Jump to content

FreedomFSA

Members
  • Content count

    56
  • Joined

  • Last visited

Community Reputation

0 Comum

About FreedomFSA

  • Birthday 01/19/1993

Informações Pessoais

  • Sexo
    Masculino
  • Localização
    Formosa - Goias
  1. Tudo certo, DigRam! Obrigado :D
  2. Voltou a funcionar a tecla windows. E eu tbm havia testado o teclado em outro computador. Possivelmente era algum bugzinho que foi resolvido com aquele script do FRST.
  3. DigRam, Não havia o "Scancode Map" no editor de registro então não tomei nenhuma ação. Também já instalei o Ghostery. :D Obrigado!
  4. DigRam, Segue o log resultante. Duas perguntas. Minha tecla Windows + [ qualquer tecla ] não ta funcionando, exemplo windows + x. Será que é algum bug do windows ? Segundo, poderia me recomendar algum AdBlocker ou afim pra impedir que sites não executem coisas no meu PC? Tipo iniciar um download automaticamente ou coisas do tipo. Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 02.01.2018 Executado por CAUAN (04-01-2018 15:39:12) Run:1 Executando a partir de C:\Users\CAUAN\Desktop Perfis Carregados: CAUAN (Perfis Disponíveis: CAUAN) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** start 2017-12-29 16:13 - 2017-12-30 22:56 - 000000000 _____ () C:\Users\CAUAN\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll 2017-12-29 16:13 - 2017-12-30 22:56 - 000000017 _____ () C:\Users\CAUAN\AppData\Local\Temp\3699bab7a9719ac430ef60c774a0264e.dll S3 cpuz144; \??\C:\WINDOWS\temp\cpuz144\cpuz144_x64.sys [X] Task: {214978AC-7A49-49A9-9C71-704381E2AD5E} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATEN��O EmptyTemp: Reboot: end ***************** C:\Users\CAUAN\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll => movido com sucesso C:\Users\CAUAN\AppData\Local\Temp\3699bab7a9719ac430ef60c774a0264e.dll => movido com sucesso "HKLM\System\CurrentControlSet\Services\cpuz144" => removido (a) com sucesso. cpuz144 => serviço removido (a) com sucesso. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{214978AC-7A49-49A9-9C71-704381E2AD5E} => Não pode ser removido chave. ErrorCode1: 0x00000002 "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{214978AC-7A49-49A9-9C71-704381E2AD5E}" => removido (a) com sucesso. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => chave não encontrado (a) =========== EmptyTemp: ========== BITS transfer queue => 6053888 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 20259150 B Java, Flash, Steam htmlcache => 179738082 B Windows/system/drivers => 654782 B Edge => 2635084 B Chrome => 518509934 B Firefox => 73421647 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 178498 B CAUAN => 223174297 B RecycleBin => 0 B EmptyTemp: => 977.2 MB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado. ==== Fim de Fixlog 15:39:22 ====
  5. Pessoal, Posto abaixo o log gerado pelo FRST. Recentemente eu fui baixar um anime e o site de download executou um download automaticamente de um arquivo - não lembro o nome - também não cheguei a executar ele... Mas mesmo assim achei relevante vir e postar o log. frst.txt Addition.txt
  6. FreedomFSA

    Problema com hardware - placa de vídeo do notebook

    Lord, Isso foi a primeira coisa que fiz, apenas não escreve isso no meu relato, mas o driver instalado é o correto e está atualizado. Porém as possíveis soluções praticas e corriqueiras não resolveram meu problema. Abraços.
  7. Olá, pessoal. Gostaria de compartilhar um problema que estou tendo em meu computador. A historia é o seguinte. Formatei meu PC, até ai tudo certo. Fiz o de costume, instalei os programas, drivers e tudo mais. Porém, algo aconteceu que minha placa de vídeo não está chaveando. Como assim? Meu note tem 2 placas de vídeo, sendo 1 NVIDIA GT 750M e 1 Intel(R) HD Graphics 4600. Ou seja, uma on-board e uma off-board. Antes de formatar meu pc, funcionava normal. Porém, agora não mais =( Minha placa de vídeo também não é listada nas opções da Resolução de Tela. Alias, lista mas de forma estranha, conforme print (print01). Obrigado pela atenção.
  8. Uai,acho que podemos encerrar por aqui DigRam. :D Mas, antes lhe pergunto, fico aqui no meu PC o FRST... Pode dar shit-del nele? XD vlwzz por tudo. o/
  9. DigRam! Notei que na lista supracitada, consta alguns arquivos pessoais. Um deles é: C:\Users\Avell B155\Desktop\Backup-codes-cauan.amorim.txt Este contém códigos de backup do autenticador do Google. O resto, fiz um limpa manualmente e organizei eles. No mais, posso efetuar o procedimento sugerido, excluindo a linha que citei a cima? Ou realizo novamente o procedimento anterior a este? Obrigado!
  10. DigRam! Segue os logs: addtional.txt http://pjjoint.malekal.com/files.php?read=20141121_f15n11d9d11f8 frst.txt http://pjjoint.malekal.com/files.php?read=20141121_8q8o6s11y11
  11. DigRam! Segue o log aurac# DelFix v10.8 - Relatório criado 18/11/2014 às 15:24:46 # Atualizado 29/07/2014 por Xplode # Usuário : Avell B155 - B155 # Sistema Operacional : Windows 8.1 Pro (64 bits) ~ Removendo ferramentas de desinfecção ... Removido : C:\zoek_backup Removido : C:\AdwCleaner Removido : C:\Users\Avell B155\AppData\Roaming\ZHP Removido : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP Removido : C:\Program Files (x86)\ZHPDiag Removido : C:\Program Files (x86)\Trend Micro\Hijackthis Removido : C:\zoek-results.log Removido : C:\zoek-results2014-11-17-175311.log Removido : HKLM\SOFTWARE\AdwCleaner Removido : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 ~ Criando backup do registro ... OK ~ Limpando pontos da restauração do sistema ... Removido : RP #48 [Ponto de Verificação Agendado | 10/28/2014 06:23:36] Removido : RP #49 [installed Java 7 Update 71 | 11/05/2014 18:23:29] Removido : RP #50 [Ponto de Verificação Agendado | 11/13/2014 18:12:30] Removido : RP #51 [DirectX instalado | 11/15/2014 01:25:36] Removido : RP #52 [zoek.exe restore point | 11/17/2014 17:53:01] Novo ponto de restauração criado ! ########## - EOF - ##########
  12. DigRam! Segue o log gerado pelo Zoek. Zoek.exe v5.0.0.0 Updated 16-November-2014 Tool run by Avell B155 on 17/11/2014 at 16:29:02,03. Microsoft Windows 8.1 Pro 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Avell B155\Desktop\zoek\zoek.com [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-11-17-175311.log 405 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1242072069-3624147157-1849234089-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\boost_interprocess deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\AVELLB~1\AppData\Roaming\Mozilla\Firefox\Profiles\x9yz7alz.default\extensions\firefox@mega.co.nz.xpi deleted C:\Users\Avell B155\AppData\Roaming\unins000.exe deleted ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{87F8774F-B485-47E2-A755-A40A8A5E886C}"="C:\Users\Avell B155\AppData\Local\GAS Tecnologia\GBBD\bb\xpi" [21/08/2014 18:01] ==== Firefox Extensions ====================== ProfilePath: C:\Users\AVELLB~1\AppData\Roaming\Mozilla\Firefox\Profiles\x9yz7alz.default - Undetermined - cryptocat@crypto.cat - Undetermined - {87F8774F-B485-47E2-A755-A40A8A5E886C} - Cryptocat - %ProfilePath%\extensions\cryptocat@crypto.cat.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Avell B155\AppData\Roaming\Mozilla\Firefox\Profiles\x9yz7alz.default D2377C9458EFEB094E38B8C874AA214C - C:\Users\Avell B155\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll - Google Update 76EFD64CD206B93E2EB5320A23C19AD7 - C:\Users\Avell B155\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin 2AB6A7F373290AE20A19CF5F306E8C97 - C:\Users\Avell B155\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer BFD1CDA328C83054154DD05EA233F79B - C:\Users\Avell B155\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll - Módulo de Proteção - Banco do Brasil 77B8694352764F6079A2332FAD7FD426 - C:\Users\Avell B155\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player DE85813201ACE03E7909F618B56B4600 - C:\Users\Avell B155\AppData\Roaming\raidcall\plugins\nprcplugin.dll - Raidcall plugin A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash FF7BE908352D36D50E308F49162FEA32 - C:\Users\Avell B155\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll - Módulo de Proteção - Banco do Brasil ==== Chromium Look ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\Avell B155\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[22/05/2014 16:02] Google Docs - Avell B155\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Avell B155\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Avell B155\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Despertador Online - Avell B155\AppData\Local\Google\Chrome\User Data\Default\Extensions\caokbcfjjpfjghiibofdoakkclhlkhkh Desprotetor.com - Desprotetor de links - Avell B155\AppData\Local\Google\Chrome\User Data\Default\Extensions\cocohmmjllchepkjocddkihldoiillkl Google Search - Avell B155\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Cryptocat - Avell B155\AppData\Local\Google\Chrome\User Data\Default\Extensions\gonbigodpnfghidmnphnadhepmbabhij Yulia Brodskaya - Avell B155\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgdloilieclkegafohackmhffbmdpko Google Drive App Launcher - Avell B155\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh GBBD Banco do Brasil - Avell B155\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkeabchhfifpaaoefpockjhaphjmoapp Google Wallet - Avell B155\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda GBBD Banco do Brasil - Avell B155\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh Gmail - Avell B155\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Avell B155\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.avell.com.br/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.avell.com.br/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" ==== Deleting Registry Keys ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Avell B155\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Avell B155\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Avell B155\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Avell B155\AppData\Local\Microsoft\Windows\INetCache\IE\524IPMHF will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Avell B155\AppData\Local\Mozilla\Firefox\Profiles\x9yz7alz.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Avell B155\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=21 folders=18 45287483 bytes) ==== Empty Temp Folders ====================== C:\Users\Avell B155\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\USURIO~1\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\AVELLB~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Avell B155\AppData\Local\Microsoft\Windows\INetCache\IE\524IPMHF" not found ==== EOF on 17/11/2014 at 16:45:24,89 ====================== Mais ou, vc notou alguma coisa estranha nos logs? Spyware, malware, qlq coisa ? Vlwz!
  13. DigRam, Segue o LOG gerado pelo AdwCleaner... *********************** INÍCIO DO LOG *************************** # AdwCleaner v4.101 - Relatório criado 16/11/2014 às 12:52:58 # Atualizado 09/11/2014 por Xplode # Database : 2014-11-16.1 [Live] # Sistema Operacional : Windows 8.1 Pro (64 bits) # Usuário : Avell B155 - B155 # Executando de : C:\Users\Avell B155\Desktop\adwcleaner_4.101.exe # Opção : Limpar ***** [ Serviços ] ***** ***** [ Arquivos / Pastas ] ***** Pasta Deletada : C:\ProgramData\apn Pasta Deletada : C:\Program Files (x86)\AskPartnerNetwork ***** [ Tarefas ] ***** ***** [ Atalhos ] ***** ***** [ Registro ] ***** ***** [ Navegadores ] ***** -\\ Internet Explorer v11.0.9600.16518 -\\ Mozilla Firefox v33.1.1 (x86 pt-BR) -\\ Google Chrome v38.0.2125.122 [C:\Users\Avell B155\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [search Provider] : hxxp://br.ask.com/web?q={searchTerms} [C:\Users\Avell B155\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deletedo [search Provider] : hxxp://www.softonic.com.br/s/{searchTerms} ************************* AdwCleaner[R0].txt - [1193 octets] - [16/11/2014 12:52:00] AdwCleaner[s0].txt - [1103 octets] - [16/11/2014 12:52:58] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1163 octets] ########## *********************************** FIM DO LOG ************************ VLwz!
  14. Olá! Gostaria que o LOG gerado pelo Hijackthis fosse analisado. Ultimamente tenho tido alguns problemas com a máquina, como lentidão exagerada e alguns programas que travam inesperadamente. Porém, hoje me deparei que nem um serviço do Google abre em meu computador... O que é estranho. O.o Enfim, segue o log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 00:30:27, on 16/11/2014 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.16518) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySQLNotifier.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Avell B155\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Hotkey\Hotkey.exe C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.avell.com.br/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [sound Blaster Cinema] "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r O4 - HKLM\..\Run: [updReg] C:\Windows\UpdReg.EXE O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [MySQL Notifier] C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.5\MySQLNotifier.exe O4 - HKCU\..\Run: [icq] C:\Users\Avell B155\AppData\Roaming\ICQM\icq.exe -c* O4 - HKCU\..\Run: [Google Update] "C:\Users\Avell B155\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Avell B155\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000 O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: www.bb.com.br O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AtherosSvc - Unknown owner - C:\Windows\system32\AdminService.exe (file missing) O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FortiClient SSLVPN (FortiSslvpnDaemon) - Fortinet Inc. - C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MySQL56 - Unknown owner - C:\Program.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files (x86)\Even Balance, Inc\PunkBuster\PB\PnkBstrA.exe O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @oem1.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing) O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13342 bytes Outro ponto que queria ressaltar, é que, ao executar o Hijackthis, foi retornado o seguinte erro/alerta na tela: \ Obrigado pela atenção. .
×

Important Information

Ao usar o fórum, você concorda com nossos Terms of Use.