Ir ao conteúdo
  • Comunicados

    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.

Gabriel Faccin

Membros Juniores
  • Total de itens

    6
  • Registro em

  • Última visita

  • Qualificações

    N/D
  1. Segue o lug do stinger McAfee® Labs Stinger™ Version 12.1.0.2635 built on Jan 12 2018 at 00:35:49 Copyright© 2015, McAfee, Inc. All Rights Reserved. AV Engine version v5900.7806 for Windows. Virus data file v1000.0 created on Jan 12, 2018 Ready to scan for 10290 viruses, trojans and variants. Custom scan initiated on domingo, janeiro 14, 2018 15:54:06 Rootkit scan result : Clean. C:\Users\pc\AppData\Local\Temp\is-1P1T6.tmp\89FB47BE [MD5:e01c529d5b80942cb51254dc1512a64e] is infected with Artemis!E01C529D5B80 C:\Users\pc\AppData\Local\Temp\is-1P1T6.tmp\89FB47BE has been Deleted C:\Users\pc\AppData\Local\Temp\is-6I066.tmp\4F3B76F4 [MD5:65bb0f8c2fe06fa53b93fec4d39bae5a] is infected with Artemis!65BB0F8C2FE0 C:\Users\pc\AppData\Local\Temp\is-6I066.tmp\4F3B76F4 has been Deleted C:\Users\pc\AppData\Local\Temp\is-6I066.tmp\9527A6C9 [MD5:f4f59cc1316867d4c5f2367dcd00a614] is infected with Artemis!F4F59CC13168 C:\Users\pc\AppData\Local\Temp\is-6I066.tmp\9527A6C9 has been Deleted C:\Users\pc\AppData\Local\Temp\is-72QRV.tmp\4D012A61 [MD5:fbe87c65b18103f213884ee4ef59ae8d] is infected with Artemis!FBE87C65B181 C:\Users\pc\AppData\Local\Temp\is-72QRV.tmp\4D012A61 has been Deleted C:\Users\pc\AppData\Local\Temp\is-EE6I2.tmp\AE8BDDF [MD5:fe5b63744ec04d185eca0dab5fc9ad00] is infected with Artemis!FE5B63744EC0 C:\Users\pc\AppData\Local\Temp\is-EE6I2.tmp\AE8BDDF has been Deleted C:\Users\pc\AppData\Local\Temp\is-HRI4L.tmp\476A518 [MD5:96749c4cf9ef84f498dfb302a243fd73] is infected with Artemis!96749C4CF9EF C:\Users\pc\AppData\Local\Temp\is-HRI4L.tmp\476A518 has been Deleted C:\Users\pc\AppData\Local\Temp\is-JPF93.tmp\5F2A16FA [MD5:c48c2c61153889bd44314ad15d743c04] is infected with Artemis!C48C2C611538 C:\Users\pc\AppData\Local\Temp\is-JPF93.tmp\5F2A16FA has been Deleted C:\Users\pc\AppData\Local\Temp\is-OA28V.tmp\86162C2A [MD5:2e0849690a26b8321d3a38b80ecfbe90] is infected with Artemis!2E0849690A26 C:\Users\pc\AppData\Local\Temp\is-OA28V.tmp\86162C2A has been Deleted C:\Users\pc\AppData\Local\Temp\is-P4PSG.tmp\83E8DC4B [MD5:e18f3ffbac7bf134a3e2dbf279a873f7] is infected with Artemis!E18F3FFBAC7B C:\Users\pc\AppData\Local\Temp\is-P4PSG.tmp\83E8DC4B has been Deleted C:\Users\pc\AppData\Local\Temp\is-PTA03.tmp\FC6DF197 [MD5:b4d9c0c842545b2a91cf2947d440d584] is infected with Artemis!B4D9C0C84254 C:\Users\pc\AppData\Local\Temp\is-PTA03.tmp\FC6DF197 has been Deleted C:\Users\pc\AppData\Local\Temp\is-RPTMM.tmp\AC693B04 [MD5:35bb0a9b40abacafe702f69b680e4bbd] is infected with Artemis!35BB0A9B40AB C:\Users\pc\AppData\Local\Temp\is-RPTMM.tmp\AC693B04 has been Deleted C:\Users\pc\AppData\Local\Temp\is-RPTMM.tmp\B93AE233 [MD5:65bb0f8c2fe06fa53b93fec4d39bae5a] is infected with Artemis!65BB0F8C2FE0 C:\Users\pc\AppData\Local\Temp\is-RPTMM.tmp\B93AE233 has been Deleted C:\Users\pc\AppData\Local\Temp\is-UEMQB.tmp\161C4247 [MD5:9040c63b99c1fd0fa1cf4fb9e42b1ca4] is infected with Artemis!9040C63B99C1 C:\Users\pc\AppData\Local\Temp\is-UEMQB.tmp\161C4247 has been Deleted C:\Users\pc\AppData\Local\Temp\is-UUJ9J.tmp\84FB6E6E [MD5:186f51b90e94b650bb7d5b0e8b6b0ad9] is infected with Artemis!186F51B90E94 C:\Users\pc\AppData\Local\Temp\is-UUJ9J.tmp\84FB6E6E has been Deleted C:\Users\pc\AppData\Roaming\unins000.exe [MD5:14bf59d9687f453d209f7780d14f3e17] is infected with Win32/Heur.c!sti C:\Users\pc\AppData\Roaming\unins000.exe has been Deleted C:\Users\pc\Downloads\video1239.zip\video.zip\video1239.exe is infected with Artemis!ABB414C6561B C:\Users\pc\Downloads\video1239.zip\video.zip\video1239.exe has been Deleted Summary Report on C: File(s) TotalFiles:............ 841785 Clean:................. 218783 Not Scanned:........... 622986 Possibly Infected:..... 16 Time: 02:14:41 Scan completed on domingo, janeiro 14, 2018 18:08:47
  2. Segue o log do rogue killer RogueKiller V12.11.31.0 (x64) [Jan 2 2018] (Free) por Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Site : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Sistema Operacional : Windows 7 (6.1.7600) 64 bits version Iniciou : Modo normal Usuário : pc [Administrador] Started from : C:\Users\pc\Desktop\RogueKiller_portable64.exe Modo : Deletar -- Data : 01/09/2018 16:22:11 (Duration : 01:32:31) ¤¤¤ Processos : 0 ¤¤¤ ¤¤¤ Registro : 20 ¤¤¤ [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 201.6.2.224 201.6.2.124 ([Brazil][Brazil]) -> Substituído () [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 201.6.2.224 201.6.2.124 ([Brazil][Brazil]) -> Substituído () [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{17D6D8FC-77F9-4E86-B5E7-FC45CC41AE89} | DhcpNameServer : 201.6.2.224 201.6.2.124 ([Brazil][Brazil]) -> Substituído () [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{17D6D8FC-77F9-4E86-B5E7-FC45CC41AE89} | DhcpNameServer : 201.6.2.224 201.6.2.124 ([Brazil][Brazil]) -> Substituído () [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A98883F2-15FE-48F0-A442-4D9C26FB22AF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\Updater.exe|Name=Updater.exe| [x] -> Não selecionado [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9E80D568-287C-4EF3-9601-46A0DA9D4BE5} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\Updater.exe|Name=Updater.exe| [x] -> Não selecionado [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F8391C39-62E6-4DF8-BC24-692DAFBA4B2C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe|Name=Popcorn Time| [x] -> Não selecionado [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B621A57E-E6C5-4CB7-B41F-7B3DDDAB3F1A} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe|Name=Popcorn Time| [x] -> Não selecionado [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8A282173-96BF-4A5B-AB21-585044532B62} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\chromecast\node.exe|Name=node.exe| [x] -> Não selecionado [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9DB1829B-0907-4A78-A688-33A4A84289CA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\chromecast\node.exe|Name=node.exe| [x] -> Não selecionado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{932218D2-3236-48BC-8E5C-970361AC0623}C:\users\pc\appdata\local\popcorn-time\popcorn-time.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\pc\appdata\local\popcorn-time\popcorn-time.exe|Name=popcorn-time.exe|Desc=popcorn-time.exe|Defer=User| [-] -> Não selecionado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{D9922E4F-65EC-41E2-803F-729DC3BB5403}C:\users\pc\appdata\local\popcorn-time\popcorn-time.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\pc\appdata\local\popcorn-time\popcorn-time.exe|Name=popcorn-time.exe|Desc=popcorn-time.exe|Defer=User| [-] -> Não selecionado [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A98883F2-15FE-48F0-A442-4D9C26FB22AF} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\Updater.exe|Name=Updater.exe| [x] -> Não selecionado [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9E80D568-287C-4EF3-9601-46A0DA9D4BE5} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\Updater.exe|Name=Updater.exe| [x] -> Não selecionado [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F8391C39-62E6-4DF8-BC24-692DAFBA4B2C} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe|Name=Popcorn Time| [x] -> Não selecionado [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B621A57E-E6C5-4CB7-B41F-7B3DDDAB3F1A} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe|Name=Popcorn Time| [x] -> Não selecionado [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {8A282173-96BF-4A5B-AB21-585044532B62} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\chromecast\node.exe|Name=node.exe| [x] -> Não selecionado [PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {9DB1829B-0907-4A78-A688-33A4A84289CA} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Popcorn Time\chromecast\node.exe|Name=node.exe| [x] -> Não selecionado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{932218D2-3236-48BC-8E5C-970361AC0623}C:\users\pc\appdata\local\popcorn-time\popcorn-time.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\pc\appdata\local\popcorn-time\popcorn-time.exe|Name=popcorn-time.exe|Desc=popcorn-time.exe|Defer=User| [-] -> Não selecionado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{D9922E4F-65EC-41E2-803F-729DC3BB5403}C:\users\pc\appdata\local\popcorn-time\popcorn-time.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\pc\appdata\local\popcorn-time\popcorn-time.exe|Name=popcorn-time.exe|Desc=popcorn-time.exe|Defer=User| [-] -> Não selecionado ¤¤¤ Tarefas : 0 ¤¤¤ ¤¤¤ Arquivos : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Arquivos de hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤ ¤¤¤ Navegadores : 1 ¤¤¤ [PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http://mail.ru/cnt/10445?gp=811138] -> Deletado ¤¤¤ Verificação da MBR : ¤¤¤ +++++ PhysicalDrive0: ST1000DM 003-1ER162 SCSI Disk Device +++++ --- User --- [MBR] d2a0088adc707ab6febdbd874e59f2dd [BSP] 1c075e613012956b866803dc196553b1 : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK
  3. @Elias Pereira Segui todos os passos que voce forneceu,somente nao consegui o log do MBAM pois ao reiniciar o computador ele deu tela azul e o log do scan nao se encontrava la mas apos todos os passos realizei um novo scan e nao existiam ameaças,mesmo apos fazer tudo isso o svchost continua rodando no meu computador consumindo cerca de 80 por cento da cpu,tem mais alguma coisa que eu possa fazer?A solução que eu encontrei e suspender ele usando o process explorer mas isso não e permanente e mesmo assim quando eu desligo o computador ele da tela azul. Agradeço desde ja pela ajuda log do adw # AdwCleaner 7.0.6.0 - Logfile created on Sat Jan 06 03:02:00 2018 # Updated on 2017/21/12 by Malwarebytes # Database: 01-05-2018.1 # Running on Windows 7 Professional (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** PUP.Optional.Legacy, Update service ***** [ Folders ] ***** PUP.Optional.Mail.Ru, C:\ProgramData\Mail.Ru PUP.Optional.Mail.Ru, C:\ProgramData\Application Data\Mail.Ru PUP.Optional.Mail.Ru, C:\Windows\System32\config\systemprofile\AppData\Local\Mail.Ru PUP.Optional.Mail.Ru, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Mail.Ru PUP.Optional.Mail.Ru, C:\Users\All Users\Mail.Ru PUP.Optional.Mail.Ru, C:\Users\pc\AppData\Local\Mail.Ru PUP.Optional.Mail.Ru, C:\Users\Todos os Usuários\Mail.Ru ***** [ Files ] ***** PUP.Optional.Legacy, C:\Users\pc\Favorites\Mail.Ru.url PUP.Optional.Legacy, C:\Users\pc\Favorites\Mail.Ru Агент - используй для общения!.url ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | Start Page [http:\\mail.ru\cnt\10445?gp=811141] PUP.Optional.Legacy, [Data] - HKCU\Software\Microsoft\Internet Explorer\Main | Start Page [http:\\mail.ru\cnt\10445?gp=811141] PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0} PUP.Optional.Conduit, [Key] - HKLM\SOFTWARE\Conduit PUP.Optional.Conduit, [Key] - HKU\S-1-5-21-2717661305-29944023-2890601375-1000\Software\Conduit PUP.Optional.Conduit, [Key] - HKCU\Software\Conduit PUP.Optional.Amigo, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {831E3EDB-90DF-425D-9D55-0AAF92228BA2} PUP.Optional.BitCoinMiner, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{59A09B2C-E8FD-4756-ADEA-1436E9F8A74E}_is1 PUP.Optional.FastDataX, [Key] - HKU\S-1-5-21-2717661305-29944023-2890601375-1000\Software\FastDataX PUP.Optional.FastDataX, [Key] - HKCU\Software\FastDataX PUP.Optional.Mail.Ru, [Key] - HKLM\SOFTWARE\Mail.Ru PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-2717661305-29944023-2890601375-1000\Software\Mail.Ru PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-2717661305-29944023-2890601375-1000\Software\AppDataLow\Software\Mail.Ru PUP.Optional.Mail.Ru, [Key] - HKCU\Software\Mail.Ru PUP.Optional.Mail.Ru, [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru PUP.Optional.Mail.Ru, [Key] - HKCU\Software\Google\Chrome\NativeMessagingHosts\ru.mail.go.ext_info_host PUP.Optional.Mail.Ru, [Key] - HKCU\Software\Mozilla\NativeMessagingHosts\ru.mail.go.ext_info_host ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries. ***** [ Chromium (and derivatives) ] ***** PUP.Optional.Legacy, SearchProvider found: MyStart Search - mystart.incredibar.com/mb139 /!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271 ************************* ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ########## log do jrt Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.4 (07.09.2017) Operating System: Windows 7 Professional x64 Ran by pc (Administrator) on 06/01/2018 at 1:08:46,38 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 14 Failed to delete: C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2STHOG39 (Temporary Internet Files Folder) Successfully deleted: C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AUBFLBJ6 (Temporary Internet Files Folder) Successfully deleted: C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EW6ASW29 (Temporary Internet Files Folder) Successfully deleted: C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GW7R0OWV (Temporary Internet Files Folder) Successfully deleted: C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WXPKBM9Z (Temporary Internet Files Folder) Successfully deleted: C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YJB1RTFO (Temporary Internet Files Folder) Successfully deleted: C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z43MS04Z (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2STHOG39 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AUBFLBJ6 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EW6ASW29 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GW7R0OWV (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WXPKBM9Z (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YJB1RTFO (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z43MS04Z (Temporary Internet Files Folder) Deleted the following from C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\2t6i8jwp.default\prefs.js user_pref(browser.search.defaultenginename, Поиск@Mail.Ru); user_pref(browser.search.selectedEngine, Поиск@Mail.Ru); user_pref(browser.startup.homepage, hxxp://mail.ru/cnt/10445?gp=811141); user_pref(extensions.homepage@mail.ru.rfr, 811141); user_pref(extensions.search@mail.ru.rfr, 811142); user_pref(extensions.webextensions.uuids, {\homepage@mail.ru\:\a9188104-f729-498f-b4a4-076d28510cdb\,\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}\:\ed2d1287-56e3-428b-b83 user_pref(extensions.xpiState, {\app-profile\:{\homepage@mail.ru\:{\d\:\C:\\\\Users\\\\pc\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\2t6i8jwp.default Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 06/01/2018 at 1:30:05,53 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  4. Boa noite.estou com um problema de svhost no meu computador,ja sei o que ele representa e tudo mais e ja tentei praticamente todas as soluçoes que eu encontrei por aqui,o meu problema começa quando eu ligo a maquina e um prompt abre e inicia algo chamado BITSADMIN ,dempois abre outro prompt com um chamado GoogleUpdate instaler mas nenhum desses puxa muita cpu da maquina,o ultimo processo acontece quando um abre um prompt sem nada e um programa com o nome de setup e é ai que svchost aparece no gerenciador de tarefas e consome cerca de 75% da cpu da maquina e toda vez que eu desligo o computador ele da tela azul e fica escrito 'recovering memory crash dump',alguem pode me ajudar?Nao sei mais o que fazer,segue o log do hijackthis Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 01:56:57, on 18/12/2017 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16669) CHROME: 63.0.3239.84 FIREFOX: 47.0.1 (x86 pt-BR) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe C:\PROGRA~2\GbPlugin\GbpSv.exe C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe C:\Program Files (x86)\Steam\Steam.exe C:\Users\pc\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe C:\Users\pc\AppData\Roaming\Spotify\Spotify.exe C:\Users\pc\AppData\Roaming\Spotify\Spotify.exe C:\Users\pc\AppData\Roaming\Spotify\Spotify.exe C:\Users\pc\AppData\Roaming\Spotify\Spotify.exe C:\Users\pc\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.ru/cnt/10445?gp=811141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [Google Update] C:\Users\pc\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe O4 - HKCU\..\Run: [Spotify] C:\Users\pc\AppData\Roaming\Spotify\Spotify.exe --autostart O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\pc\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: SteelSeries Engine 3.lnk = C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O15 - Trusted Zone: http://www.itaupersonnalite.com.br O17 - HKLM\System\CCS\Services\Tcpip\..\{17D6D8FC-77F9-4E86-B5E7-FC45CC41AE89}: NameServer = 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{17D6D8FC-77F9-4E86-B5E7-FC45CC41AE89}: NameServer = 8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\..\{17D6D8FC-77F9-4E86-B5E7-FC45CC41AE89}: NameServer = 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8 O20 - Winlogon Notify: GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Razer Chroma SDK Server - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Update service - Popcorn Time - C:\Program Files (x86)\Popcorn Time\Updater.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11566 bytes

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×