Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

adrfaria

[Arquivado] Ficou lento de repente, não abre imagens, etc.

Por , em Tópicos Arquivados (Seguranca & Malwares)

Recommended Posts

adrfaria    0

adrfaria
Postado

Boa tarde.

 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:42:54, on 28/05/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17267)
Boot mode: Normal

Running processes:
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file)
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [RemoteControl11] C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: internetbanking.caixa.gov.br
O15 - Trusted Zone: www.caixa.gov.br
O16 - DPF: {F66B9251-67CA-4D78-90A3-28C2BFAE89BF} (NBioBSP Class) - http://getran.detran.df.gov.br/sna/loginout/login/NBioBSPCOM.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.23\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe
O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8273 bytes

 

Compartilhar este post

Link para o post
Compartilhar em outros sites

adrfaria    0

adrfaria
Postado

Desculpa a demora:

 

 

Rapport de ZHPFix 2014.4.7.2 par Nicolas Coolman, Update du 07/04/2014
Fichier d'export Registre :
Run by Adriano at 03/06/2015 16:54:55
High Elevated Privileges : OK
Windows 8 Enterprise Edition, 64-bit (Build 9200)

Reciclagem vazia (00mn 11s)
Prefetcher vazio

========== Chaves do Registo ==========
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz10_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz10_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeSilent_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeSilent_RASMANCS

========== Valores do Registo ==========
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (Domain) : {808F1451-4108-46FD-ADBB-F17324B5F0BD}
ELIMINÉ: FirewallRaz (Domain) : {E7985E1D-C36F-4787-80A8-6350D07E9266}
ELIMINÉ: FirewallRaz (Domain) : NetPres-In-TCP-NoScope
ELIMINÉ: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
ELIMINÉ: FirewallRaz (None) : NetPres-WSD-In-UDP
ELIMINÉ: FirewallRaz (None) : NetPres-WSD-Out-UDP
ELIMINÉ: FirewallRaz (Public) : NetPres-In-TCP
ELIMINÉ: FirewallRaz (Public) : NetPres-Out-TCP
ELIMINÉ: FirewallRaz (None) : MCX-Prov-Out-TCP
ELIMINÉ: FirewallRaz (None) : MCX-McrMgr-Out-TCP
ELIMINÉ: FirewallRaz (Private) : TCP Query User{135723E3-3A98-4BE2-9F94-EB2BD5D3B70B}C:\windows\kmsemulator.exe
ELIMINÉ: FirewallRaz (Private) : UDP Query User{E57F03E0-0609-49E3-ACC1-E00998C65F73}C:\windows\kmsemulator.exe
ELIMINÉ: FirewallRaz (Private) : TCP Query User{744C9781-C9C2-472A-9D51-94759F95B5BF}C:\users\adriano\appdata\local\temp\kmsnano\qemu-system-i386.exe
ELIMINÉ: FirewallRaz (Private) : UDP Query User{B54BB662-006D-464A-BE05-2B40F8110781}C:\users\adriano\appdata\local\temp\kmsnano\qemu-system-i386.exe
ELIMINÉ: FirewallRaz (Private) : TCP Query User{D216CA9C-DFA3-4548-94AC-C1469B45ED10}C:\program files (x86)\java\jre7\bin\javaw.exe
ELIMINÉ: FirewallRaz (Private) : UDP Query User{37981122-BF18-4037-90BC-41F1E73DE91D}C:\program files (x86)\java\jre7\bin\javaw.exe
ELIMINÉ: FirewallRaz (Private) : TCP Query User{831E3E99-F0AA-4FAA-8E6E-800E0B88F361}C:\program files (x86)\java\jre7\bin\java.exe
ELIMINÉ: FirewallRaz (Private) : UDP Query User{348BE8D7-3CC3-4BFE-BB90-75225CDC70A3}C:\program files (x86)\java\jre7\bin\java.exe
ELIMINÉ: FirewallRaz (Private) : TCP Query User{D3B1A617-141E-423A-A63B-65EDA77B9EBA}C:\program files\realvnc\vnc server\vncserver.exe
ELIMINÉ: FirewallRaz (Private) : UDP Query User{E8754D01-D290-4923-BB51-28B4D551695E}C:\program files\realvnc\vnc server\vncserver.exe

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
ELIMINÉ Temporários windows (0)
ELIMINÉ Flash Cookies (0)

========== Ficheiros ==========
ELIMINÉ: c:\users\adriano\appdata\roaming\mozilla\firefox\profiles\otj7pmrk.default-1421580660330\extensions\{394dcba4-1f92-4f8e-8ec9-8d2cb90cb69b}\components\lightshot.dll
ELIMINÉ: c:\users\adriano\appdata\roaming\mozilla\firefox\profiles\otj7pmrk.default-1421580660330\extensions\{394dcba4-1f92-4f8e-8ec9-8d2cb90cb69b}\components\net.dll
ELIMINÉ: c:\users\adriano\appdata\roaming\mozilla\firefox\profiles\otj7pmrk.default-1421580660330\extensions\{394dcba4-1f92-4f8e-8ec9-8d2cb90cb69b}\components\uploader.dll
ELIMINÉ: C:\Windows\Installer\3643abf0.msi
ELIMINÉ Temporários windows (0) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
4 : Chaves do Registo
22 : Valores do Registo
3 : Pastas
6 : Ficheiros
1 : Restauração Sistema


End of clean in 00mn 57s

========== Caminho do ficheiro do relatório ==========
C:\Users\Adriano\AppData\Roaming\ZHP\ZHPFix[R1].txt - 03/06/2015 16:55:09 [3767]

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Arquivados (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito