
      O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
      O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --
      End of file - 9656 bytes
        Agradeço desde ja
    • Ola, boa noite não estou conseguindo excluir esses arquivos que baixei do pacote office 2016. já tentei de tudo ate reiniciei para configuração de fabrica, mesmo assim não adiantou o antivírus que eu tenho e o avast ele está instalado de graça no computador e só deleta se for a versão paga. vou mandar a configuração do meu PC, para vocês entenderem melhor e também o arquivo que não estou conseguindo excluir em anexo. deis de já agradeço.
    • Lamentável ... Era seguro e agora com certeza vai ser um "raptor" de dados pessoais como os outros softwares chineses , e nem faço idéia para onde vão para senhas e outras coisas de quem continuar usando esses "negócios da China". Estive pesquisando e apesar de quebrar alguns links o Epic seria uma boa alternativa para navegar em redes abertas , será que ele tem extensão VPN ou aquela de proxy já é parecida ? Obrigado pela atenção , um abraço .  
    • Digite winver no executar e poste a versão do 10 instalada por favor... Aconteceu de repente ou desde que instalou/atualizou para o 10 ? Atualizou drivers de video recentemente? Placa Nvidia  ?
    • Começou quando estava assistindo um vídeo num site. Depois, ao ligar, desligava toda vez que tentava abrir algum programa, principalmente ao conectar. Então liguei novamente e deixei um tempinho parado. Assim conseguir ficar conectada.  Porém, toda vez que abre qualquer vídeo, volta o mesmo problema: desliga de repente (dando um instalo, apaga). Será que é vírus? Será que é algum problema do aparelho? Aconteceu uma vez ou duas (uma bem ressente), esgotar a bateria até desligar...  Preciso muito resolver este problema! Abraço. Obrigada. Vera    
    • Pessoal obrigado pela ajuda !   Agora gostaria de saber como faço para configurar meu modem da NET para Bridge, o modelo dele é: SURFboard SBV5121i Nunca configurei esse modem. Abs
    • "Mesma série de placas, a 260 é quem usa um clock maior, ao contrário do que citou acima. No mais, são praticamente a mesma placa. " Obrigado pela correção. Dessa forma, o que você sugere: deixar o driver M265 de 2014 da Dell ou o mais recente da AMD M260? Realmente penso em comprar uma base refrigerada. Indica alguma de qualidade não tão cara? Obrigado Ciro.
    • Olá! Varri a internet e não encontro nada sobre o erro que estou tendo, ao ponto de achar que o mesmo é normal e faz parte o Win10 e sou maluco. Em todos os aplicativos que abro, na barra de titulos, aparece sobreposto ao texto do titulo uma linha, tanto na janela ativa quanto nas janelas inativas. Segue em anexo um exemplo de uma janela ativa (em amarelo). Não encontro nada de informações na internet sobre algo parecido. Se puderem me ajudar , agradeço muito! Ressalto que parece uma coisa boba, mas em minha rotinas abro varios arquivos ao mesmo erro de mesmo programa e preciso ficar forçando a vista a ler os titulos dos programas..    
O site BABOO está no ar para informar e ajudar o internauta de Windows. Este site foi publicado em 1999 por Aurélio "Baboo", engenheiro e um dos maiores especialistas brasileiros em Windows, que trabalha profissionalmente com esse sistema operacional desde 1987. Desde 2004 ele é premiado anualmente pela Microsoft como MVP (Most Valuable Professional) pela sua contribuição e ajuda à comunidade de usuários de Windows.

Em 2001 foi criado o
Fórum do BABOO para ajudar o internauta brasileiro a solucionar problemas e dúvidas sobre Windows, Segurança, Office, Hardware e outros temas. Desde 2010 a Microsoft também tem premiado o Mr.Million, administrador da área de Segurança do Fórum do BABOO, pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Atualmente ele é o único MVP brasileiro de Segurança em desktop.

O BABOO é o único site brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows e que participa diariamente e ativamente nos comentários e discussões do site e fórum BABOO.