CONHEÇA o BABOO PRO e a Comunidade BABOO que substituirão o site BABOO e esse fórum

Ir para conteúdo
  • Cadastre-se
Lauro Neto

Solicitação de Análise de Logs

Mensagem Recomendada

Ola, venho tendo muito problema com meu VAIO. Ele tem uns 5 anos ja. 

Mas enfim, ele esta muito lento e acredito ser por conta de adwares ou coisa similar.

Segue log do hijackthis

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:10:21, on 13/09/2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Users\Windows\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sony.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\Windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\Windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
O23 - Service: OpcEnum - OPC Foundation - C:\Windows\SysWOW64\OpcEnum.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7489 bytes
 

 

Obrigado desde ja'

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Amigo, baixe MbrScan.exe by Eric_71 > salve no desktop.

Dê um duplo-clique para executar a ferramenta. Clique no botão Scan. Ao final do exame clique no botão Report. Abrirá um bloco de notas com o resultado do exame. É salvo no desktop com o nome de MbrScan.log.

Selecione, copie e cole o seu conteúdo na próxima resposta.

Baixe Farbar Service Scanner e salve no desktop. Execute a ferramenta.

Além das checkboxes que já estão marcadas por padrão, marque as seguintes:

  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender


Clique em Scan e aguarde o exame acabar, Ao final será gerado um log chamado FSS.txt que é salvo no mesmo diretório que está o FSS, ou seja, no desktop.

Selecione, copie e cole o seu conteúdo na próxima resposta.

 


 

 

xerl_roums_16.JPG

Compartilhar este post


Link para o post
Compartilhar em outros sites
Em 13/09/2017 at 2:17 AM, XERLOUCO ROUMS disse:

á gerado um log chamado FSS.txt que é salvo no mesmo diretório que está o FSS, ou seja, no desktop.

Opa obrigado pela atencao amigo. Segue os logs:

 

MBR

 

	MBRScan v1.1.1




	OS             : Windows 7 Service Pack 1 (64 bit)
	PROCESSOR      : Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
	BOOT           : Normal Boot
	DATE           : 2017/09/14 (ISO 8601) at 21:41:27
	________________________________________________________________________________




	DISK           : Device\Harddisk0\DR0 __Hitachi HTS547564A9E (JEDO)
	BUS_TYPE       : (0x03)  P-ATA
	USE_PIO        : NO
	MAX_TRANSFER   : 128 Kb
	ALIGNMENT_MASK : word aligned
	________________________________________________________________________________




	DISK           : Device\Harddisk1\DR1 __My Passport 259F (1014)
	BUS_TYPE       : (0x07)  USB
	USE_PIO        : NO
	MAX_TRANSFER   : 64 Kb
	ALIGNMENT_MASK : byte aligned
	________________________________________________________________________________




	Device\Harddisk0\DR0    596.2 Go  [Fixed] ==> 7 MBR Code .




	MBR_MD5   : 501EA17FD07B89BF658434078D788566
	MBR_SHA1  : 8B88E13E73094053681B98950CEA396A19790F33




	Device\Harddisk0\Partition1    10.88 Go      0x27 RE Hidden partition 
	Device\Harddisk0\Partition2    100.0 Mo      0x07 NTFS / HPFS __ BOOTABLE __
	Device\Harddisk0\Partition3    585.2 Go      0x07 NTFS / HPFS
	________________________________________________________________________________




	Device\Harddisk1\DR1    931.5 Go  [Fixed] ==> Unknown MBR Code ....




	MBR_MD5   : B749CA3279980E04AF4ACFC8F6E210F5
	MBR_SHA1  : DC904FAA709EFDBA05F1C1E9A46A68DF817B0C5F




	Device\Harddisk1\Partition1    2.00 To      0xEE EFI GPT[1] 
	________________________________________________________________________________




	############################### Additional scan ################################




	DRIVER  : C:\Windows\system32\hal.dll => Invisible on the disk
	ADDRESS : 0x02E1A000
	SIZE    : 292.0 Ko




	DRIVER  : C:\Windows\system32\kdcom.dll => Invisible on the disk
	ADDRESS : 0x00BBF000
	SIZE    : 40.0 Ko




	DRIVER  : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
	ADDRESS : 0x00CDB000
	SIZE    : 316.0 Ko




	DRIVER  : C:\Windows\system32\CLFS.SYS => Invisible on the disk
	ADDRESS : 0x00D3E000
	SIZE    : 380.0 Ko




	DRIVER  : C:\Windows\system32\CI.dll => Invisible on the disk
	ADDRESS : 0x00C00000
	SIZE    : 468.0 Ko




	DRIVER  : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
	ADDRESS : 0x00E5E000
	SIZE    : 776.0 Ko




	DRIVER  : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
	ADDRESS : 0x00F20000
	SIZE    : 64.0 Ko




	DRIVER  : C:\Windows\system32\drivers\ACPI.sys => Invisible on the disk
	ADDRESS : 0x00F30000
	SIZE    : 348.0 Ko




	DRIVER  : C:\Windows\system32\drivers\WMILIB.SYS => Invisible on the disk
	ADDRESS : 0x00F87000
	SIZE    : 36.0 Ko




	DRIVER  : C:\Windows\system32\drivers\msisadrv.sys => Invisible on the disk
	ADDRESS : 0x00F90000
	SIZE    : 40.0 Ko




	DRIVER  : C:\Windows\system32\drivers\pci.sys => Invisible on the disk
	ADDRESS : 0x00F9A000
	SIZE    : 204.0 Ko




	DRIVER  : C:\Windows\system32\drivers\vdrvroot.sys => Invisible on the disk
	ADDRESS : 0x00FCD000
	SIZE    : 52.0 Ko




	DRIVER  : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
	ADDRESS : 0x00FDA000
	SIZE    : 84.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\compbatt.sys => Invisible on the disk
	ADDRESS : 0x00FEF000
	SIZE    : 36.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\BATTC.SYS => Invisible on the disk
	ADDRESS : 0x00E00000
	SIZE    : 48.0 Ko




	DRIVER  : C:\Windows\system32\drivers\volmgr.sys => Invisible on the disk
	ADDRESS : 0x00E0C000
	SIZE    : 84.0 Ko




	DRIVER  : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
	ADDRESS : 0x00C75000
	SIZE    : 368.0 Ko




	DRIVER  : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
	ADDRESS : 0x00E21000
	SIZE    : 104.0 Ko




	DRIVER  : C:\Windows\system32\drivers\iaStor.sys => Invisible on the disk
	ADDRESS : 0x01070000
	SIZE    : 1.33 Mo




	DRIVER  : C:\Windows\system32\drivers\amdxata.sys => Invisible on the disk
	ADDRESS : 0x011C4000
	SIZE    : 44.0 Ko




	DRIVER  : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk
	ADDRESS : 0x01000000
	SIZE    : 304.0 Ko




	DRIVER  : C:\Windows\system32\drivers\NISx64\1309000.009\SYMDS64.SYS => Invisible on the disk
	ADDRESS : 0x0122D000
	SIZE    : 452.0 Ko




	DRIVER  : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk
	ADDRESS : 0x0129E000
	SIZE    : 80.0 Ko




	DRIVER  : C:\Windows\system32\drivers\NISx64\1309000.009\SYMEFA64.SYS => Invisible on the disk
	ADDRESS : 0x012B2000
	SIZE    : 1.09 Mo




	DRIVER  : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk
	ADDRESS : 0x01448000
	SIZE    : 1.66 Mo




	DRIVER  : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk
	ADDRESS : 0x00D9D000
	SIZE    : 376.0 Ko




	DRIVER  : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk
	ADDRESS : 0x01400000
	SIZE    : 108.0 Ko




	DRIVER  : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk
	ADDRESS : 0x01663000
	SIZE    : 468.0 Ko




	DRIVER  : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
	ADDRESS : 0x016D8000
	SIZE    : 68.0 Ko




	DRIVER  : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
	ADDRESS : 0x016E9000
	SIZE    : 40.0 Ko




	DRIVER  : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
	ADDRESS : 0x016F3000
	SIZE    : 972.0 Ko




	DRIVER  : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
	ADDRESS : 0x01600000
	SIZE    : 388.0 Ko




	DRIVER  : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
	ADDRESS : 0x0141B000
	SIZE    : 172.0 Ko




	DRIVER  : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
	ADDRESS : 0x01801000
	SIZE    : 1.98 Mo




	DRIVER  : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
	ADDRESS : 0x01A01000
	SIZE    : 292.0 Ko




	DRIVER  : C:\Windows\system32\drivers\wd.sys => Invisible on the disk
	ADDRESS : 0x01A4A000
	SIZE    : 32.0 Ko




	DRIVER  : C:\Windows\system32\drivers\volsnap.sys => Invisible on the disk
	ADDRESS : 0x01A52000
	SIZE    : 304.0 Ko




	DRIVER  : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk
	ADDRESS : 0x01A9E000
	SIZE    : 32.0 Ko




	DRIVER  : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
	ADDRESS : 0x01AA6000
	SIZE    : 232.0 Ko




	DRIVER  : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
	ADDRESS : 0x01AE0000
	SIZE    : 72.0 Ko




	DRIVER  : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk
	ADDRESS : 0x01AF2000
	SIZE    : 36.0 Ko




	DRIVER  : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
	ADDRESS : 0x01AFB000
	SIZE    : 232.0 Ko




	DRIVER  : C:\Windows\system32\drivers\disk.sys => Invisible on the disk
	ADDRESS : 0x01B35000
	SIZE    : 84.0 Ko




	DRIVER  : C:\Windows\system32\drivers\CLASSPNP.SYS => Invisible on the disk
	ADDRESS : 0x01B4A000
	SIZE    : 192.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\CmBatt.sys => Invisible on the disk
	ADDRESS : 0x02F81000
	SIZE    : 20.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the disk
	ADDRESS : 0x02F86000
	SIZE    : 168.0 Ko




	DRIVER  : C:\Windows\system32\drivers\NISx64\1309000.009\ccSetx64.sys => Invisible on the disk
	ADDRESS : 0x02FB0000
	SIZE    : 184.0 Ko




	DRIVER  : C:\Windows\system32\drivers\NISx64\1309000.009\Ironx64.SYS => Invisible on the disk
	ADDRESS : 0x01B88000
	SIZE    : 196.0 Ko




	DRIVER  : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
	ADDRESS : 0x02FDE000
	SIZE    : 36.0 Ko




	DRIVER  : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
	ADDRESS : 0x02FE7000
	SIZE    : 28.0 Ko




	DRIVER  : C:\Windows\System32\drivers\vga.sys => Invisible on the disk
	ADDRESS : 0x02FEE000
	SIZE    : 56.0 Ko




	DRIVER  : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
	ADDRESS : 0x01BB9000
	SIZE    : 148.0 Ko




	DRIVER  : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
	ADDRESS : 0x02E00000
	SIZE    : 64.0 Ko




	DRIVER  : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
	ADDRESS : 0x02E10000
	SIZE    : 36.0 Ko




	DRIVER  : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk
	ADDRESS : 0x01BDE000
	SIZE    : 36.0 Ko




	DRIVER  : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk
	ADDRESS : 0x01BE7000
	SIZE    : 36.0 Ko




	DRIVER  : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
	ADDRESS : 0x01BF0000
	SIZE    : 44.0 Ko




	DRIVER  : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
	ADDRESS : 0x017E6000
	SIZE    : 68.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
	ADDRESS : 0x013CA000
	SIZE    : 136.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
	ADDRESS : 0x015F1000
	SIZE    : 52.0 Ko




	DRIVER  : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
	ADDRESS : 0x03C9A000
	SIZE    : 548.0 Ko




	DRIVER  : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
	ADDRESS : 0x03D23000
	SIZE    : 276.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
	ADDRESS : 0x03D68000
	SIZE    : 36.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk
	ADDRESS : 0x03D71000
	SIZE    : 152.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk
	ADDRESS : 0x03D97000
	SIZE    : 88.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk
	ADDRESS : 0x03DAD000
	SIZE    : 60.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
	ADDRESS : 0x03DBC000
	SIZE    : 108.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\termdd.sys => Invisible on the disk
	ADDRESS : 0x03DD7000
	SIZE    : 80.0 Ko




	DRIVER  : C:\Windows\System32\Drivers\NISx64\1309000.009\SYMNETS.SYS => Invisible on the disk
	ADDRESS : 0x03C00000
	SIZE    : 432.0 Ko




	DRIVER  : C:\Windows\system32\Drivers\SYMEVENT64x86.SYS => Invisible on the disk
	ADDRESS : 0x042D6000
	SIZE    : 224.0 Ko




	DRIVER  : C:\Windows\system32\drivers\NISx64\1309000.009\SRTSPX64.SYS => Invisible on the disk
	ADDRESS : 0x0430E000
	SIZE    : 84.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
	ADDRESS : 0x04323000
	SIZE    : 324.0 Ko




	DRIVER  : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
	ADDRESS : 0x04374000
	SIZE    : 48.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\mssmbios.sys => Invisible on the disk
	ADDRESS : 0x04380000
	SIZE    : 44.0 Ko




	DRIVER  : C:\Windows\System32\drivers\discache.sys => Invisible on the disk
	ADDRESS : 0x04588000
	SIZE    : 60.0 Ko




	DRIVER  : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
	ADDRESS : 0x04597000
	SIZE    : 124.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\blbdrive.sys => Invisible on the disk
	ADDRESS : 0x045B6000
	SIZE    : 68.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
	ADDRESS : 0x04600000
	SIZE    : 152.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\igdkmd64.sys => Invisible on the disk
	ADDRESS : 0x04A27000
	SIZE    : 11.71 Mo




	DRIVER  : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
	ADDRESS : 0x058C0000
	SIZE    : 980.0 Ko




	DRIVER  : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk
	ADDRESS : 0x059B5000
	SIZE    : 280.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\HECIx64.sys => Invisible on the disk
	ADDRESS : 0x05800000
	SIZE    : 68.0 Ko




	DRIVER  : C:\Windows\system32\drivers\usbehci.sys => Invisible on the disk
	ADDRESS : 0x05811000
	SIZE    : 72.0 Ko




	DRIVER  : C:\Windows\system32\drivers\USBPORT.SYS => Invisible on the disk
	ADDRESS : 0x05823000
	SIZE    : 348.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\HDAudBus.sys => Invisible on the disk
	ADDRESS : 0x0587A000
	SIZE    : 144.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\NETwNs64.sys => Invisible on the disk
	ADDRESS : 0x05A75000
	SIZE    : 8.42 Mo




	DRIVER  : C:\Windows\system32\DRIVERS\vwifibus.sys => Invisible on the disk
	ADDRESS : 0x062E1000
	SIZE    : 52.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\RtsPStor.sys => Invisible on the disk
	ADDRESS : 0x062EE000
	SIZE    : 344.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\Rt64win7.sys => Invisible on the disk
	ADDRESS : 0x06344000
	SIZE    : 424.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\SFEP.sys => Invisible on the disk
	ADDRESS : 0x063AE000
	SIZE    : 12.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\i8042prt.sys => Invisible on the disk
	ADDRESS : 0x063B1000
	SIZE    : 120.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\kbdclass.sys => Invisible on the disk
	ADDRESS : 0x063CF000
	SIZE    : 60.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\Apfiltr.sys => Invisible on the disk
	ADDRESS : 0x05A00000
	SIZE    : 332.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\mouclass.sys => Invisible on the disk
	ADDRESS : 0x05A53000
	SIZE    : 60.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\intelppm.sys => Invisible on the disk
	ADDRESS : 0x063DE000
	SIZE    : 88.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\CompositeBus.sys => Invisible on the disk
	ADDRESS : 0x05A62000
	SIZE    : 64.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
	ADDRESS : 0x0589E000
	SIZE    : 88.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
	ADDRESS : 0x055DC000
	SIZE    : 144.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
	ADDRESS : 0x063F4000
	SIZE    : 48.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
	ADDRESS : 0x045C7000
	SIZE    : 188.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
	ADDRESS : 0x04A00000
	SIZE    : 108.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
	ADDRESS : 0x0438B000
	SIZE    : 132.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
	ADDRESS : 0x043AC000
	SIZE    : 104.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\swenum.sys => Invisible on the disk
	ADDRESS : 0x05A72000
	SIZE    : 8.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\ks.sys => Invisible on the disk
	ADDRESS : 0x04200000
	SIZE    : 268.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\umbus.sys => Invisible on the disk
	ADDRESS : 0x04243000
	SIZE    : 72.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\WDKMD.sys => Invisible on the disk
	ADDRESS : 0x04255000
	SIZE    : 64.0 Ko




	DRIVER  : C:\Windows\system32\drivers\usbhub.sys => Invisible on the disk
	ADDRESS : 0x04265000
	SIZE    : 360.0 Ko




	DRIVER  : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
	ADDRESS : 0x042BF000
	SIZE    : 84.0 Ko




	DRIVER  : C:\Windows\system32\drivers\CHDRT64.sys => Invisible on the disk
	ADDRESS : 0x0824B000
	SIZE    : 1.56 Mo




	DRIVER  : C:\Windows\system32\drivers\portcls.sys => Invisible on the disk
	ADDRESS : 0x08200000
	SIZE    : 244.0 Ko




	DRIVER  : C:\Windows\system32\drivers\drmk.sys => Invisible on the disk
	ADDRESS : 0x083DB000
	SIZE    : 136.0 Ko




	DRIVER  : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk
	ADDRESS : 0x0823D000
	SIZE    : 24.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\IntcDAud.sys => Invisible on the disk
	ADDRESS : 0x084F5000
	SIZE    : 332.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\hidusb.sys => Invisible on the disk
	ADDRESS : 0x08548000
	SIZE    : 56.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\HIDCLASS.SYS => Invisible on the disk
	ADDRESS : 0x08556000
	SIZE    : 100.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\HIDPARSE.SYS => Invisible on the disk
	ADDRESS : 0x0856F000
	SIZE    : 36.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
	ADDRESS : 0x08578000
	SIZE    : 8.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\mouhid.sys => Invisible on the disk
	ADDRESS : 0x0857A000
	SIZE    : 52.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\cdfs.sys => Invisible on the disk
	ADDRESS : 0x08587000
	SIZE    : 116.0 Ko




	DRIVER  : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk
	ADDRESS : 0x085A4000
	SIZE    : 56.0 Ko




	DRIVER  : C:\Windows\System32\Drivers\dump_iaStor.sys => Invisible on the disk
	ADDRESS : 0x02E19000
	SIZE    : 1.33 Mo




	DRIVER  : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
	ADDRESS : 0x085B2000
	SIZE    : 76.0 Ko




	DRIVER  : C:\Windows\System32\win32k.sys => Invisible on the disk
	ADDRESS : 0x00090000
	SIZE    : 3.15 Mo




	DRIVER  : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the disk
	ADDRESS : 0x085C5000
	SIZE    : 48.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the disk
	ADDRESS : 0x085D1000
	SIZE    : 56.0 Ko




	DRIVER  : C:\Windows\System32\TSDDD.dll => Invisible on the disk
	ADDRESS : 0x004B0000
	SIZE    : 40.0 Ko




	DRIVER  : C:\Windows\System32\cdd.dll => Invisible on the disk
	ADDRESS : 0x00620000
	SIZE    : 156.0 Ko




	DRIVER  : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk
	ADDRESS : 0x08400000
	SIZE    : 140.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
	ADDRESS : 0x08423000
	SIZE    : 84.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
	ADDRESS : 0x08438000
	SIZE    : 332.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
	ADDRESS : 0x0848B000
	SIZE    : 76.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
	ADDRESS : 0x0849E000
	SIZE    : 96.0 Ko




	DRIVER  : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk
	ADDRESS : 0x028FE000
	SIZE    : 804.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk
	ADDRESS : 0x029C7000
	SIZE    : 116.0 Ko




	DRIVER  : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk
	ADDRESS : 0x029E4000
	SIZE    : 96.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
	ADDRESS : 0x02800000
	SIZE    : 180.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
	ADDRESS : 0x0282D000
	SIZE    : 312.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
	ADDRESS : 0x0287B000
	SIZE    : 144.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\vwifimp.sys => Invisible on the disk
	ADDRESS : 0x0289F000
	SIZE    : 40.0 Ko




	DRIVER  : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk
	ADDRESS : 0x0489F000
	SIZE    : 680.0 Ko




	DRIVER  : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
	ADDRESS : 0x04949000
	SIZE    : 196.0 Ko




	DRIVER  : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk
	ADDRESS : 0x0497A000
	SIZE    : 72.0 Ko




	DRIVER  : C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys => Invisible on the disk
	ADDRESS : 0x0498C000
	SIZE    : 96.0 Ko




	DRIVER  : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk
	ADDRESS : 0x04800000
	SIZE    : 416.0 Ko




	DRIVER  : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk
	ADDRESS : 0x064AC000
	SIZE    : 604.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\USBSTOR.SYS => Invisible on the disk
	ADDRESS : 0x065B4000
	SIZE    : 108.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\usbccgp.sys => Invisible on the disk
	ADDRESS : 0x065CF000
	SIZE    : 116.0 Ko




	DRIVER  : C:\Windows\system32\DRIVERS\kbdhid.sys => Invisible on the disk
	ADDRESS : 0x065EC000
	SIZE    : 56.0 Ko




	DRIVER  : C:\Windows\System32\smss.exe => Invisible on the disk
	ADDRESS : 0x48240000
	SIZE    : 128.0 Ko




	BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)




	SystemStartOptions :  NOEXECUTE=OPTIN  NUMPROC=4




	________________________________________________________________________________




	_______MBR   \Device\Harddisk0\DR0  




	0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.м.|.À.ؾ.|¿.
	0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
	0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
	0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
	0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
	0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
	0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
	0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
	0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
	0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
	0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
	0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
	0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
	0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
	0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
	0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
	0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
	0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
	0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
	0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
	0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
	0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
	0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
	0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
	0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
	0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
	0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
	0x000001B0   65 6D 00 00 00 63 7B 9A 87 4B 93 91 00 00 00 20   em...c{..K..... 
	0x000001C0   21 00 27 FE FF FF 00 08 00 00 00 10 5C 01 80 FE   !.'þ........\..þ
	0x000001D0   FF FF 07 FE FF FF 00 18 5C 01 00 20 03 00 00 FE   ...þ....\.. ...þ
	0x000001E0   FF FF 07 FE FF FF 00 38 5F 01 00 40 26 49 00 00   ...þ...8_..@&I..
	0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª




	_______MBR   \Device\Harddisk1\DR1  




	0x00000000   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000010   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000020   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000030   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000040   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x000000A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x000000B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x000000C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x000000D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x000000E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x000001B0   00 00 00 00 00 00 00 00 1F A9 F2 16 00 00 00 00   .........©ò.....
	0x000001C0   02 00 EE FF FF FF 01 00 00 00 FF FF FF FF 00 00   ..î.............
	0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
	0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª
	

 

 

 

FSS

Farbar Service Scanner Version: 27-01-2016
Ran by Windows (administrator) on 14-09-2017 at 21:42:45
Running from "C:\Users\Windows\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok, baixe o Malwarebytes' Anti-Malware (MBAM) clicando em Download Gratuito.

Dê um duplo-clique no mbam-setup.exe para instalar o programa.

  • Ao terminar a instalação, clique em Concluir. Aguarde o programa ser aberto;
  • No alto à direita clique em Atualizar agora. O navegador irá abrir, pode fechá-lo. Se houver atualizações a serem feitas, serão baixadas e instaladas;
  • Ao final da atualização, no painel à esquerda, clique em Configurações. Na aba Proteção, ative Procurar rootkits;
  • Depois, no painel à esquerda, clique em Análise. Em seguida, clique no botão Iniciar Análise;
  • Começará então o exame. Aguarde, pois pode demorar. Ao terminar, uma janela irá se abrir próximo ao relógio;
  • Nela, clique em Ver Resultado. Deixe todas as entradas marcadas e clique no botão Colocar em Quarentena;
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo);
  • O log é automaticamente salvo pelo MBAM. Para exportá-lo, clique  na aba Relatórios -> Registro de aplicativos na janela principal do programa após a desinfecção ter sido realizada;
  • Clique duas vezes em cima do log mais atual e exporte em .TXT;
  • Selecione, copie e cole todo o conteúdo deste log em sua próxima resposta.


NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

 


 

 

xerl_roums_16.JPG

Compartilhar este post


Link para o post
Compartilhar em outros sites

Oi Segue o Log solicitado.

Obrigado

 

Malwarebytes
www.malwarebytes.com

-Detalhes de registro-
Data da análise: 17/09/17
Hora da análise: 14:53
Arquivo de registro: a6afb5b8-9bf2-11e7-ad2c-78843cee9342.json
Administrador: Sim

-Informação do software-
Versão: 3.2.2.2029
Versão de componentes: 1.0.188
Versão do pacote de definições: 1.0.2826
Licença: Versão de Avaliação

-Informação do sistema-
Sistema operacional: Windows 7 Service Pack 1
CPU: x64
Sistema de arquivos: NTFS
Usuário: Windows-VAIO\Windows

-Resumo da análise-
Tipo de análise: Análise de Ameaças
Resultado: Concluído
Objetos verificados: 309220
Ameaças detectadas: 0
(Nenhum item malicioso detectado)
Ameaças em quarentena: 0
(Nenhum item malicioso detectado)
Tempo decorrido: 11 min, 10 seg

-Opções da análise-
Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Detectar
PUM: Detectar

-Detalhes da análise-
Processo: 0
(Nenhum item malicioso detectado)

Módulo: 0
(Nenhum item malicioso detectado)

Chave de registro: 0
(Nenhum item malicioso detectado)

Valor de registro: 0
(Nenhum item malicioso detectado)

Dados de registro: 0
(Nenhum item malicioso detectado)

Fluxo de dados: 0
(Nenhum item malicioso detectado)

Pasta: 0
(Nenhum item malicioso detectado)

Arquivo: 0
(Nenhum item malicioso detectado)

Setor físico: 0
(Nenhum item malicioso detectado)


(end)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desative temporariamente seu AntiVirus.

Clique em esetsmartinstaller_enu.exe para baixar o ESET Smart Installer. Salve-o em seu desktop.

Dê um duplo clique no seu ícone no desktop.

  • Marque "YES, I accept the Terms of Use."
  • Clique em Start.
  • Aceite qualquer aviso de segurança de seu browser.
  • Marque as opções abaixo:
  • Enable detection of potencially unwanted applications.
  • Clique em Hide advanced settings e marque:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Clique Change e marque também a caixa Computador.
  • Clique em Start.
  • Ele vai atualizar por conta própria, e escanear o computador. Tenha paciência, o processo pode demorar horas.
  • Quando o scan terminar, clique em List Threats.
  • Clique em Export to text file e salve o log na sua área de trabalho.
  • Copie e cole o conteúdo em sua próxima resposta.
  • Obs: Se nada for encontrado, nenhum log será gerado.
  • Clique em Back.
  • Clique em Finish.

 


 

 

xerl_roums_16.JPG

Compartilhar este post


Link para o post
Compartilhar em outros sites

×
×
  • Criar Novo...