Ir para conteúdo

karoline ferreira

Members
  • Total de itens

    97
  • Registro em

  • Última visita

Reputação

0 Comum

2 Seguidores

Sobre karoline ferreira

  • Classificação
    karoline ferreira
  • Data de Nascimento 11/15/1982

Informações Pessoais

  • Sexo
    Feminino
  • Localização
    Maranhão/São Luis

Últimos Visitantes

2283828 visualizações
  1. karoline  ferreira

    Notebook Travando, vírus?

    Boa tarde, alguém me ajude por favor! meu notebook anda travando do nada. Só começar usar ele que começa demorar carregar as coisas e travar.
  2. karoline  ferreira

    VIRUS E PROGRAMAS INDESEJADOS

    BOM DIA! MEU NOTEBOOK ANDA TRAVANDO DO NADA QUERIA QUE VOCES ME AJUDA-SE E TAMBEM ACHO QUE ELE TEM PROGRAMAS INDESEJADOS, QUE NEM SEI PARA QUE SERVE. ATT: KAROLINE
  3. karoline  ferreira

    [Resolvido] Notebook Travando!

    Boa noite! Obrigada pela ajuda, notebook está bem melhor e estou já usando o argenteutilities está sendo bem útil. Abraços
  4. karoline  ferreira

    [Resolvido] Notebook Travando!

    Boa tarde! segue os relatórios; Fixlog e ZHPCleaner RELATÓRIO FIXLOG Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 19-11-2017 Executado por ad (20-11-2017 11:28:41) Run:1 Executando a partir de C:\Users\ad\Desktop Perfis Carregados: ad (Perfis Disponíveis: ad) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** start emptytemp: reboot: end ***************** =========== EmptyTemp: ========== BITS transfer queue => 7888896 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 33029312 B Java, Flash, Steam htmlcache => 515 B Windows/system/drivers => 15016 B Edge => 0 B Chrome => 31573472 B Firefox => 19814699 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 90125408 B ad => 5709279 B RecycleBin => 0 B EmptyTemp: => 179.4 MB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado. ==== Fim de Fixlog 11:29:00 ==== RELATÓRIO ZHPCleaner ! ~ ZHPCleaner v2017.11.19.201 by Nicolas Coolman (2017/11/19) ~ Run by ad (Administrator) (20/11/2017 12:16:55) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Reparo ~ Report : C:\Users\ad\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\ad\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Pro, 64-bit (Build 15063) ---\\ Serviços (0) ~ Nenhum ítem malicioso o desnecessários foi encontrado. ---\\ Navegadores de Internet (0) ~ Nenhum ítem malicioso o desnecessários foi encontrado. ---\\ Arquivo hosts (1) ~ O arquivo hosts é legítimo (21) ---\\ Tarefas automáticas agendadas. (0) ~ Nenhum ítem malicioso o desnecessários foi encontrado. ---\\ Explorer ( Arquivos, Pastas) (3) MOVIDO pasta: C:\Windows\Prefetch\KMS-R@1NHOOK.EXE-95CFB3BC.pf =>HackTool.AutoKMS MOVIDO pasta: C:\Windows\KMS-R@1n.exe =>HackTool.WinActivator MOVIDO arquivo*: C:\Users\ad\AppData\Local\Google\Update =>Heuristic.Suspect ---\\ Registro ( Chaves, Valores, Dados ) (2) SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\SpeedUpMyPC [] =>.SUP.SpeedUpMyPC SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask ---\\ Resumo dos elementos encontrados na sua estação de trabalho (5) https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect https://www.anti-malware.top/2016/08/15/speedupmypc/ =>.SUP.SpeedUpMyPC https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask ---\\ Dodatkowe oczyszczenie. (16) ~ Chave de registro Tracing Supprimido (16) ~ Remover os relatórios antigos ZHPCleaner. (0) ---\\ Resultado de reparação Reparação efectuada com sucesso ~ Este navegador está faltando ! (Opera Software) ---\\ Estatísticas ~ Items scan : 974 ~ Items encontrado : 0 ~ items cancelados : 0 ~ Items réparo : 5 ~ End of clean in 00h01mn10s ~==================== ZHPCleaner-[R]-20112017-12_18_05.txt ZHPCleaner--20112017-12_13_51.txt
  5. karoline  ferreira

    [Resolvido] Notebook Travando!

    Boa noite! Segue os relatórios (FRST.txt + Addition.txt) http://www.cjoint.com/c/GKtv1t1bYMj http://www.cjoint.com/c/GKtv25w1CSj
  6. Boa Noite! Meu notebook está mundo lento para carregar na hora que eu ligo e depois que fico usando, fica travando sem parar. Por favor, me ajudem! Abraço.
  7. karoline  ferreira

    [Arquivado] Vírus bloqueando internet!

    Bom dia !! Segue o relatório (Fixlog.txt) Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão:18-04-2016 Executado por User (2016-04-25 08:12:57) Run:1 Executando a partir de C:\Users\User\Desktop Perfis Carregados: User (Perfis Disponíveis: User) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** start CloseProcesses: HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 2015-06-28 17:11 - 2015-06-28 17:11 - 6420480 _____ () C:\Program Files (x86)\GUT7E94.tmp 2014-12-24 14:43 - 2014-12-24 14:43 - 0000227 _____ () C:\ProgramData\bc.ini AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10] AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32] AlternateDataStreams: C:\Windows\System32:BADDCBCC_Bb.gbp [2] AlternateDataStreams: C:\Windows\System32:BADDCBCC_Cef.gbp [2] AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1762] AlternateDataStreams: C:\Windows\system32\Drivers\gbpddreg64.sys:X5ZN8aGvT4 [686] AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1434] CMD: netsh winsock reset catalog CMD: netsh advfirewall set allprofiles state on CMD: netsh interface ip delete arpcache CMD: netsh advfirewall reset CMD: bitsadmin /reset /allusers CMD: netsh int ip reset all CMD: nbtstat -RR CMD: nbtstat -R CMD: ipconfig /release CMD: ipconfig /renew CMD: ipconfig /flushdns CMD: netsh int ipv4 reset CMD: netsh int ipv6 reset CreateRestorePoint: RemoveProxy: EmptyTemp: Reboot: Hosts: end ***************** Processos fechados com sucesso. "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => chave removido (a) com sucesso. HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso. HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso. HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso. C:\Program Files (x86)\GUT7E94.tmp => movido com sucesso C:\ProgramData\bc.ini => movido com sucesso C:\Program Files (x86)\GbPlugin => ":IncompleteStartProcessProtection.cnt" ADS removido (a) com sucesso.. C:\Program Files (x86)\GbPlugin => ":u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==" ADS removido (a) com sucesso.. C:\Windows\System32 => ":BADDCBCC_Bb.gbp" ADS removido (a) com sucesso.. C:\Windows\System32 => ":BADDCBCC_Cef.gbp" ADS removido (a) com sucesso.. C:\Windows\system32\Drivers\gbpddfac64.sys => ":X5ZN8aGvT4" ADS removido (a) com sucesso.. C:\Windows\system32\Drivers\gbpddreg64.sys => ":X5ZN8aGvT4" ADS removido (a) com sucesso.. C:\Windows\system32\Drivers\wsddfac.sys => ":X5ZN8aGXs4" ADS removido (a) com sucesso.. ========= netsh winsock reset catalog ========= Cat�logo Winsock redefinido com �xito. Reinicie o computador para concluir a redefini��o. ========= Fim de CMD: ========= ========= netsh advfirewall set allprofiles state on ========= Ok. ========= Fim de CMD: ========= ========= netsh interface ip delete arpcache ========= Ok. ========= Fim de CMD: ========= ========= netsh advfirewall reset ========= Ok. ========= Fim de CMD: ========= ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7600 ] BITS administration utility. © Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. 0 out of 0 jobs canceled. ========= Fim de CMD: ========= ========= netsh int ip reset all ========= Redefinindo Global, OK! Redefinindo Interface, OK! Reinicie o computador para concluir esta a��o. ========= Fim de CMD: ========= ========= nbtstat -RR ========= Os nomes NetBIOS registrados por este computador foram atualizados. ========= Fim de CMD: ========= ========= nbtstat -R ========= Limpeza e pr�-carregamento da Tabela de nomes de caches remotas NBT com �xito. ========= Fim de CMD: ========= ========= ipconfig /release ========= Configura��o de IP do Windows Nenhuma opera��o pode ser executada em Conex�o de Rede Bluetooth enquanto a m�dia estiver desconectada. Adaptador Ethernet Conex�o de Rede Bluetooth: Estado da m�dia. . . . . . . . . . . . . . : m�dia desconectada Sufixo DNS espec�fico de conex�o. . . . . . : Adaptador de Rede sem Fio Conex�o de Rede sem Fio: Sufixo DNS espec�fico de conex�o. . . . . . : Endere�o IPv6 de link local . . . . . . . . : fe80::e03a:36ff:2706:e488%12 Gateway Padr�o. . . . . . . . . . . . . . . : Adaptador de t�nel isatap.{5AF99FEA-1043-41E3-B075-1A7B99E2F419}: Estado da m�dia. . . . . . . . . . . . . . : m�dia desconectada Sufixo DNS espec�fico de conex�o. . . . . . : Adaptador de t�nel isatap.{AA190DD8-92DF-4425-9511-9D3DC0529B09}: Estado da m�dia. . . . . . . . . . . . . . : m�dia desconectada Sufixo DNS espec�fico de conex�o. . . . . . : ========= Fim de CMD: ========= ========= ipconfig /renew ========= Configura��o de IP do Windows Nenhuma opera��o pode ser executada em Conex�o de Rede Bluetooth enquanto a m�dia estiver desconectada. Adaptador Ethernet Conex�o de Rede Bluetooth: Estado da m�dia. . . . . . . . . . . . . . : m�dia desconectada Sufixo DNS espec�fico de conex�o. . . . . . : Adaptador de Rede sem Fio Conex�o de Rede sem Fio: Sufixo DNS espec�fico de conex�o. . . . . . : Endere�o IPv6 de link local . . . . . . . . : fe80::e03a:36ff:2706:e488%12 Endere�o IPv4. . . . . . . . . . . . . . . : 192.168.100.3 M�scara de Sub-rede . . . . . . . . . . . . : 255.255.255.0 Gateway Padr�o. . . . . . . . . . . . . . . : 192.168.100.1 Adaptador de t�nel isatap.{5AF99FEA-1043-41E3-B075-1A7B99E2F419}: Estado da m�dia. . . . . . . . . . . . . . : m�dia desconectada Sufixo DNS espec�fico de conex�o. . . . . . : Adaptador de t�nel isatap.{AA190DD8-92DF-4425-9511-9D3DC0529B09}: Estado da m�dia. . . . . . . . . . . . . . : m�dia desconectada Sufixo DNS espec�fico de conex�o. . . . . . : ========= Fim de CMD: ========= ========= ipconfig /flushdns ========= Configura��o de IP do Windows Libera��o do Cache do DNS Resolver bem-sucedida. ========= Fim de CMD: ========= ========= netsh int ipv4 reset ========= Redefinindo Interface, OK! Reinicie o computador para concluir esta a��o. ========= Fim de CMD: ========= ========= netsh int ipv6 reset ========= N�o h� configura��es de usu�rio especificadas a serem redefinidas. ========= Fim de CMD: ========= Ponto de Restauração criado com sucesso. ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso. HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso. HKU\S-1-5-21-3801029790-2799878285-4124920567-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso. HKU\S-1-5-21-3801029790-2799878285-4124920567-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso. ========= Fim de RemoveProxy: ========= C:\Windows\System32\Drivers\etc\hosts => movido com sucesso Hosts restaurado com sucesso. EmptyTemp: => 215.9 MB de dados temporários Removidos. O sistema precisou ser reiniciado. ==== Fim de Fixlog 08:14:41 ==== Abraços ! :)
  8. karoline  ferreira

    [Arquivado] Vírus bloqueando internet!

    Boa noite !! Segue abaixo os links dos relatórios! (FRST.txt + Addition.txt) http://www.cjoint.com/c/FDvwkrWtJ2u http://www.cjoint.com/c/FDvwgM0CRIu Abraços :D
  9. Bom dia!!! Olá estou com problemas com meu notebook, inicio ele normal e começo acessar internet e do nada a internet não funciona mais, para eu consegui acessar de novo a internet, tenho que desligar o notebook e ligar novamente ai funciona de novo alguns minutos ou horas e depois para de novo :/ !! Por favor me ajude mais uma vez, obrigada! fiz esse log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 08:35:13, on 20/04/2016 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16575) Boot mode: Normal Running processes: C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\PROGRA~2\GbPlugin\GbpSv.exe C:\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehcef.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: imagem.caixa.gov.br O15 - Trusted Zone: internetbanking.caixa.gov.br O15 - Trusted Zone: internetbankingpf.caixa.gov.br O15 - Trusted Zone: www.caixa.gov.br O15 - Trusted Zone: http://www.caixa.gov.br O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8585 bytes
  10. Boa noite! Por favor alguém me ajude de novo com urgência, meu notebook está travando tudo, qualquer coisa que vou abri ele trava, tenho que desligar ele no manual :/...Tentei passar o HiJackthis não consegui, o programa trava tudo :/.
  11. karoline  ferreira

    [Resolvido] Virus Computador Lento!

    Boa Noite CaeduRodrigues! Esta bem melhor sim, muito obrigada pela ajuda! Segue abaixo o relatório: # DelFix v10.9 - Relatório criado 14/04/2015 às 19:51:43 # Atualizado 27/02/2015 por Xplode # Usuário : User - USER-PC # Sistema Operacional : Windows 7 Ultimate (64 bits) ~ Removendo ferramentas de desinfecção ... Removido : C:\FRST Removido : C:\zoek_backup Removido : C:\AdwCleaner Removido : C:\Program Files (x86)\ZHPDiag Removido : C:\Program Files (x86)\Trend Micro\Hijackthis Removido : C:\PhysicalDisk0_MBR.bin Removido : C:\zoek-results.log Removido : C:\Users\User\Desktop\Addition.txt Removido : C:\Users\User\Desktop\adwcleaner_4.200 - Atalho.lnk Removido : C:\Users\User\Desktop\esetsmartinstaller_enu.exe Removido : C:\Users\User\Desktop\Fixlog.txt Removido : C:\Users\User\Desktop\FRST.txt Removido : C:\Users\User\Desktop\FRST64.exe Removido : C:\Users\User\Desktop\JRT - Atalho.lnk Removido : C:\Users\User\Desktop\JRT.txt Removido : C:\Users\User\Desktop\HiJackThis.lnk Removido : C:\Users\User\Desktop\hijackthis.log Removido : C:\Users\User\Desktop\SecurityCheck.exe Removido : C:\Users\User\Desktop\ZHPCleaner.exe Removido : C:\Users\User\Desktop\ZHPCleaner.lnk Removido : C:\Users\User\Desktop\ZHPCleaner.txt Removido : C:\Users\User\Desktop\ZHPDiag.txt Removido : C:\Users\User\Desktop\ZHPFixReport.txt Removido : C:\Users\User\Desktop\zoek.exe Removido : C:\Users\User\Downloads\adwcleaner_4.200.exe Removido : C:\Users\User\Downloads\JRT.exe Removido : C:\Users\User\Downloads\HijackThis.msi Removido : HKLM\SOFTWARE\AdwCleaner Removido : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 ~ Criando backup do registro ... OK ~ Limpando pontos da restauração do sistema ... Novo ponto de restauração criado ! ~ Redefinindo configurações do sistema ... OK ########## - EOF - ########## Abraços :joia:
  12. karoline  ferreira

    [Resolvido] Virus Computador Lento!

    Boa Noite CaeduRodrigues! Segue abaixo o log ESET: C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir a variant of Win32/ELEX.BH potentially unwanted application deleted - quarantined C:\FRST\Quarantine\C\zoek_backup\C_Users_User_AppData_Roaming_HUQXD.exe.vir a variant of Win32/Toolbar.CrossRider.AX potentially unwanted application deleted - quarantined C:\FRST\Quarantine\C\zoek_backup\C_Users_User_AppData_Roaming_QNPUPZN.exe.vir a variant of Win32/Toolbar.CrossRider.AX potentially unwanted application deleted - quarantined C:\Users\User\AppData\Roaming\ZHP\Quarantine\autokms.exe.VIR a variant of MSIL/HackKMS.A potentially unsafe application deleted - quarantined C:\Users\User\Desktop\PACOTE\driver_booster_setup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantined C:\Users\User\Desktop\PACOTE\FoxitReader502.0718_enu_Setup.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined C:\Users\User\Desktop\PACOTE\Nero\Nero-8.1.1.4_ptb_trial.exe Win32/Toolbar.AskSBar potentially unwanted application deleted - quarantined C:\Users\User\Desktop\PACOTE\Office 2010\Ativador Office 2010\Ativador.exe a variant of MSIL/HackKMS.A potentially unsafe application deleted - quarantined C:\Windows\AutoKMS.exe a variant of MSIL/HackKMS.A potentially unsafe application deleted - quarantined C:\zoek_backup\C_Users_User_AppData_Roaming_HVWVGL.vir JS/Toolbar.Crossrider.C potentially unwanted application deleted - quarantined C:\zoek_backup\C_Users_User_AppData_Roaming_TP.vir JS/Toolbar.Crossrider.C potentially unwanted application deleted - quarantined C:\zoek_backup\C_Users_User_AppData_Roaming_YQKQQN.vir JS/Toolbar.Crossrider.C potentially unwanted application deleted - quarantined C:\zoek_backup\C_PROGRA~3_{1dc232a5-b87f-c238-1dc2-232a5b87ca96}\therebels.neckel72.rar.exe a variant of Win32/Adware.MultiPlug.GD application cleaned by deleting - quarantined C:\zoek_backup\C_PROGRA~3_{9fccf94e-f34e-fb5d-9fcc-cf94ef34e53b}\8A0.exe a variant of Win32/Adware.MultiPlug.GD application cleaned by deleting - quarantined Abraços :joia:
  13. karoline  ferreira

    [Resolvido] Virus Computador Lento!

    Boa Noite CaeduRodrigues!! Hoje aconteceu uma coisa que nunca tinha acontecido no PC, ele travou totalmente e ficou uma tela branca transparente como tivesse carregando, mas naõ destravou de jeito nenhum, desliguei o pc de maneira errada. Segue embaixo o Log Checkup: Results of screen317's Security Check version 0.99.99 Windows 7 x64 (UAC is enabled) Out of date service pack!! Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 16.0.0.305 Flash Player out of Date! Mozilla Firefox (37.0.1) Google Chrome (41.0.2272.118) ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: = ````````````````````End of Log`````````````````````` Abraços :flores:
  14. karoline  ferreira

    [Resolvido] Virus Computador Lento!

    Boa Noite CaeduRodrigues! Depois que instalei de novo o chrome não fui mais direcionada para outras paginas maliciosas, o mozila está funiconando bem sem travar, os navegadores estão funcionando bem melhor. Segue abaixo o Fixlog : Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015 Ran by User at 2015-04-05 20:41:06 Run:2 Running from C:\Users\User\Desktop Loaded Profiles: User (Available profiles: User) Boot Mode: Normal ============================================== Content of fixlist: ***************** start CreateRestorePoint: CloseProcesses: HKLM-x32\...\Run: [gmsd_br_90] => [X] HKU\S-1-5-21-3801029790-2799878285-4124920567-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...q={searchTerms} FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2015-03-21] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-03-21] S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X] S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\5.0.0.0\PCFApiUtil64.sys [X] C:\Users\User\AppData\Local\Temp\InstallIMVU_518.0.exe C:\Users\User\AppData\Local\Temp\SkypeSetup.exe Task: {074A3D2C-68C1-40DF-ADD6-180FF33519FA} - \YQKQQN No Task File <==== ATTENTION Task: {A435A8F4-4F42-4AB0-9AB4-BE750EDCC109} - \TP No Task File <==== ATTENTION Task: {B26FFDF1-6A79-420A-9745-DD452CC7C830} - \HVWVGL No Task File <==== ATTENTION Task: {B7EA9B4B-593F-4BC0-B0F2-C63CC2AC8D2C} - System32\Tasks\{619DEAE9-95EA-438B-BBB2-537B5B4EED3B} => pcalua.exe -a C:\Users\User\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=tugs <==== ATTENTION CMD: bitsadmin /reset /allusers CMD: ipconfig /flushdns EmptyTemp: end ***************** Restore point was successfully created. Processes closed successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_br_90 => value deleted successfully. HKU\S-1-5-21-3801029790-2799878285-4124920567-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKU\S-1-5-21-3801029790-2799878285-4124920567-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value deleted successfully. "HKU\S-1-5-21-3801029790-2799878285-4124920567-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\Web" => Key deleted successfully. HKCR\CLSID\Web => Key not found. "HKU\S-1-5-21-3801029790-2799878285-4124920567-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully. HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => Key not found. C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml => Moved successfully. C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml => Moved successfully. BprotectEx => Service deleted successfully. PCFApiUtil => Service deleted successfully. C:\Users\User\AppData\Local\Temp\InstallIMVU_518.0.exe => Moved successfully. C:\Users\User\AppData\Local\Temp\SkypeSetup.exe => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{074A3D2C-68C1-40DF-ADD6-180FF33519FA}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{074A3D2C-68C1-40DF-ADD6-180FF33519FA}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YQKQQN" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A435A8F4-4F42-4AB0-9AB4-BE750EDCC109}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A435A8F4-4F42-4AB0-9AB4-BE750EDCC109}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TP" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B26FFDF1-6A79-420A-9745-DD452CC7C830}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B26FFDF1-6A79-420A-9745-DD452CC7C830}" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HVWVGL" => Key Deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7EA9B4B-593F-4BC0-B0F2-C63CC2AC8D2C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7EA9B4B-593F-4BC0-B0F2-C63CC2AC8D2C}" => Key deleted successfully. C:\Windows\System32\Tasks\{619DEAE9-95EA-438B-BBB2-537B5B4EED3B} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{619DEAE9-95EA-438B-BBB2-537B5B4EED3B}" => Key deleted successfully. ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7600 ] BITS administration utility. © Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. Unable to cancel {A7C82243-8906-435D-9086-5ACFEC3CDF02}. 0 out of 1 jobs canceled. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Configura��o de IP do Windows Libera��o do Cache do DNS Resolver bem-sucedida. ========= End of CMD: ========= EmptyTemp: => Removed 20.2 MB temporary data. The system needed a reboot. ==== End of Fixlog 20:42:38 ==== Abraços :bye:
  15. karoline  ferreira

    [Resolvido] Virus Computador Lento!

    Boa tarde CaeduRodrigues! Segue o links a abaixo : FRST: http://www.cjoint.com/15av/EDftVjAphXc.htm Addition: http://www.cjoint.com/15av/EDftYYaRTBv.htm Abraços :thumbsup:
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.