Forums

  1. Linha Defensiva

    1. Novidades e Avisos

      Novidades do site e avisos da administração do fórum.

      481
      posts
    2. Informações do Fórum

      Regras, informações e FAQs sobre o fórum.

      15
      posts
    3. Boletim Linha Defensiva

      Arquivos do Boletim.

      34
      posts
    4. Comentários, críticas e sugestões

      Se você tem dúvidas, comentários, críticas, elogios ou sugestões sobre o site ou fórum, você pode postar aqui.

      4,048
      posts
  2. Serviços

    1. Remoção de Malware

      Ajuda para a remoção de vírus, worms, trojans e spyware.
      Leia os tópicos destacados dentro do fórum antes de postar!

      293,844
      posts
    2. Experiências Online

      Divida suas experiências online em lojas e outros prestadores de serviço na web. Observe atentamente as regras antes de postar.
      [Pré-moderado+]

      82
      posts
    3. BankerFix

      Dúvidas, tópicos e problemas com a ferramenta de remoção de Bankers BankerFix

      2,803
      posts
    4. ARIS-LD

      Use este fórum para fazer denúncias de links ou arquivos maliciosos ao ARIS, o time de Análise e Resposta a Incidentes de Segurança da Linha Defensiva.

      78
      posts
  3. Malware

    1. Informações e FAQs

      Tutoriais e informações sobre novos spywares, trojans e vírus.
      Somente leitura

      24
      posts
    2. Dúvidas sobre Malware

      Outras dúvidas sobre malware (vírus, trojans, worms, etc)
      Não coloque tópicos para remoção de malware aqui

      19,204
      posts
  4. Segurança

    1. Alertas de Segurança

      Novo vírus à solta? É aqui que você pode avisar sobre ele e ficar sabendo de outros acontecimentos da segurança na Internet.
      [Pré-moderado]

      4,098
      posts
    2. Segurança Geral

      Discuta sobre utilitários de segurança, métodos de proteção e outras dúvidas sobre segurança que não sejam sobre os assuntos dos fóruns acima.

      7,736
      posts
    3. Programas e soluções de backup

      Dicas e dúvidas sobre programas de backup, gerenciamento de mídias e catálogos, soluções de software e hardware para criação de cópias de segurança.

      689
      posts
    4. Redes

      Segurança em redes, redes sem fio, utilização de proxies seguros, proxies e configurações que podem ajudar uma rede, seus clientes e servidores a estarem livre de perigos.

      11,550
      posts
    5. Antivírus

      Problemas e dúvidas sobre antivírus

      14,331
      posts
    6. Anti-Spywares

      Dúvidas e tutorials para Anti-Spywares (Ad-Aware, Spybot, etc).

      5,213
      posts
    7. Firewalls e Filtros

      Dúvidas e tutoriais sobre software e hardware firewalls, proxies e filtros de conteúdo.

      4,331
      posts
    8. Privacidade

      Discussão sobre privacidade e softwares relacionados a privacidade.

      1,529
      posts
  5. Computação Geral

    1. 29,162
      posts
    2. 35,784
      posts
    3. Navegadores & Websites

      Discussão sobre navegadores e clientes FTP, incluindo problemas com websites e curiosidades na web.

      10,899
      posts
    4. Programas de e-mail e anti-spam

      Dúvidas sobre serviços e clientes de e-mail e lixo eletrônico. Questões sobre protocolos de e-mail (POP, IMAP, SMTP) e técnicas anti-spam podem ser colocadas aqui.

      2,303
      posts
    5. Software Geral & Internet

      Ajuda com outros softwares, como Office, utilitários, ferramentas e softwares de Internet como programas P2P, comunicadores instantâneos e outros. Dúvidas sobre navegadores devem ser colocadas no fórum Navegadores & Websites

      18,828
      posts
    6. Discussão e Dúvidas Gerais

      Fórum para dúvidas sobre computação que não estão incluídas nos outros fóruns.

      12,403
      posts
    7. Programação

      Discussão geral sobre programação (C/C++/C#, Delphi, Java, Ruby, Python, etc)

      1,172
      posts
  6. Geral & Entretenimento

    1. Jogos

      Discussão e dúvidas sobre jogos. Emuladores, consoles, lançamentos e dúvidas.

      2,392
      posts
    2. Deskmod

      Tire dúvidas sobre a personalização do seu desktop! Conheça ferramentas e troque idéias para ter uma área de trabalho mais eficiente e bonita.

      696
      posts
    3. Livros, HQs e Mangás

      Fórum para troca de opiniões, resenhas e discussões sobre livros, histórias em quadrinhos e mangás.

      227
      posts
    4. Filmes, séries, animes e músicas

      Fórum para discutir e comentar shows de TV, filmes, seriados, músicas e desenhos animados.

      912
      posts
    5. Casemod

      Discussão, dicas, tutoriais e dúvidas sobre casemod.

      89
      posts
    6. Celulares, câmeras e tablets

      Troque idéias, opiniões e experiências sobre telefones móveis, câmeras fotográficas e eletrônicos de consumo (tablets, TVs, DVD players, etc)

      1,111
      posts
  7. Outros

    1. Notícias da Linha Defensiva

      Notícias publicadas pela Linha Defensiva.

      91
      posts
    2. Notícias

      Notícias gerais sobre o mundo e sobre tecnologia da informação.
      [Pré-moderado] [sCP]

      2,945
      posts
    3. Enquetes

      Para postar suas enquetes.
      [Pré-moderado] [sCP]

      2,004
      posts
    4. Mesa Redonda

      Discussões sobre qualquer tema, da política à religião. Enquetes sobre assuntos que não se enquadram na área de tecnologia também podem ser postadas aqui.
      [Pré-moderado] [sCP]

      1,929
      posts
  • Who's Online   0 Members, 0 Anonymous, 25 Guests (See full list)

    There are no registered users currently online

  • Member Statistics

    122,731
    Total Members
    820
    Most Online
    lmoreira32
    Newest Member
    lmoreira32
    Joined
  • Recent Status Updates

    • Lukass  »  Elias Pereira

      Bom dia! Conforme pediu no seu primeiro contato, estou lhe avisando que estou a mais de cinco dias sem resposta sua. Obrigado!!
      · 0 replies
    • Rangel de Jesus

      Ainda estou com o mesmo problema. Já ajudaram a mim, mas nem no google encontrei solução. Se alguém ai possuir uma luz agradecerei muito. Entrei em contato com o suporte Google também, mas nada de resposta até agora, então, resolvi apelar mais uma vez. Um abraço.
      · 0 replies
    • Ana Paula Vieira

      Boa tarde,
      Estou desesperada, meu netbook está muitooo lento. Além disso, abre páginas da Internet 12334...
      Desliga sozinho, informando que houve um erro no sistema. E agora não estou conseguindo acessar a Internet porque dá erro de certificado da página, mesmo a hora e a data estando corretas. O antivírus acusa que uma ameaça foi detectada, mas mesmo escaneando não consigo resolver e nem atualizar para o Windows 10. Por favor, me ajudem!!!
      · 1 reply
    • Ciro-Mota

      “A noite chega, e agora começa a minha vigia. Não terminará até a minha morte. Não tomarei esposa, não possuirei terras, não gerarei filhos. Não usarei coroas e não conquistarei glórias. Viverei e morrerei no meu posto. Sou a espada na escuridão. Sou o vigilante nas muralhas. Sou o fogo que arde contra o frio, a luz que traz consigo a alvorada, a trombeta que acorda os que dormem, o escudo que defende os reinos dos homens. Dou a minha vida e a minha honra à Patrulha da Noite, por esta noite e...
      · 0 replies
    • Jayzon

      rencontre internet gratuit
      · 0 replies
    • deuler

      Pessoas de sucesso são pessoas comuns com uma determinação extraordinária
      · 0 replies
    • mpvpaiva  »  Sam Spade

      Sam Spade, não sei se minha mensagem foi para você. Meu tópico foi arquivado por eu não ter respondido no prazo, foi porque estou com muitos problemas no notebook e na rede e não conseguia postar os logs. Por favor, reabra meu tópico que já tenho os logs para postar: http://www.linhadefensiva.org/forum/topic/167178-não-consigo-mais-entrar-no-internet-banking-da-caixa-e-o-site-está-estranho/
      · 0 replies
    • Damguimarães

      "A pressa é inimiga da conexão"
      · 2 replies
  • Recent Topics

  • "Censo" de antivírus da Linha Defensiva   42 members have voted

    1. 1. Seu antivírus é pago ou gratuito?


      • Gratuito
      • Pago
    2. 2. Qual antivírus você usa?


      • AVG
      • Avast
      • Avira
      • Baidu
      • BitDefender
      • ESET
      • Kaspersky
      • MalwareBytes
      • McAfee
      • Panda
      • PSafe/Qihoo 360
      • Sophos
      • Symantec/Norton
      • Trend Micro
      • Windows Defender
      • Outro software não listado

    Please sign in or register to vote in this poll. View topic
  • Últimos posts

    • Senhores,  Necessito de uma ajudinha. Já li e tentei realizar algumas tarefas para solucionar meu consumo excessivo de memória , desativando a atualização automática do windows, web browser optimizer, etc..., mas nada.... Os seguintes itens estão consumindo bastante memória: chrome.exe svchost.exe dwn.exe core.exe Entre outros e só nisso já se vão mais de 2GB de consumo... Estou tentando fazer o upload dos arquivos solicitados no link abaixo mas está dando erro (houve um erro de processamento do arquivo enviado -200) . Vou copiar e colar abaixo. http://www.linhadefensiva.org/remocao-de-virus/ Desde de já agradeço pela ajuda e atenção. ZA-Scan ZA-Scan V1.0.0.5 Updated 19-September-2016
      Tool run by Usuario on 01/10/2016 at  1:23:01,86.
      Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
      Running in: Normal Mode Internet Access Detected
      Launched: C:\Users\Usuario\Desktop\ZA-Scan.exe [Z-Analyse Scan] ==== Running Processes ====================== C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
      C:\PROGRA~2\GbPlugin\GbpSv.exe
      C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
      C:\Windows\SysWOW64\svchost.exe
      C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
      C:\Program Files (x86)\systips\tipssvc.exe
      C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe
      C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
      C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
      C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
      C:\PROGRA~2\GbPlugin\GbpSv.exe
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
      C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
      C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
      C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
      C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
      C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      C:\Users\Usuario\Desktop\ZA-Scan.exe
      C:\Windows\SysWOW64\cmd.exe
      C:\Windows\SysWOW64\cmd.exe
      C:\Windows\SysWOW64\cmd.exe
      C:\Users\Usuario\AppData\Local\Temp\ZAScan.exe ==== Services(whitelist) ======================
      Powered by E Dev R2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files (x86)\avg\av\avgidsagenta.exe
      R2 - [avgsvc] - AVG Service - c:\program files (x86)\avg\framework\common\avgsvca.exe
      R2 - [avgwd] - AVG WatchDog - c:\program files (x86)\avg\av\avgwdsvca.exe
      R2 - [GbpSv] - Gbp Service - c:\progra~2\gbplugin\gbpsv.exe
      R2 - [HPDrvMntSvc.exe] - HP Quick Synchronization Service - c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe
      R2 - [HPSupportSolutionsFrameworkService] - HP Support Solutions Framework Service - c:\program files (x86)\hewlett-packard\hp support solutions\hpsupportsolutionsframeworkservice.exe
      R2 - [IAANTMON] - Intel(R) Matrix Storage Event Monitor - c:\program files (x86)\intel\intel matrix storage manager\iaantmon.exe
      R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
      R2 - [RtVOsdService] - RtVOsdService Installer - c:\program files\realtek\rtvosd\rtvosdservice.exe
      R2 - [TrustedInstaller] - Instalador de Módulos do Windows - c:\windows\servicing\trustedinstaller.exe
      R2 - [UNS] - Intel(R) Management & Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe
      R2 - [vToolbarUpdater40.3.6] - vToolbarUpdater40.3.6 - c:\program files (x86)\common files\avg secure search\vtoolbarupdater\40.3.6\toolbarupdater.exe
      R2 - [Warsaw Technology] - Warsaw Technology - c:\program files\diebold\warsaw\core.exe
      R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe
      R2 - [WtuSystemSupport] - WtuSystemSupport - c:\program files (x86)\avg web tuneup\wtusystemsupport.exe
      R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
      R3 - [hpqwmiex] - HP Software Framework Service - c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe
      R3 - [VSS] - Cópia de Sombra de Volume - c:\windows\system32\vssvc.exe
      R3 - [WMPNetworkSvc] - Serviço de Compartilhamento de Rede do Windows Media Player - c:\program files\windows media player\wmpnetwk.exe
      R4 - [AERTFilters] - Andrea RT Filters Service - c:\program files\realtek\audio\hda\aertsr64.exe
      S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
      S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe
      S2 - [sppsvc] - Proteção de Software - c:\windows\system32\sppsvc.exe
      S2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
      S3 - [ALG] - Serviço Gateway de Camada de Aplicativo - c:\windows\system32\alg.exe
      S3 - [AvgAMPS] - AvgAMPS - c:\program files (x86)\avg\av\avgamps.exe
      S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
      S3 - [ehRecvr] - Serviço Receptor do Windows Media Center - c:\windows\ehome\ehrecvr.exe
      S3 - [ehSched] - Serviço Agendador do Windows Media Center - c:\windows\ehome\ehsched.exe
      S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
      S3 - [hpqcaslwmiex] - HP CASL Framework Service - c:\program files (x86)\hp\shared\hpqwmiex.exe
      S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
      S3 - [Microsoft Office Groove Audit Service] - Microsoft Office Groove Audit Service - c:\program files (x86)\microsoft office\office12\grooveauditservice.exe
      S3 - [MSDTC] - Coordenador de transações distribuídas - c:\windows\system32\msdtc.exe
      S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
      S3 - [odserv] - Microsoft Office Diagnostics Service - c:\program files (x86)\common files\microsoft shared\office12\odserv.exe
      S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
      S3 - [PerfHost] - Host de DLL de Contador de Desempenho - c:\windows\syswow64\perfhost.exe
      S3 - [RpcLocator] - Alocador Remote Procedure Call (RPC) - c:\windows\system32\locator.exe
      S3 - [SNMPTRAP] - Interceptação SNMP - c:\windows\system32\snmptrap.exe
      S3 - [vds] - Disco Virtual - c:\windows\system32\vds.exe
      S3 - [WatAdminSvc] - Serviço de Tecnologias de Ativação do Windows - c:\windows\system32\wat\watadminsvc.exe
      S3 - [wbengine] - Serviço de Mecanismo de Backup em Nível de Bloco - c:\windows\system32\wbengine.exe
      S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
      S4 - [aspnet_state] - Serviço de estado do ASP.NET - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
      S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
      S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe
      S4 - [gupdate] - Serviço do Google Update (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
      S4 - [gupdatem] - Serviço do Google Update (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
      S4 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
      S4 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe ==== Drivers(whitelist) ======================
      Powered by E Dev R0 - [AVGIDSHA] - AVGIDSHA - C:\Windows\system32\Drivers\AVGIDSHA.sys
      R0 - [Avgloga] - AVG Logging Driver - C:\Windows\system32\Drivers\Avgloga.sys
      R0 - [Avgmfx64] - AVG Mini-Filter Resident Anti-Virus Shield - C:\Windows\system32\Drivers\Avgmfx64.sys
      R0 - [Avgrkx64] - AVG Anti-Rootkit Driver - C:\Windows\system32\Drivers\Avgrkx64.sys
      R0 - [avguniva] - AVG Universal Driver - C:\Windows\system32\Drivers\avguniva.sys
      R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys
      R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys
      R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys
      R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys
      R3 - [srv] - Driver SMB 1.xxx do Servidor - C:\Windows\system32\Drivers\srv.sys
      R3 - [srv2] - Driver SMB 2.xxx do Servidor - C:\Windows\system32\Drivers\srv2.sys
      R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys
      R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys
      R0 - [atapi] - Canal de IDE - C:\Windows\system32\Drivers\atapi.sys
      R0 - [CLFS] - Log Comum (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x]
      R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys
      R0 - [Compbatt] - Microsoft Composite Battery Driver - C:\Windows\system32\Drivers\Compbatt.sys
      R0 - [Disk] - Driver de disco - C:\Windows\system32\Drivers\Disk.sys
      R0 - [fvevol] - Driver de Filtro de Criptografia de Unidade de Disco BitLocker - C:\Windows\system32\Drivers\fvevol.sys
      R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys
      R0 - [iaStor] - Intel AHCI Controller - C:\Windows\system32\Drivers\iaStor.sys
      R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys
      R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys
      R0 - [mountmgr] - Gerenciador de Pontos de Montagem - C:\Windows\system32\Drivers\mountmgr.sys
      R0 - [msahci] - msahci - C:\Windows\system32\Drivers\msahci.sys
      R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys
      R0 - [NDIS] - Driver do Sistema NDIS - C:\Windows\system32\Drivers\NDIS.sys
      R0 - [partmgr] - Gerenciador de Partições - C:\Windows\system32\Drivers\partmgr.sys
      R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys
      R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys
      R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys
      R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys
      R0 - [storflt] - Driver de Filtro de Aceleração do Barramento da Máquina Virtual do Disco - C:\Windows\system32\Drivers\storflt.sys [x]
      R0 - [Tcpip] - Driver de Protocolo TCP/IP - C:\Windows\system32\Drivers\Tcpip.sys
      R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\Windows\system32\Drivers\vdrvroot.sys
      R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys
      R0 - [volmgrx] - Gerenciador de Volume Dinâmico - C:\Windows\system32\Drivers\volmgrx.sys
      R0 - [volsnap] - Volumes de armazenamento - C:\Windows\system32\Drivers\volsnap.sys
      R0 - [Wdf01000] - Serviço de Estruturas de Driver em Modo Kernel - C:\Windows\system32\Drivers\Wdf01000.sys
      R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys
      R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys
      R1 - [tdx] - Driver de Suporte a TDI Herdado de NetIO - C:\Windows\system32\Drivers\tdx.sys
      R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys
      S0 - [gbpddreg] - Gbpddreg svc - C:\Windows\system32\Drivers\gbpddreg.sys [x] ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
      "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
      "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2036730855-49574393-3906869275-1000\Software\Microsoft\Windows\CurrentVersion\Run]
      "HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
      "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
      "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
      "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe /lps=fmw"
      "AVG_UI"="C:\Program Files (x86)\AVG\Av\avuirunnerx.exe C:\Program Files (x86)\AVG\Av\avgui.exe"
      "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
      "vProt"="C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
      "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      "WirelessAssistant"="C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
      "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
      "HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "IgfxTray"="C:\Windows\system32\igfxtray.exe"
      "HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
      "Persistence"="C:\Windows\system32\igfxpers.exe"
      "Diebold - Warsaw"="C:\Program Files\Diebold\Warsaw\core.exe"
      "IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"
      "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
      "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="CCleaner Monitoring"
      "hkey"="HKCU"
      "command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="LightScribe Control Panel"
      "hkey"="HKCU"
      "command"="C:\\Program Files (x86)\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nikon Message Center 2]
      "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="Nikon Message Center 2"
      "hkey"="HKLM"
      "command"="C:\\Program Files (x86)\\Nikon\\Nikon Message Center 2\\NkMC2.exe -s"
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AERTFilters] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\YSearchUtilSvc]
      ==== Startup Folders ====================== 2016-05-21 22:41:20    2099    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\G2MUpdateTask-S-1-5-21-2036730855-49574393-3906869275-1000.job --a------ C:\Users\Usuario\AppData\Local\Citrix\GoToMeeting\5573\g2mupdate.exe [18/09/2016 20:23]
      C:\Windows\tasks\G2MUploadTask-S-1-5-21-2036730855-49574393-3906869275-1000.job --a------ C:\Users\Usuario\AppData\Local\Citrix\GoToMeeting\5573\g2mupload.exe [18/09/2016 20:23]
      C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/04/2016 22:21]
      C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/04/2016 22:21] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\AVG EUpdate Task" [avgsetupx.exe]
      "C:\Windows\SysNative\tasks\CatchVideoUpdater" [C:\Program Files (x86)\Catch Video\CatchYouTubeUpdate.exe]
      "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
      "C:\Windows\SysNative\tasks\G2MUpdateTask-S-1-5-21-2036730855-49574393-3906869275-1000" [C:\Users\Usuario\AppData\Local\Citrix\GoToMeeting\5573\g2mupdate.exe]
      "C:\Windows\SysNative\tasks\G2MUploadTask-S-1-5-21-2036730855-49574393-3906869275-1000" [C:\Users\Usuario\AppData\Local\Citrix\GoToMeeting\5573\g2mupload.exe]
      "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
      "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
      "C:\Windows\SysNative\tasks\klcp_update" ["C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe"]
      "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe]
      "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe]
      "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
      "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe]
      "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]
      "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]
      "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\p7qmh0kl.default-1464873677307
      user_pref("browser.startup.homepage", "www.google.com.br"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
      "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [11/04/2016 22:58]
      [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
      "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [11/04/2016 22:58] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\p7qmh0kl.default-1464873677307
      - AVG Web TuneUp - %ProfilePath%\extensions\avg@toolbar.xpi
      - Firefox Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi
      - Search and New Tab by Yahoo - %ProfilePath%\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi
      - Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox
      - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\p7qmh0kl.default-1464873677307
      1959AF26718C63AA015D7C4F5C1F538B    - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll -    Shockwave for Director / Shockwave for Director
      7FB1DC8C464CAFC230E7AD6392AE859B    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll -    Shockwave Flash
      E3B4EA121F7BDEB0F6366E2BA9608CB5    - C:\Users\Usuario\AppData\Local\Citrix\Plugins\104\npappdetector.dll -    Citrix Online Web Deployment Plugin 1.0.0.104
      ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\boibraga\AppData\Local\Google\Chrome Found
      Fake profile C:\Users\teste\AppData\Local\Google\Chrome Found ==== Chromium Look ====================== Google Chrome Version: 43.0.2357.130 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
      flliilndjeohchalpbbcdekjklbdgfkk - No path found[]
      kpdmjodecdegfglgaapafjleomjjlpnh - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
      chfdnecihphmhljaaejmgoiahnihplgn - No path found[] GBBD Banco Santander (Brasil) S.A. - Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnljhnpjegfbcohjhdnhjlnfnffmbnf
      TZWebChartWindow - Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmdhbmdklokcmpmcegmbfehjencmbeab
      Chrome Web Store Payments - Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
      GBBD Caixa Economica Federal - Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi
      Gmail - Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
      Chrome Media Router - Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
      Google Docs - Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
      Google Drive - Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
      YouTube - Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      AVG Web TuneUp - Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
      Google Docs Offline - Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
      GBBD Banco Santander (Brasil) S.A. - Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\idnljhnpjegfbcohjhdnhjlnfnffmbnf
      TZWebChartWindow - Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmdhbmdklokcmpmcegmbfehjencmbeab
      Chrome Web Store Payments - Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
      GBBD Caixa Economica Federal - Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi
      Gmail - Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
      Chrome Media Router - Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP"
      [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
      "Default_Search_URL"="http://www.google.com"
      "Search Page"="http://www.google.com"
      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
      "Default_Search_URL"="http://www.google.com"
      "Search Page"="http://www.google.com"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
      "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
      HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
      HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
      HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE08
      HKCU\SearchScopes\{885DBDDD-AE2F-4492-851F-2C8B5FE6A04A} - https://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
      HKCU\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} - https://mysearch.avg.com/search?cid={C9B7866F-D65D-4B3B-9980-A2DCE87B352E}&mid=6702113e333a47ccb2a61943ef223015-8fd9be40219a59e70050ea6f74c42141e693c177&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0616av&pr=fr&d=2016-06-09 ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = web/?type=dspp&q={searchTerms}
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = web/?type=dspp&q={searchTerms}
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
      F2 - REG:system.ini: UserInit=userinit.exe,
      O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
      O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
      O2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll
      O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
      O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehcef.dll
      O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
      O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
      O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
      O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
      O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll ==== EOF on 01/10/2016 at  1:31:43,14 ======================   FSS-Scan Farbar Service Scanner Version: 27-01-2016
      Ran by Usuario (administrator) on 01-10-2016 at 01:20:53
      Running from "C:\Users\Usuario\Desktop"
      Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
      Boot Mode: Normal
      **************************************************************** Internet Services:
      ============ Connection Status:
      ==============
      Localhost is accessible.
      LAN connected.
      Google IP is accessible.
      Google.com is accessible.
      Yahoo.com is accessible.
      Windows Firewall:
      ============= Firewall Disabled Policy: 
      ==================
      System Restore:
      ============ System Restore Policy: 
      ========================
      Action Center:
      ============
      Windows Update:
      ============
      wuauserv Service is not running. Checking service configuration:
      The start type of wuauserv service is set to Disabled. The default start type is Auto.
      The ImagePath of wuauserv service is OK.
      The ServiceDll of wuauserv service is OK.
      Windows Autoupdate Disabled Policy: 
      ============================
      Windows Defender:
      ==============
      WinDefend Service is not running. Checking service configuration:
      The start type of WinDefend service is OK.
      The ImagePath of WinDefend service is OK.
      The ServiceDll of WinDefend service is OK.
      Windows Defender Disabled Policy: 
      ==========================
      Other Services:
      ==============
      File Check:
      ========
      C:\Windows\System32\nsisvc.dll => MD5 is legit
      C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
      C:\Windows\System32\dhcpcore.dll => MD5 is legit
      C:\Windows\System32\drivers\afd.sys
      [2016-05-10 00:34] - [2015-10-13 13:41] - 0497664 ____A (Microsoft Corporation) 9A4A1EEE802BF2F878EE8EAB407B21B7 C:\Windows\System32\drivers\tdx.sys
      [2016-05-10 00:34] - [2015-10-13 13:40] - 0118272 ____A (Microsoft Corporation) AA77EB517D2F07A947294F260E3ACA83 C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
      C:\Windows\System32\dnsrslvr.dll => MD5 is legit
      C:\Windows\System32\dnsapi.dll
      [2014-03-16 02:12] - [2014-03-16 02:12] - 0357888 ____A (Microsoft Corporation) 492D07D79E7024CA310867B526D9636D C:\Windows\SysWOW64\dnsapi.dll
      [2014-03-16 02:12] - [2014-03-16 02:12] - 0270336 ____A (Microsoft Corporation) B40420876B9288E0A1C8CCA8A84E5DC9 C:\Windows\System32\mpssvc.dll => MD5 is legit
      C:\Windows\System32\bfe.dll => MD5 is legit
      C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
      C:\Windows\System32\SDRSVC.dll => MD5 is legit
      C:\Windows\System32\vssvc.exe => MD5 is legit
      C:\Windows\System32\wscsvc.dll => MD5 is legit
      C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
      C:\Windows\System32\wuaueng.dll
      [2016-05-10 00:34] - [2016-02-12 15:22] - 2610688 ____A (Microsoft Corporation) 86F11B85102AFA6A1A6101DCE2F09386 C:\Windows\System32\qmgr.dll => MD5 is legit
      C:\Windows\System32\es.dll => MD5 is legit
      C:\Windows\System32\cryptsvc.dll
      [2016-05-10 12:11] - [2015-04-27 16:23] - 0188416 ____A (Microsoft Corporation) 7BC3E861F7E8EB543A630090FAE779E0 C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
      C:\Windows\System32\svchost.exe => MD5 is legit
      C:\Windows\System32\rpcss.dll
      [2016-05-10 09:35] - [2016-02-02 15:57] - 0511488 ____A (Microsoft Corporation) 622C96AFB07BB82C8650B47172137AC4 **** End of log ****   MBR-Scan MBRScan v1.1.1 OS             : Windows 7 Service Pack 1 (64 bit) PROCESSOR      : Intel64 Family 6 Model 37 Stepping 2, GenuineIntel BOOT           : Normal Boot DATE           : 2016/10/01 (ISO 8601) at 01:14:13 ________________________________________________________________________________ DISK           : Device\Harddisk0\DR0 __ST500LM0 12 HN-M500MB (2BA3) BUS_TYPE       : (0x03)  P-ATA USE_PIO        : NO MAX_TRANSFER   : 128 Kb ALIGNMENT_MASK : word aligned ________________________________________________________________________________ Device\Harddisk0\DR0    465.8 Go  [Fixed] ==> 7 MBR Code MBR_MD5   : 2D1741856F1310D83C1BA0E2255D874E MBR_SHA1  : 522EA49851B94E9537ACCA7B12101EE4BA958468 Device\Harddisk0\Partition1    100.0 Mo      0x07 NTFS / HPFS __ BOOTABLE __ Device\Harddisk0\Partition2    465.7 Go      0x07 NTFS / HPFS ________________________________________________________________________________ ############################### Additional scan ################################ DRIVER  : C:\Windows\system32\hal.dll => Invisible on the disk ADDRESS : 0x02E1A000 SIZE    : 292.0 Ko DRIVER  : C:\Windows\system32\kdcom.dll => Invisible on the disk ADDRESS : 0x00B9A000 SIZE    : 40.0 Ko DRIVER  : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk ADDRESS : 0x00C2A000 SIZE    : 316.0 Ko DRIVER  : C:\Windows\system32\CLFS.SYS => Invisible on the disk ADDRESS : 0x00C8D000 SIZE    : 376.0 Ko DRIVER  : C:\Windows\system32\CI.dll => Invisible on the disk ADDRESS : 0x00CEB000 SIZE    : 468.0 Ko DRIVER  : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk ADDRESS : 0x00E30000 SIZE    : 776.0 Ko DRIVER  : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk ADDRESS : 0x00EF2000 SIZE    : 64.0 Ko DRIVER  : C:\Windows\system32\drivers\ACPI.sys => Invisible on the disk ADDRESS : 0x00F02000 SIZE    : 348.0 Ko DRIVER  : C:\Windows\system32\drivers\WMILIB.SYS => Invisible on the disk ADDRESS : 0x00F59000 SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\drivers\msisadrv.sys => Invisible on the disk ADDRESS : 0x00F62000 SIZE    : 40.0 Ko DRIVER  : C:\Windows\system32\drivers\pci.sys => Invisible on the disk ADDRESS : 0x00F6C000 SIZE    : 204.0 Ko DRIVER  : C:\Windows\system32\drivers\vdrvroot.sys => Invisible on the disk ADDRESS : 0x00F9F000 SIZE    : 52.0 Ko DRIVER  : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk ADDRESS : 0x00FAC000 SIZE    : 84.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\compbatt.sys => Invisible on the disk ADDRESS : 0x00FC1000 SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\BATTC.SYS => Invisible on the disk ADDRESS : 0x00FCA000 SIZE    : 48.0 Ko DRIVER  : C:\Windows\system32\drivers\volmgr.sys => Invisible on the disk ADDRESS : 0x00FD6000 SIZE    : 84.0 Ko DRIVER  : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk ADDRESS : 0x00D60000 SIZE    : 368.0 Ko DRIVER  : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk ADDRESS : 0x00E00000 SIZE    : 104.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\iaStor.sys => Invisible on the disk ADDRESS : 0x010B9000 SIZE    : 1.11 Mo DRIVER  : C:\Windows\system32\drivers\atapi.sys => Invisible on the disk ADDRESS : 0x011D5000 SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\drivers\ataport.SYS => Invisible on the disk ADDRESS : 0x01000000 SIZE    : 168.0 Ko DRIVER  : C:\Windows\system32\drivers\msahci.sys => Invisible on the disk ADDRESS : 0x0102A000 SIZE    : 44.0 Ko DRIVER  : C:\Windows\system32\drivers\PCIIDEX.SYS => Invisible on the disk ADDRESS : 0x01035000 SIZE    : 64.0 Ko DRIVER  : C:\Windows\system32\drivers\amdxata.sys => Invisible on the disk ADDRESS : 0x01045000 SIZE    : 44.0 Ko DRIVER  : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk ADDRESS : 0x01050000 SIZE    : 304.0 Ko DRIVER  : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk ADDRESS : 0x0109C000 SIZE    : 80.0 Ko DRIVER  : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk ADDRESS : 0x01205000 SIZE    : 1.66 Mo DRIVER  : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk ADDRESS : 0x0140E000 SIZE    : 376.0 Ko DRIVER  : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk ADDRESS : 0x0146C000 SIZE    : 108.0 Ko DRIVER  : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk ADDRESS : 0x01487000 SIZE    : 456.0 Ko DRIVER  : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk ADDRESS : 0x014F9000 SIZE    : 68.0 Ko DRIVER  : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk ADDRESS : 0x0150A000 SIZE    : 40.0 Ko DRIVER  : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk ADDRESS : 0x01676000 SIZE    : 972.0 Ko DRIVER  : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk ADDRESS : 0x01769000 SIZE    : 384.0 Ko DRIVER  : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk ADDRESS : 0x017C9000 SIZE    : 172.0 Ko DRIVER  : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk ADDRESS : 0x01800000 SIZE    : 2.00 Mo DRIVER  : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk ADDRESS : 0x01600000 SIZE    : 292.0 Ko DRIVER  : C:\Windows\system32\drivers\vmstorfl.sys => Invisible on the disk ADDRESS : 0x01649000 SIZE    : 64.0 Ko DRIVER  : C:\Windows\system32\drivers\volsnap.sys => Invisible on the disk ADDRESS : 0x01514000 SIZE    : 304.0 Ko DRIVER  : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk ADDRESS : 0x01659000 SIZE    : 32.0 Ko DRIVER  : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk ADDRESS : 0x01560000 SIZE    : 232.0 Ko DRIVER  : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk ADDRESS : 0x01661000 SIZE    : 72.0 Ko DRIVER  : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk ADDRESS : 0x017F4000 SIZE    : 36.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk ADDRESS : 0x0159A000 SIZE    : 232.0 Ko DRIVER  : C:\Windows\system32\drivers\disk.sys => Invisible on the disk ADDRESS : 0x015D4000 SIZE    : 84.0 Ko DRIVER  : C:\Windows\system32\drivers\CLASSPNP.SYS => Invisible on the disk ADDRESS : 0x013AE000 SIZE    : 192.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\avguniva.sys => Invisible on the disk ADDRESS : 0x015E9000 SIZE    : 68.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\avgrkx64.sys => Invisible on the disk ADDRESS : 0x01400000 SIZE    : 44.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\avgloga.sys => Invisible on the disk ADDRESS : 0x01A4B000 SIZE    : 340.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\avgmfx64.sys => Invisible on the disk ADDRESS : 0x01AA0000 SIZE    : 248.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\avgidsha.sys => Invisible on the disk ADDRESS : 0x01ADE000 SIZE    : 256.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the disk ADDRESS : 0x02E00000 SIZE    : 168.0 Ko DRIVER  : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk ADDRESS : 0x02E2A000 SIZE    : 36.0 Ko DRIVER  : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk ADDRESS : 0x02E33000 SIZE    : 28.0 Ko DRIVER  : C:\Windows\System32\drivers\vga.sys => Invisible on the disk ADDRESS : 0x02E3A000 SIZE    : 56.0 Ko DRIVER  : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk ADDRESS : 0x02E48000 SIZE    : 148.0 Ko DRIVER  : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk ADDRESS : 0x02E6D000 SIZE    : 64.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk ADDRESS : 0x02E7D000 SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk ADDRESS : 0x02E86000 SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk ADDRESS : 0x02E8F000 SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\drivers\wsddfac.sys => Invisible on the disk ADDRESS : 0x02E98000 SIZE    : 164.0 Ko DRIVER  : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk ADDRESS : 0x01B2C000 SIZE    : 44.0 Ko DRIVER  : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk ADDRESS : 0x01B37000 SIZE    : 68.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk ADDRESS : 0x01B48000 SIZE    : 136.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk ADDRESS : 0x01B6A000 SIZE    : 52.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\avgtdia.sys => Invisible on the disk ADDRESS : 0x01B77000 SIZE    : 280.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk ADDRESS : 0x01A00000 SIZE    : 276.0 Ko DRIVER  : C:\Windows\system32\drivers\afd.sys => Invisible on the disk ADDRESS : 0x0403C000 SIZE    : 548.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk ADDRESS : 0x040C5000 SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk ADDRESS : 0x040CE000 SIZE    : 152.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk ADDRESS : 0x040F4000 SIZE    : 88.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk ADDRESS : 0x0410A000 SIZE    : 60.0 Ko DRIVER  : C:\Windows\system32\drivers\wsddpp.sys => Invisible on the disk ADDRESS : 0x04119000 SIZE    : 152.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk ADDRESS : 0x0413F000 SIZE    : 108.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\termdd.sys => Invisible on the disk ADDRESS : 0x0415A000 SIZE    : 80.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk ADDRESS : 0x0416E000 SIZE    : 324.0 Ko DRIVER  : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk ADDRESS : 0x041BF000 SIZE    : 48.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\mssmbios.sys => Invisible on the disk ADDRESS : 0x041CB000 SIZE    : 44.0 Ko DRIVER  : C:\Windows\System32\drivers\discache.sys => Invisible on the disk ADDRESS : 0x041D6000 SIZE    : 60.0 Ko DRIVER  : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk ADDRESS : 0x04000000 SIZE    : 120.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\blbdrive.sys => Invisible on the disk ADDRESS : 0x0401E000 SIZE    : 68.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\avgldx64.sys => Invisible on the disk ADDRESS : 0x01BBD000 SIZE    : 252.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\avgidsdrivera.sys => Invisible on the disk ADDRESS : 0x042D6000 SIZE    : 316.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\avgdiska.sys => Invisible on the disk ADDRESS : 0x04325000 SIZE    : 156.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\CmBatt.sys => Invisible on the disk ADDRESS : 0x04372000 SIZE    : 20.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\igdkmd64.sys => Invisible on the disk ADDRESS : 0x04A0A000 SIZE    : 11.74 Mo DRIVER  : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk ADDRESS : 0x044E8000 SIZE    : 980.0 Ko DRIVER  : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk ADDRESS : 0x04400000 SIZE    : 280.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\HECIx64.sys => Invisible on the disk ADDRESS : 0x04446000 SIZE    : 68.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\usbehci.sys => Invisible on the disk ADDRESS : 0x04457000 SIZE    : 72.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\USBPORT.SYS => Invisible on the disk ADDRESS : 0x04469000 SIZE    : 344.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\HDAudBus.sys => Invisible on the disk ADDRESS : 0x044BF000 SIZE    : 144.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\rtl8192se.sys => Invisible on the disk ADDRESS : 0x0469D000 SIZE    : 1.16 Mo DRIVER  : C:\Windows\system32\DRIVERS\vwifibus.sys => Invisible on the disk ADDRESS : 0x047C5000 SIZE    : 52.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\Rt64win7.sys => Invisible on the disk ADDRESS : 0x04600000 SIZE    : 348.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\i8042prt.sys => Invisible on the disk ADDRESS : 0x04657000 SIZE    : 120.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\kbdclass.sys => Invisible on the disk ADDRESS : 0x04675000 SIZE    : 60.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\SynTP.sys => Invisible on the disk ADDRESS : 0x04377000 SIZE    : 408.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the disk ADDRESS : 0x04684000 SIZE    : 8.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\mouclass.sys => Invisible on the disk ADDRESS : 0x04686000 SIZE    : 60.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\Impcd.sys => Invisible on the disk ADDRESS : 0x047D2000 SIZE    : 156.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\wmiacpi.sys => Invisible on the disk ADDRESS : 0x045DD000 SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\intelppm.sys => Invisible on the disk ADDRESS : 0x045E6000 SIZE    : 88.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\CompositeBus.sys => Invisible on the disk ADDRESS : 0x055C8000 SIZE    : 64.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk ADDRESS : 0x055D8000 SIZE    : 88.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk ADDRESS : 0x04200000 SIZE    : 144.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk ADDRESS : 0x055EE000 SIZE    : 48.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk ADDRESS : 0x04224000 SIZE    : 188.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk ADDRESS : 0x04253000 SIZE    : 108.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the disk ADDRESS : 0x0426E000 SIZE    : 132.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the disk ADDRESS : 0x0428F000 SIZE    : 104.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\rdpbus.sys => Invisible on the disk ADDRESS : 0x042A9000 SIZE    : 44.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\swenum.sys => Invisible on the disk ADDRESS : 0x047F9000 SIZE    : 8.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\ks.sys => Invisible on the disk ADDRESS : 0x00DBC000 SIZE    : 268.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\umbus.sys => Invisible on the disk ADDRESS : 0x042B4000 SIZE    : 72.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\usbhub.sys => Invisible on the disk ADDRESS : 0x05A39000 SIZE    : 360.0 Ko DRIVER  : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the disk ADDRESS : 0x05A93000 SIZE    : 84.0 Ko DRIVER  : C:\Windows\system32\drivers\RTKVHD64.sys => Invisible on the disk ADDRESS : 0x066E0000 SIZE    : 2.38 Mo DRIVER  : C:\Windows\system32\drivers\portcls.sys => Invisible on the disk ADDRESS : 0x06940000 SIZE    : 244.0 Ko DRIVER  : C:\Windows\system32\drivers\drmk.sys => Invisible on the disk ADDRESS : 0x0697D000 SIZE    : 136.0 Ko DRIVER  : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk ADDRESS : 0x0699F000 SIZE    : 24.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\IntcDAud.sys => Invisible on the disk ADDRESS : 0x069A5000 SIZE    : 284.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\usbccgp.sys => Invisible on the disk ADDRESS : 0x0663C000 SIZE    : 116.0 Ko DRIVER  : C:\Windows\System32\Drivers\usbvideo.sys => Invisible on the disk ADDRESS : 0x06659000 SIZE    : 184.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\hidusb.sys => Invisible on the disk ADDRESS : 0x06687000 SIZE    : 56.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\HIDCLASS.SYS => Invisible on the disk ADDRESS : 0x06695000 SIZE    : 100.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\HIDPARSE.SYS => Invisible on the disk ADDRESS : 0x066AE000 SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\mouhid.sys => Invisible on the disk ADDRESS : 0x066B7000 SIZE    : 52.0 Ko DRIVER  : C:\Windows\System32\win32k.sys => Invisible on the disk ADDRESS : 0x00020000 SIZE    : 3.15 Mo DRIVER  : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the disk ADDRESS : 0x06600000 SIZE    : 48.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the disk ADDRESS : 0x0660C000 SIZE    : 56.0 Ko DRIVER  : C:\Windows\System32\TSDDD.dll => Invisible on the disk ADDRESS : 0x00520000 SIZE    : 40.0 Ko DRIVER  : C:\Windows\System32\cdd.dll => Invisible on the disk ADDRESS : 0x00680000 SIZE    : 156.0 Ko DRIVER  : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk ADDRESS : 0x05BC4000 SIZE    : 140.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk ADDRESS : 0x05BE7000 SIZE    : 84.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the disk ADDRESS : 0x02EC1000 SIZE    : 332.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk ADDRESS : 0x05A00000 SIZE    : 76.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk ADDRESS : 0x05A13000 SIZE    : 96.0 Ko DRIVER  : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk ADDRESS : 0x02F14000 SIZE    : 804.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk ADDRESS : 0x0434C000 SIZE    : 120.0 Ko DRIVER  : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk ADDRESS : 0x043DD000 SIZE    : 96.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk ADDRESS : 0x02ACF000 SIZE    : 180.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk ADDRESS : 0x02AFC000 SIZE    : 312.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk ADDRESS : 0x02B4A000 SIZE    : 144.0 Ko DRIVER  : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk ADDRESS : 0x02A00000 SIZE    : 680.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk ADDRESS : 0x02B6E000 SIZE    : 196.0 Ko DRIVER  : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk ADDRESS : 0x02B9F000 SIZE    : 72.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk ADDRESS : 0x08458000 SIZE    : 420.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk ADDRESS : 0x084C1000 SIZE    : 608.0 Ko DRIVER  : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk ADDRESS : 0x085EC000 SIZE    : 56.0 Ko DRIVER  : C:\Windows\System32\Drivers\dump_iaStor.sys => Invisible on the disk ADDRESS : 0x05AA8000 SIZE    : 1.11 Mo DRIVER  : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk ADDRESS : 0x08422000 SIZE    : 76.0 Ko DRIVER  : C:\Windows\System32\smss.exe => Invisible on the disk ADDRESS : 0x48270000 SIZE    : 128.0 Ko BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020) SystemStartOptions :  NOEXECUTE=OPTIN ________________________________________________________________________________ _______MBR   \Device\Harddisk0\DR0   0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.м.|.À.ؾ.|¿. 0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹.. 0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å. 0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF.. 0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu. 0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t 0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h. 0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ. 0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V. 0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ 0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë. 0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U 0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd 0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu 0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT 0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.». 0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf 0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f 0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í 0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä 0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í 0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø 0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti 0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error 0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati 0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin 0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst 0x000001B0   65 6D 00 00 00 63 7B 9A 76 7C 93 55 00 00 80 20   em...c{.v|.U...  0x000001C0   21 00 07 DF 13 0C 00 08 00 00 00 20 03 00 00 DF   !..ß....... ...ß 0x000001D0   14 0C 07 FE FF FF 00 28 03 00 00 30 35 3A 00 00   ...þ...(...05:.. 0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª
    • Ola, Elias. Desculpa o double post sem esperar sua resposta, mas acho valido relatar isso. Desde que foi feito os scans o problema aparentemente acabou. Estou navegando desde o dia que foi feita a limpeza e ate agora nada do problema voltar a aparecer. Pode colocar como resolvido.   Fica aqui meu muito obrigado, muito mesmo! 
    • Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 30-09-2016
      Executado por Particular (30-09-2016 23:29:13) Run:1
      Executando a partir de C:\Users\Particular\Desktop
      Perfis Carregados: Particular (Perfis Disponíveis: Particular)
      Modo da Inicialização: Normal
      ============================================== fixlist Conteúdo:
      *****************
      start
      CreateRestorePoint:
      ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu-Security-2014-4.4.4.82804\Baidu Antivirus\5.4.3.115722.0\BavShx64.dll Nenhum Arquivo
      SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
      SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL =
      SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
      SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
      SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
      FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-08]
      FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      U3 aw7ep2b0; C:\Windows\System32\Drivers\aw7ep2b0.sys [0 ] (Advanced Micro Devices) <==== ATENÇÃO (zero byte Arquivo/Pasta)
      2014-09-27 10:10 - 2014-09-27 10:10 - 0000020 _____ () C:\ProgramData\bc.ini
      2015-07-05 17:33 - 2015-07-05 17:33 - 0000229 _____ () C:\ProgramData\nbc.ini
      ShortcutWithArgument: C:\Users\Particular\AppData\Local\Google\Chrome\User Data\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
      ShortcutWithArgument: C:\Users\Particular\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Inicializador de aplicativos do Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
      AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]
      AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg== [32]
      AlternateDataStreams: C:\Windows\System32:770CAF84_Uni.gbp [2]
      AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [1270]
      AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [1198]
      AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118]
      EmptyTemp:
      end
       
      ***************** Ponto de Restauração criado com sucesso.
      "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock" => chave removido (a) com sucesso.
      "HKCR\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}" => chave removido (a) com sucesso.
      HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
      "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}" => chave removido (a) com sucesso.
      HKCR\CLSID\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} => chave não encontrado (a).
      HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor restaurado com sucesso
      "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => chave removido (a) com sucesso.
      HKCR\Wow6432Node\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} => chave não encontrado (a).
      HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
      HKLM\Software\Mozilla\Firefox\Extensions\\sp@avast.com => valor removido (a) com sucesso. "C:\Program Files\AVAST Software\Avast\SafePrice\FF" pasta mover: Não pode ser movido "C:\Program Files\AVAST Software\Avast\SafePrice\FF" => Agendado para ser movido na reinicialização. HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\sp@avast.com => valor removido (a) com sucesso.
      "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => chave removido (a) com sucesso.
      aw7ep2b0 => serviço não encontrado (a).
      C:\ProgramData\bc.ini => movido com sucesso
      C:\ProgramData\nbc.ini => movido com sucesso
      C:\Users\Particular\AppData\Local\Google\Chrome\User Data\Inicializador de aplicativos do Google Chrome.lnk => Atalho argumento removido (a) com sucesso..
      C:\Users\Particular\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Inicializador de aplicativos do Google Chrome.lnk => Atalho argumento removido (a) com sucesso..
      C:\Program Files (x86)\GbPlugin => ":IncompleteStartProcessProtection.cnt" ADS removido (a) com sucesso..
      C:\Program Files (x86)\GbPlugin => ":u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==" ADS removido (a) com sucesso..
      C:\Windows\System32 => ":770CAF84_Uni.gbp" ADS removido (a) com sucesso..
      C:\Windows\system32\Drivers\gbpddfac64.sys => ":X5ZN8aGvT4" ADS removido (a) com sucesso..
      C:\Windows\system32\Drivers\wsddfac.sys => ":X5ZN8aGXs4" ADS removido (a) com sucesso..
      C:\ProgramData\TEMP => ":56E2E879" ADS removido (a) com sucesso.. =========== EmptyTemp: ========== BITS transfer queue => 8388608 B
      DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 142002149 B
      Java, Flash, Steam htmlcache => 224086615 B
      Windows/system/drivers => 1554365 B
      Edge => 0 B
      Chrome => 554030261 B
      Firefox => 469421371 B
      Opera => 0 B Temp, IE cache, history, cookies, recent:
      Default => 0 B
      Public => 0 B
      ProgramData => 0 B
      systemprofile => 33253 B
      systemprofile32 => 40635 B
      LocalService => 0 B
      NetworkService => 0 B
      Particular => 118591603 B RecycleBin => 0 B
      EmptyTemp: => 1.4 GB de dados temporários Removidos. ================================ Resultado dos arquivos que foram agendados para serem movidos (Modo de Inicialização: Normal) (Data&Hora: 30-09-2016 23:33:45) "C:\Program Files\AVAST Software\Avast\SafePrice\FF" => Não pode ser movido ==== Fim de Fixlog 23:33:46 ====
    • fiz todo o procedimento do tutorial,mais a opção a baixo não aparece dessa forma abaixo. O resultado é a pasta com meus documentos. Mesmo ativando a opção de visualizar pastas e arquivos ocultos e protegidos do sistema operacional não achei nenhuma pasta que tivesse as dlls mencionadas. Poderia por gentileza me passar o caminho completo?  
    • Eu fiz o procedimento do post 8 novamente, pois na conta do administrador não tinha o programa e depois realizei o procedimento pedido no último post.

      * Anexei todos os procedimentos realizados e o que foi pedido no último post.

        Fixlog.txt Addition.txt FRST.txt
    • Boa noite Ciro-Mota, Segue log do FRST64: Fixlog.txt Nota: Novamente só consegui rodar o FRST64 em modo de segurança, do contrário o programa travava logo após inicializar. Grato.
    • Ola, continua lento amigo. Quando abro o gestor o que mais está gastando cpu é o firefox....o pc continua fazendo reset sozinho e dando crash.
    • ZA-Scan 300916.txt FSS 300916.txt MbrScan 300916.txt
  • Today's Birthdays

    1. Conceicao10
      Conceicao10
      (40 years old)
    2. FabiSanca
      FabiSanca
      (37 years old)
    3. fadgs
      fadgs
      (36 years old)
    4. Hiroshi
      Hiroshi
      (24 years old)
    View all
  • Upcoming Events

    No upcoming events found