Nete Roas 0 Denunciar post Postado Julho 11, 2013 Olá, sou novata no site e não sei como proceder ou onde postar, espero que seja aqui. Estou com meu pc novo, super lento, travando e tudo mais. Percebi que no editor de registro tenho várias pastas de sites, de todos os gêneros, que nunca visitei e não sei se seria um dos motivos da lentidão. Já tentei passar o HijackThis, mas ele diz que não consegue acessar a pasta hosts, não sei por que, e não consigo alterar. Agradeço a quem puder auxiliar. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:25:25, on 11/07/2013 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\CalcTape\CalcTape.exe C:\OBBPLUS\aplicacao\infra\tomcat\bin\obbplusmgr.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\loja\modprint.exe C:\sigilo\modprint.exe C:\Program Files\7 Sticky Notes\7StickyNotes.exe C:\Windows\system32\ntvdm.exe C:\Windows\system32\conhost.exe C:\Windows\system32\ntvdm.exe C:\Windows\system32\conhost.exe C:\Windows\system32\ntvdm.exe C:\Windows\system32\conhost.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\Explorer.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Nete\Downloads\HijackThis.exe C:\Program Files\Google\Chrome\Application\chrome.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com.br/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.2\iobitappsToolbarIE.dll O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.2\iobitappsToolbarIE.dll O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files\Scpad\scpsssh2.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Program Files\GbPlugin\gbiehabn.dll O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files\GbPlugin\gbiehuni.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\7.2\iobitappsToolbarIE.dll O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe -s O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [CalcTape] "C:\Program Files\CalcTape\CalcTape.exe" O4 - Startup: modprint (2).lnk = C:\loja\modprint.exe O4 - Startup: modprint.lnk = C:\sigilo\modprint.exe O4 - Startup: StikyNot.lnk = C:\Windows\System32\StikyNot.exe O4 - Global Startup: Iniciar o Office Banking Bradesco Plus.lnk = C:\OBBPLUS\aplicacao\infra\tomcat\bin\obbplusmgr.exe O4 - Global Startup: Microsoft Office Outlook 2007.lnk = ? O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O15 - Trusted Zone: http://www.bancoreal.com.br O15 - Trusted Zone: http://www.bancosantander.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: www.santander.com.br O15 - Trusted Zone: http://www.santander.com.br O15 - Trusted Zone: www.santanderempresarial.com.br O15 - Trusted Zone: http://www.santanderempresarial.com.br O15 - Trusted Zone: www.santandernet.com.br O15 - Trusted Zone: wwws.santandernet.com.br O15 - Trusted Zone: wwws2.santandernet.com.br O15 - Trusted Zone: www.santandernetibe.com.br O16 - DPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} (ValidaUsuario Class) - https://cpne.bradesco.com.br/certifexp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{CF4FF731-4A11-4282-826C-B926B0AA2D26}: NameServer = 200.175.5.139,8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{CF4FF731-4A11-4282-826C-B926B0AA2D26}: NameServer = 200.175.5.139,8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{CF4FF731-4A11-4282-826C-B926B0AA2D26}: NameServer = 200.175.5.139,8.8.8.8 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: GbPluginAbn - C:\Program Files\GbPlugin\gbiehAbn.dll O20 - Winlogon Notify: GbPluginUni - C:\Program Files\GbPlugin\gbiehUni.dll O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files\Scpad\scpLIB.dll O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files\Scpad\scpLIB.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MSI_SuperCharger - MSI - C:\Program Files\MSI\Super-Charger\ChargeService.exe O23 - Service: Office Banking Bradesco Plus (OBBPLUS) - Banco Bradesco S.A. - C:\OBBPLUS\aplicacao\infra\tomcat\bin\obbplus.exe O23 - Service: scpVista - Banco Bradesco S.A. - C:\Program Files\Scpad\scpVista.exe O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- End of file - 9839 bytes Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Julho 11, 2013 Olá Nete Roas :seta: Baixe o http://download.bleepingcomputer.com/bats/hosts-perm.bat'>hosts-perm e salve-o no Desktop (Área de Trabalho)*Clique com o botão direito do mouse no hosts-perm e selecione [/b] Executar como administrador*Aguarde a mensagem The Permissions on the HOSTS file have been reset e tecle [ENTER] :seta: Baixe e execute este Fixit :seta: Baixe o Zoek (...de Smeenk) e salve-o no Desktop (Área de Trabalho)*Clique com o botão direito do mouse no Zoek e selecione Executar como administrador *Cole as linhas em marrom no espaçostartupall;autoclean;filesrcm; installedprogs;emptyalltemp; *Feche o seu navegador e clique [Run Script]*Durante o scan serão apresentadas as seguintes informações: Do not start any browser windows, they will be closed automatically.Please wait! This window will close when finished.A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log *Caso a reinicialização do PC seja solicitada, clique [OK] :seta: Acesse este link*Clique [selecionar arquivo...]*Localize o relatório C:\zoek-results.txt e clique [Abrir]*Selecione 4 jours*Clique [Créer le lien Cjoint]*Cole o link criado ao lado de Le lien a été créé: Compartilhar este post Link para o post Compartilhar em outros sites
wings 22 Denunciar post Postado Julho 22, 2013 Tópico Arquivado <br /> <br /> Como o autor não respondeu por mais de 10 dias, o tópico foi arquivado. <br /> <br /> Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Compartilhar este post Link para o post Compartilhar em outros sites
