Fóruns

  1. Linha Defensiva

    1. Novidades e Avisos

      Novidades do site e avisos da administração do fórum.

      481
      posts
    2. Informações do Fórum

      Regras, informações e FAQs sobre o fórum.

      15
      posts
    3. Boletim Linha Defensiva

      Arquivos do Boletim.

      34
      posts
    4. Comentários, críticas e sugestões

      Se você tem dúvidas, comentários, críticas, elogios ou sugestões sobre o site ou fórum, você pode postar aqui.

      4.052
      posts
  2. Serviços

    1. Remoção de Malware

      Ajuda para a remoção de vírus, worms, trojans e spyware.
      Leia os tópicos destacados dentro do fórum antes de postar!

      298.935
      posts
    2. Experiências Online

      Divida suas experiências online em lojas e outros prestadores de serviço na web. Observe atentamente as regras antes de postar.
      [Pré-moderado+]

      82
      posts
    3. BankerFix

      Dúvidas, tópicos e problemas com a ferramenta de remoção de Bankers BankerFix

      2.803
      posts
    4. ARIS-LD

      Use este fórum para fazer denúncias de links ou arquivos maliciosos ao ARIS, o time de Análise e Resposta a Incidentes de Segurança da Linha Defensiva.

      78
      posts
  3. Malware

    1. Informações e FAQs

      Tutoriais e informações sobre novos spywares, trojans e vírus.
      Somente leitura

      24
      posts
    2. Dúvidas sobre Malware

      Outras dúvidas sobre malware (vírus, trojans, worms, etc)
      Não coloque tópicos para remoção de malware aqui

      19.264
      posts
  4. Segurança

    1. Alertas de Segurança

      Novo vírus à solta? É aqui que você pode avisar sobre ele e ficar sabendo de outros acontecimentos da segurança na Internet.
      [Pré-moderado]

      4.101
      posts
    2. Segurança Geral

      Discuta sobre utilitários de segurança, métodos de proteção e outras dúvidas sobre segurança que não sejam sobre os assuntos dos fóruns acima.

      7.753
      posts
    3. Programas e soluções de backup

      Dicas e dúvidas sobre programas de backup, gerenciamento de mídias e catálogos, soluções de software e hardware para criação de cópias de segurança.

      691
      posts
    4. Redes

      Segurança em redes, redes sem fio, utilização de proxies seguros, proxies e configurações que podem ajudar uma rede, seus clientes e servidores a estarem livre de perigos.

      11.681
      posts
    5. Antivírus

      Problemas e dúvidas sobre antivírus

      14.378
      posts
    6. Anti-Spywares

      Dúvidas e tutorials para Anti-Spywares (Ad-Aware, Spybot, etc).

      5.214
      posts
    7. Firewalls e Filtros

      Dúvidas e tutoriais sobre software e hardware firewalls, proxies e filtros de conteúdo.

      4.332
      posts
    8. Privacidade

      Discussão sobre privacidade e softwares relacionados a privacidade.

      1.529
      posts
  5. Computação Geral

    1. 29.263
      posts
    2. 36.048
      posts
    3. Navegadores & Websites

      Discussão sobre navegadores e clientes FTP, incluindo problemas com websites e curiosidades na web.

      10.923
      posts
    4. Programas de e-mail e anti-spam

      Dúvidas sobre serviços e clientes de e-mail e lixo eletrônico. Questões sobre protocolos de e-mail (POP, IMAP, SMTP) e técnicas anti-spam podem ser colocadas aqui.

      2.306
      posts
    5. Software Geral & Internet

      Ajuda com outros softwares, como Office, utilitários, ferramentas e softwares de Internet como programas P2P, comunicadores instantâneos e outros. Dúvidas sobre navegadores devem ser colocadas no fórum Navegadores & Websites

      18.853
      posts
    6. Discussão e Dúvidas Gerais

      Fórum para dúvidas sobre computação que não estão incluídas nos outros fóruns.

      12.451
      posts
    7. Programação

      Discussão geral sobre programação (C/C++/C#, Delphi, Java, Ruby, Python, etc)

      1.184
      posts
  6. Geral & Entretenimento

    1. Jogos

      Discussão e dúvidas sobre jogos. Emuladores, consoles, lançamentos e dúvidas.

      2.402
      posts
    2. Deskmod

      Tire dúvidas sobre a personalização do seu desktop! Conheça ferramentas e troque idéias para ter uma área de trabalho mais eficiente e bonita.

      696
      posts
    3. Livros, HQs e Mangás

      Fórum para troca de opiniões, resenhas e discussões sobre livros, histórias em quadrinhos e mangás.

      228
      posts
    4. Filmes, séries, animes e músicas

      Fórum para discutir e comentar shows de TV, filmes, seriados, músicas e desenhos animados.

      913
      posts
    5. Casemod

      Discussão, dicas, tutoriais e dúvidas sobre casemod.

      89
      posts
    6. Celulares, câmeras e tablets

      Troque idéias, opiniões e experiências sobre telefones móveis, câmeras fotográficas e eletrônicos de consumo (tablets, TVs, DVD players, etc)

      1.120
      posts
  7. Outros

    1. Notícias da Linha Defensiva

      Notícias publicadas pela Linha Defensiva.

      91
      posts
    2. Notícias

      Notícias gerais sobre o mundo e sobre tecnologia da informação.
      [Pré-moderado] [sCP]

      2.945
      posts
    3. Enquetes

      Para postar suas enquetes.
      [Pré-moderado] [sCP]

      2.004
      posts
    4. Mesa Redonda

      Discussões sobre qualquer tema, da política à religião. Enquetes sobre assuntos que não se enquadram na área de tecnologia também podem ser postadas aqui.
      [Pré-moderado] [sCP]

      1.929
      posts
  • Quem Está Online   0 Membros, 0 Anônimos, 14 Visitantes (lista completa)

    Não há membros online no momento

  • Estatísticas de Usuários

    123.379
    Membros
    820
    Recorde Online
    jsmtec
    Membro Mais Novo
    jsmtec
    Registro em
  • Atualizações Recentes de Status

    • Zumbaria  »  Sam Spade

      boa noite preciso reativar o forum 
      não consegui responder pois estava em viagem agora estou de retorno e preciso resolver sobre com urgencia pois o computDOR QUE esta com problema deve ser usadoneste fim de semana sem o problema do mesmo
      · 0 respostas
    • Minecraftado

      Quando você fica 2 anos sem entrar no fórum e quando volta percebe que seu português era uma porcaria kkk!
      · 1 resposta
    • glauber  »  Ciro-Mota

      Olá Ciro,
      Como você já me orientou e me ajudou por várias vezes para resolver problemas no meu computador eu gostaria de saber porque algumas pessoas de outro fórum acharam que este tópico que postei aqui
      http://www.linhadefensiva.org/forum/forum/31-discussão-e-dúvidas-gerais/
      era um problema de uma chave hiper maliciosa. Você informou que não tinha problemas com malware e enviou para o fórum de discussão e dúvidas gerais.
      Veja o que alguns colegas seus falaram desta chave aqui no outro fórum:
      A chave que me refiro é esta: CoreJpeg HKCU\Software\CoreJpeg
      Post no outro fórum está abaixo:
      http://www.hardware.com.br/comunidade/backup-computador/1428398/#post7596660
      Aguardo seus comentários.
       
      · 1 resposta
    • yellowman  »  Ciro-Mota

      Boa Tarde Ciro,
      Posso deletar as ferramentas de limpeza?
      · 1 resposta
    • glauber  »  Ciro-Mota

      Olá Ciro,
      Porque este meu tópico abaixo foi removido da seção de problemas com malwares?
      http://www.linhadefensiva.org/forum/forum/31-discussão-e-dúvidas-gerais/
      Aproveito para lhe perguntar a respeito do problema como o Excel e com o mouse.
      Não sei o que houve no Excel 2016, mas as planilhas ficaram meio confusas com uma cor verde após eu ter feito algumas desinstalações de alguns produtos do Windows. Parece que ficou otimizado demais, está muito rápido para mover o cursor e eu gostaria de deixar como estava antes. Além disso, a autosoma também ficou muito confusa com relação as operações.
      O outro problema que vem ocorrendo é apenas quando abro os e-mails com outlook express. As mensagens conforme clico com o botão esquerdo, funcionam apenas com o botão direito do mouse. Mas, isso ocorre mais na inicialização. Depois de alguns minutos volta a funcionar normalmente.
      Parece que há algum estranho na inicialização. Não sei se tem alguma relação com o registro do Windows que parece que está otimizado demais. Eu cheguei a usar um programa que deixava o computador otimizado e depois desinstalei ele. Mas, parece que algo ficou ainda otimizado e deixou alguns softwares que utilizo mais rápidos que o normal.
      O que você me recomenda fazer nestes casos para resolver isso?
       
       
       
       
       
       
       
       
      · 1 resposta
    • Lukass  »  Elias Pereira

      Bom dia! Conforme pediu no seu primeiro contato, estou lhe avisando que estou a mais de cinco dias sem resposta sua. Obrigado!!
      · 0 respostas
    • Rangel de Jesus

      Ainda estou com o mesmo problema. Já ajudaram a mim, mas nem no google encontrei solução. Se alguém ai possuir uma luz agradecerei muito. Entrei em contato com o suporte Google também, mas nada de resposta até agora, então, resolvi apelar mais uma vez. Um abraço.
      · 0 respostas
    • Ana Paula Vieira

      Boa tarde,
      Estou desesperada, meu netbook está muitooo lento. Além disso, abre páginas da Internet 12334...
      Desliga sozinho, informando que houve um erro no sistema. E agora não estou conseguindo acessar a Internet porque dá erro de certificado da página, mesmo a hora e a data estando corretas. O antivírus acusa que uma ameaça foi detectada, mas mesmo escaneando não consigo resolver e nem atualizar para o Windows 10. Por favor, me ajudem!!!
      · 1 resposta
    • Ciro-Mota

      “A noite chega, e agora começa a minha vigia. Não terminará até a minha morte. Não tomarei esposa, não possuirei terras, não gerarei filhos. Não usarei coroas e não conquistarei glórias. Viverei e morrerei no meu posto. Sou a espada na escuridão. Sou o vigilante nas muralhas. Sou o fogo que arde contra o frio, a luz que traz consigo a alvorada, a trombeta que acorda os que dormem, o escudo que defende os reinos dos homens. Dou a minha vida e a minha honra à Patrulha da Noite, por esta noite e...
      · 0 respostas
    • Jayzon

      rencontre internet gratuit
      · 0 respostas
  • Tópicos Recentes

  • "Censo" de antivírus da Linha Defensiva   56 votos

    1. 1. Seu antivírus é pago ou gratuito?


      • Gratuito
      • Pago
    2. 2. Qual antivírus você usa?


      • AVG
      • Avast
      • Avira
      • Baidu
      • BitDefender
      • ESET
      • Kaspersky
      • MalwareBytes
      • McAfee
      • Panda
      • PSafe/Qihoo 360
      • Sophos
      • Symantec/Norton
      • Trend Micro
      • Windows Defender
      • Outro software não listado

    Please sign in or register to vote in this poll. View topic
  • Últimos posts

    • Ola, meu pc está desde ha um dia iniciando muito lentamente, o logo windows fica rodando e so ao fim de algum um tempo o pc inicia...primeiro sintoma que notei antes de ficar assim foi quando estava fazendo um texto no bloco de notas e de repente começa o windows sozinho a abrir multiplos blocos de nota em branco e enquanto tentava colar algo no bloco de notas que estava fazendo, o pc sozinho fazia um paragrafo de cerca de 20 linhas...sem nada escrito. Desde aí que ficou lento e fazendo crash e resentando sozinho. Qualquer ajuda agradeço, abraço.  
      ZA-Scan V1.0.0.5 Updated 19-September-2016
      Tool run by Jo on 24-01-2017 at  3:07:31.75.
      Microsoft® Windows Vista™ Home Basic  6.0.6002 Service Pack 2 x86
      Running in: Safe Mode NETWORK Internet Access Detected
      Launched: C:\Users\Jo\Downloads\ZA-Scan.exe [Z-Analyse Scan] ==== Running Processes ====================== C:\Windows\System32\smss.exe
      C:\Windows\system32\csrss.exe
      C:\Windows\system32\csrss.exe
      C:\Windows\system32\wininit.exe
      C:\Windows\system32\winlogon.exe
      C:\Windows\system32\services.exe
      C:\Windows\system32\lsass.exe
      C:\Windows\system32\lsm.exe
      C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
      C:\Windows\Explorer.EXE
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Windows\system32\DllHost.exe
      C:\Users\Jo\AppData\Roaming\Enigma Software Group\sh_installer.exe
      C:\Users\Jo\Downloads\AdwCleaner.exe
      C:\Users\Jo\Downloads\ZA-Scan.exe
      C:\Users\Jo\AppData\Local\temp\ZAScan.exe
      C:\Windows\system32\svchost.exe -k DcomLaunch
      C:\Windows\system32\svchost.exe -k rpcss
      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
      C:\Windows\system32\svchost.exe -k netsvcs
      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
      C:\Windows\system32\svchost.exe -k NetworkService
      C:\Windows\system32\svchost.exe -k LocalService
      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
      C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted ==== Services(whitelist) ======================
      Powered by E Dev R2 - [!SASCORE] - SAS Core Service - c:\program files\superantispyware\sascore.exe
      S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
      S2 - [dbupdate] - Dropbox Update Service (dbupdate) - c:\program files\dropbox\update\dropboxupdate.exe
      S2 - [DbxSvc] - DbxSvc - c:\windows\system32\dbxsvc.exe
      S2 - [gupdate] - Serviço Google Update (gupdate) - c:\program files\google\update\googleupdate.exe
      S2 - [MBAMService] - MBAMService - c:\program files\malwarebytes anti-malware\mbamservice.exe
      S2 - [slsvc] - Licenciamento de Software - c:\windows\system32\slsvc.exe
      S2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
      S3 - [ALG] - Serviço de gateway de camada de aplicação - c:\windows\system32\alg.exe
      S3 - [aspnet_state] - Serviço de Estado do ASP.NET - c:\windows\microsoft.net\framework\v4.0.30319\aspnet_state.exe
      S3 - [COMSysApp] - Aplicação de sistema COM+ - c:\windows\system32\dllhost.exe
      S3 - [dbupdatem] - Dropbox Update Service (dbupdatem) - c:\program files\dropbox\update\dropboxupdate.exe
      S3 - [DFSR] - Replicação de DFS - c:\windows\system32\dfsr.exe
      S3 - [FLEXnet Licensing Service] - FLEXnet Licensing Service - c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
      S3 - [FontCache3.0.0.0] - Cache de Tipos de Letra do Arquitectura de Apresentação do Windows 3.0.0.0 - c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe
      S3 - [gupdatem] - Serviço Google Update (gupdatem) - c:\program files\google\update\googleupdate.exe
      S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files\microsoft office\office14\groove.exe
      S3 - [MSDTC] - Coordenador de Transacções Distribuídas - c:\windows\system32\msdtc.exe
      S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
      S3 - [ose] - Office  Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
      S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
      S3 - [RpcLocator] - Localizador de 'Chamada de procedimento remoto' (RPC) - c:\windows\system32\locator.exe
      S3 - [SNMPTRAP] - Trap SNMP - c:\windows\system32\snmptrap.exe
      S3 - [TrustedInstaller] - Instalador de Módulos do Windows - c:\windows\servicing\trustedinstaller.exe
      S3 - [vds] - Disco Virtual - c:\windows\system32\vds.exe
      S3 - [VSS] - Cópia sombra de volume - c:\windows\system32\vssvc.exe
      S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
      S3 - [WMPNetworkSvc] - Serviço de Partilha de Rede do Windows Media Player - c:\program files\windows media player\wmpnetwk.exe
      S3 - [WPFFontCache_v0400] - Windows Presentation Foundation Font Cache 4.0.0.0 - c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe
      S4 - [Adobe LM Service] - Adobe LM Service - c:\program files\common files\adobe systems shared\service\adobelmsvc.exe
      S4 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\system32\macromed\flash\flashplayerupdateservice.exe
      S4 - [AVGIDSAgent] - AVGIDSAgent - c:\program files\avg\avg10\identity protection\agent\bin\avgidsagent.exe
      S4 - [avgwd] - AVG WatchDog - c:\program files\avg\avg10\avgwdsvc.exe
      S4 - [Bonjour Service] - ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## - c:\program files\bonjour\mdnsresponder.exe
      S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
      S4 - [digiSPTIService] - digiSPTIService - c:\program files\digidesign\pro tools\digisptiservice.exe
      S4 - [gusvc] - Google Updater Service - c:\program files\google\common\google updater\googleupdaterservice.exe
      S4 - [IDriverT] - InstallDriver Table Manager - c:\program files\common files\installshield\driver\1150\intel 32\idrivert.exe
      S4 - [Nero BackItUp Scheduler 3] - Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
      S4 - [NMIndexingService] - NMIndexingService - c:\program files\common files\nero\lib\nmindexingservice.exe
      S4 - [PLFlash DeviceIoControl Service] - PLFlash DeviceIoControl Service - c:\windows\system32\ioctlsvc.exe
      S4 - [PMBDeviceInfoProvider] - PMBDeviceInfoProvider - c:\program files\sony\pmb\pmbdeviceinfoprovider.exe
      S4 - [rpcapd] - Remote Packet Capture Protocol v.0 (experimental) - c:\program files\winpcap\rpcapd.exe
      S4 - [SkypeUpdate] - Skype Updater - c:\program files\skype\updater\updater.exe ==== Drivers(whitelist) ======================
      Powered by E Dev
      ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2090082979-3853575466-3905641514-1000\Software\Microsoft\Windows\CurrentVersion\Run]
      "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Dropbox"="C:\Program Files\Dropbox\Client\Dropbox.exe /systemstartup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
      "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 8.0]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="Acrobat Assistant 8.0"
      "hkey"="HKLM"
      "command"="\"C:\\Program Files\\Adobe\\Acrobat 9.0\\Acrobat\\Acrotray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Acrobat Speed Launcher]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="Adobe Acrobat Speed Launcher"
      "hkey"="HKLM"
      "command"="\"C:\\Program Files\\Adobe\\Acrobat 9.0\\Acrobat\\Acrobat_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="Adobe Reader Speed Launcher"
      "hkey"="HKLM"
      "command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ares]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="ares"
      "hkey"="HKCU"
      "command"="\"C:\\Program Files\\Ares\\Ares.exe\" -h" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AVG_TRAY]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="AVG_TRAY"
      "hkey"="HKLM"
      "command"="C:\\Program Files\\AVG\\AVG10\\avgtray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="BCSSync"
      "hkey"="HKLM"
      "command"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="CCleaner Monitoring"
      "hkey"="HKCU"
      "command"="\"C:\\Program Files\\CCleaner\\CCleaner.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="DAEMON Tools Lite"
      "hkey"="HKCU"
      "command"="\"C:\\Program Files\\DAEMON Tools Lite\\DTLite.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DigidesignMMERefresh]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="DigidesignMMERefresh"
      "hkey"="HKLM"
      "command"="C:\\Program Files\\Digidesign\\Drivers\\MMERefresh.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dropbox]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="Dropbox"
      "hkey"="HKLM"
      "command"="\"C:\\Program Files\\Dropbox\\Client\\Dropbox.exe\" /systemstartup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Family Tree Builder Update]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="Family Tree Builder Update"
      "hkey"="HKLM"
      "command"="C:\\MyHeritage\\Bin\\FTBCheckUpdates.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="HotKeysCmds"
      "hkey"="HKLM"
      "command"="C:\\Windows\\system32\\hkcmd.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="HP Software Update"
      "hkey"="HKLM"
      "command"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="IgfxTray"
      "hkey"="HKLM"
      "command"="C:\\Windows\\system32\\igfxtray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
      "hkey"="HKCU"
      "command"="\"C:\\Program Files\\Common Files\\Nero\\Lib\\NMIndexStoreSvr.exe\" ASO-616B5711-6DAE-4795-A05F-39A1E5104020" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBKeyScan]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="NBKeyScan"
      "hkey"="HKLM"
      "command"="\"C:\\Program Files\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="Persistence"
      "hkey"="HKLM"
      "command"="C:\\Windows\\system32\\igfxpers.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PMBVolumeWatcher]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="PMBVolumeWatcher"
      "hkey"="HKLM"
      "command"="C:\\Program Files\\Sony\\PMB\\PMBVolumeWatcher.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="RtHDVCpl"
      "hkey"="HKLM"
      "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe -s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="Sidebar"
      "hkey"="HKCU"
      "command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\snpstd]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="snpstd"
      "hkey"="HKLM"
      "command"="C:\\Windows\\vsnpstd.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpybotSD TeaTimer]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="SpybotSD TeaTimer"
      "hkey"="HKCU"
      "command"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="SunJavaUpdateSched"
      "hkey"="HKLM"
      "command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="TkBellExe"
      "hkey"="HKLM"
      "command"="\"C:\\Program Files\\Real\\RealPlayer\\Update\\realsched.exe\" -osboot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UnlockerAssistant]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="UnlockerAssistant"
      "hkey"="HKLM"
      "command"="C:\\Program Files\\Unlocker\\UnlockerAssistant.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Mobile-based device management]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="Windows Mobile-based device management"
      "hkey"="HKLM"
      "command"="%windir%\\WindowsMobile\\wmdSync.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WPCUMI]
      "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
      "item"="WPCUMI"
      "hkey"="HKLM"
      "command"="C:\\Windows\\system32\\WpcUmi.exe"
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk]
      "path"="C:\\Users\\Jo\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Adobe Gamma.lnk"
      "backup"="C:\\Windows\\pss\\Adobe Gamma.lnk.Startup"
      "backupExtension"=".Startup"
      "command"="C:\\Program Files\\Common Files\\Adobe\\Calibration\\Adobe Gamma Loader.exe "
      "item"="Adobe Gamma" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
      "path"="C:\\Users\\Jo\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\LimeWire On Startup.lnk"
      "backup"="C:\\Windows\\pss\\LimeWire On Startup.lnk.Startup"
      "backupExtension"=".Startup"
      "command"="C:\\PROGRA~1\\LimeWire\\LimeWire.exe -startup"
      "item"="LimeWire On Startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^setup_9.0.0.722_19.04.2011_10-50.lnk]
      "path"="C:\\Users\\Jo\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\setup_9.0.0.722_19.04.2011_10-50.lnk"
      "backup"="C:\\Windows\\pss\\setup_9.0.0.722_19.04.2011_10-50.lnk.Startup"
      "backupExtension"=".Startup"
      "command"="C:\\Users\\Jo\\Desktop\\Virus Removal Tool5\\setup_9.0.0.722_19.04.2011_10-50\\startup.exe \"C:\\Users\\Jo\\Desktop\\Virus Removal Tool5\\setup_9.0.0.722_19.04.2011_10-50\\setup_9.0.0.722_19.04.2011_10-50.exe\" -gui -bl"
      "item"="setup_9.0.0.722_19.04.2011_10-50" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^setup_9.0.0.722_21.10.2010_21-19[1].lnk]
      "path"="C:\\Users\\Jo\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\setup_9.0.0.722_21.10.2010_21-19[1].lnk"
      "backup"="C:\\Windows\\pss\\setup_9.0.0.722_21.10.2010_21-19[1].lnk.Startup"
      "backupExtension"=".Startup"
      "command"="C:\\Users\\Jo\\Desktop\\VIRUSR~1\\SETUP_~1.201\\startup.exe \"C:\\Users\\Jo\\Desktop\\Virus Removal Tool\\setup_9.0.0.722_21.10.2010_21-19[1]\\setup_9.0.0.722_21.10.2010_21-19[1].exe\" -gui -bl"
      "item"="setup_9.0.0.722_21.10.2010_21-19[1]" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^setup_9.0.0.722_22.02.2011_22-19.lnk]
      "path"="C:\\Users\\Jo\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\setup_9.0.0.722_22.02.2011_22-19.lnk"
      "backup"="C:\\Windows\\pss\\setup_9.0.0.722_22.02.2011_22-19.lnk.Startup"
      "backupExtension"=".Startup"
      "command"="C:\\Users\\Jo\\Desktop\\Virus Removal Tool4\\setup_9.0.0.722_22.02.2011_22-19\\startup.exe \"C:\\Users\\Jo\\Desktop\\Virus Removal Tool4\\setup_9.0.0.722_22.02.2011_22-19\\setup_9.0.0.722_22.02.2011_22-19.exe\" -gui -bl"
      "item"="setup_9.0.0.722_22.02.2011_22-19" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^setup_9.0.0.722_22.10.2010_21-18[1].lnk]
      "path"="C:\\Users\\Jo\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\setup_9.0.0.722_22.10.2010_21-18[1].lnk"
      "backup"="C:\\Windows\\pss\\setup_9.0.0.722_22.10.2010_21-18[1].lnk.Startup"
      "backupExtension"=".Startup"
      "command"="C:\\Users\\Jo\\Desktop\\Virus Removal Tool1\\setup_9.0.0.722_22.10.2010_21-18[1]\\startup.exe \"C:\\Users\\Jo\\Desktop\\Virus Removal Tool1\\setup_9.0.0.722_22.10.2010_21-18[1]\\setup_9.0.0.722_22.10.2010_21-18[1].exe\" -gui -bl"
      "item"="setup_9.0.0.722_22.10.2010_21-18[1]" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^setup_9.0.0.722_28.06.2011_23-06[1].lnk]
      "path"="C:\\Users\\Jo\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\setup_9.0.0.722_28.06.2011_23-06[1].lnk"
      "backup"="C:\\Windows\\pss\\setup_9.0.0.722_28.06.2011_23-06[1].lnk.Startup"
      "backupExtension"=".Startup"
      "command"="C:\\Users\\Jo\\Desktop\\Virus Removal Tool6\\setup_9.0.0.722_28.06.2011_23-06[1]\\startup.exe \"C:\\Users\\Jo\\Desktop\\Virus Removal Tool6\\setup_9.0.0.722_28.06.2011_23-06[1]\\setup_9.0.0.722_28.06.2011_23-06[1].exe\" -gui -bl"
      "item"="setup_9.0.0.722_28.06.2011_23-06[1]" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_29002884.lnk]
      "path"="C:\\Users\\Jo\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\_uninst_29002884.lnk"
      "backup"="C:\\Windows\\pss\\_uninst_29002884.lnk.Startup"
      "backupExtension"=".Startup"
      "command"="C:\\Users\\Jo\\AppData\\Local\\Temp\\_uninst_29002884.bat "
      "item"="_uninst_29002884"
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\!SASCORE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Adobe LM Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AVGIDSAgent] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\avgwd] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\dbupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\dbupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DbxSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DigiRefresh] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\digiSPTIService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FLEXnet Licensing Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IDriverT] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMScheduler] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Nero BackItUp Scheduler 3] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NMIndexingService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PLFlash DeviceIoControl Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PMBDeviceInfoProvider] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\rpcapd] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SBSDWSCService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate]
      ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [02-09-2016 01:24]
      C:\Windows\tasks\DropboxUpdateTaskMachineCore.job --a------ C:\Program Files\Dropbox\Update\DropboxUpdate.exe [11-09-2016 04:57]
      C:\Windows\tasks\DropboxUpdateTaskMachineUA.job --a------ C:\Program Files\Dropbox\Update\DropboxUpdate.exe [11-09-2016 04:57] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
      "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
      "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
      "C:\Windows\system32\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files\Dropbox\Update\DropboxUpdate.exe]
      "C:\Windows\system32\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files\Dropbox\Update\DropboxUpdate.exe]
      "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
      "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
      "C:\Windows\system32\tasks\HPCustParticipation HP Deskjet 2050 J510 series" ["C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe"]
      "C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-2090082979-3853575466-3905641514-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
      "C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-2090082979-3853575466-3905641514-1000" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
      "C:\Windows\system32\tasks\{6A4EBEAD-DFA1-416F-BC09-4BC55790FBA5}" [C:\Program Files\Skype\\Phone\Skype.exe]
      "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\f9d770kj.default-1482026036891
      user_pref("browser.startup.homepage", "http://www.google.com/"); ProfilePath: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\ll1ltj1q.default-1479758625685
      user_pref("browser.startup.homepage", "www.google.com"); ProfilePath: C:\Users\RUI-JA~1\AppData\Roaming\Mozilla\Firefox\Profiles\ngitt6v2.default
      user_pref("browser.startup.homepage", "www.google.com"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
      "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [21-07-2016 21:40] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\f9d770kj.default-1482026036891
      - Firefox Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi ProfilePath: C:\Users\RUI-JA~1\AppData\Roaming\Mozilla\Firefox\Profiles\ngitt6v2.default
      - Firefox Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi
      - Disable Private Browsing - %ProfilePath%\extensions\{43e98d89-1e1d-a8dc-eb86-b9221fc3ccbb}.xpi
      - CacheViewer - %ProfilePath%\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}.xpi AppDir: C:\Program Files\Mozilla Firefox
      - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\64q94qva.default-1466122486611
      6DE7BF0DADC0881F7ED82D9FCC998B89    - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\browser\nppdf32.dll -    Adobe Acrobat
      510AA818C6033853AAD2571C96487C4A    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll -    RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)
      A203B7672EB56D4CA3EAEA795970B05A    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll -    RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)
      BB09CC53C23844B3B2A0A39BC30576B6    - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll -    RealPlayer Version Plugin
      E3938E12FFD7FE9518B6185636E3FF06    - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll -    RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
      6E46B7DB2471D0F4BE904488BFC524BB    - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll -    RealJukebox NS Plugin
      AB87EEFFD18F2BAAFC274E7075EA6C67    - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -    Windows Presentation Foundation / Windows Presentation Foundation
      CF46E0E1398B382CE0CE738C67A38DD1    - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -    Windows Live? Photo Gallery
      0DD687A1F6A242131C3DA07D8BF84AE4    - C:\Program Files\Google\Picasa3\npPicasa3.dll -    Picasa
      073B9D80F013E1B10C70C4660859A407    - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll -    Google Earth Plugin
      54FC590185D7D00D65E53B9A5990DC14    - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll -    Shockwave Flash Profilepath: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\bhzqer7j.default-1466972607339
      A3257C59695BD691B433DFF4B3E36C86    - C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll -    Silverlight Plug-In
      54FC590185D7D00D65E53B9A5990DC14    - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll -    Shockwave Flash
      0DD687A1F6A242131C3DA07D8BF84AE4    - C:\Program Files\Google\Picasa3\npPicasa3.dll -    Picasa
      073B9D80F013E1B10C70C4660859A407    - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll -    Google Earth Plugin
      6E46B7DB2471D0F4BE904488BFC524BB    - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll -    RealJukebox NS Plugin
      A203B7672EB56D4CA3EAEA795970B05A    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll -    RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)
      510AA818C6033853AAD2571C96487C4A    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll -    RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)
      E3938E12FFD7FE9518B6185636E3FF06    - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll -    RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
      BB09CC53C23844B3B2A0A39BC30576B6    - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll -    RealPlayer Version Plugin
      CF46E0E1398B382CE0CE738C67A38DD1    - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -    Windows Live? Photo Gallery
      AB87EEFFD18F2BAAFC274E7075EA6C67    - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -    Windows Presentation Foundation / Windows Presentation Foundation
      6DE7BF0DADC0881F7ED82D9FCC998B89    - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\browser\nppdf32.dll -    Adobe Acrobat
      274C5170DF9AFE81421F0728BF301682    - C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrlui.dll -    Microsoft® Silverlight Profilepath: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\f9d770kj.default-1482026036891
      6DE7BF0DADC0881F7ED82D9FCC998B89    - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\browser\nppdf32.dll -    Adobe Acrobat
      F9D90EEC96E97411869E120E52B1AE0A    - C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll -    Google Update
      510AA818C6033853AAD2571C96487C4A    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll -    RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)
      A203B7672EB56D4CA3EAEA795970B05A    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll -    RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)
      BB09CC53C23844B3B2A0A39BC30576B6    - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll -    RealPlayer Version Plugin
      E3938E12FFD7FE9518B6185636E3FF06    - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll -    RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
      6E46B7DB2471D0F4BE904488BFC524BB    - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll -    RealJukebox NS Plugin
      AB87EEFFD18F2BAAFC274E7075EA6C67    - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -    Windows Presentation Foundation / Windows Presentation Foundation
      CF46E0E1398B382CE0CE738C67A38DD1    - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -    Windows Live? Photo Gallery
      A3257C59695BD691B433DFF4B3E36C86    - C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll -    Silverlight Plug-In
      0DD687A1F6A242131C3DA07D8BF84AE4    - C:\Program Files\Google\Picasa3\npPicasa3.dll -    Picasa
      073B9D80F013E1B10C70C4660859A407    - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll -    Google Earth Plugin
      54FC590185D7D00D65E53B9A5990DC14    - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll -    Shockwave Flash
      274C5170DF9AFE81421F0728BF301682    - C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrlui.dll -    Microsoft® Silverlight Profilepath: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\ll1ltj1q.default-1479758625685
      6DE7BF0DADC0881F7ED82D9FCC998B89    - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\browser\nppdf32.dll -    Adobe Acrobat
      510AA818C6033853AAD2571C96487C4A    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll -    RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)
      A203B7672EB56D4CA3EAEA795970B05A    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll -    RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)
      BB09CC53C23844B3B2A0A39BC30576B6    - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll -    RealPlayer Version Plugin
      E3938E12FFD7FE9518B6185636E3FF06    - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll -    RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
      6E46B7DB2471D0F4BE904488BFC524BB    - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll -    RealJukebox NS Plugin
      AB87EEFFD18F2BAAFC274E7075EA6C67    - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -    Windows Presentation Foundation / Windows Presentation Foundation
      CF46E0E1398B382CE0CE738C67A38DD1    - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -    Windows Live? Photo Gallery
      A3257C59695BD691B433DFF4B3E36C86    - C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll -    Silverlight Plug-In
      0DD687A1F6A242131C3DA07D8BF84AE4    - C:\Program Files\Google\Picasa3\npPicasa3.dll -    Picasa
      073B9D80F013E1B10C70C4660859A407    - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll -    Google Earth Plugin
      54FC590185D7D00D65E53B9A5990DC14    - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll -    Shockwave Flash
      274C5170DF9AFE81421F0728BF301682    - C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrlui.dll -    Microsoft® Silverlight Profilepath: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rku8suuj.default-1468709539942
      A3257C59695BD691B433DFF4B3E36C86    - C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll -    Silverlight Plug-In
      54FC590185D7D00D65E53B9A5990DC14    - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll -    Shockwave Flash
      0DD687A1F6A242131C3DA07D8BF84AE4    - C:\Program Files\Google\Picasa3\npPicasa3.dll -    Picasa
      073B9D80F013E1B10C70C4660859A407    - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll -    Google Earth Plugin
      6E46B7DB2471D0F4BE904488BFC524BB    - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll -    RealJukebox NS Plugin
      A203B7672EB56D4CA3EAEA795970B05A    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll -    RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)
      510AA818C6033853AAD2571C96487C4A    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll -    RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)
      E3938E12FFD7FE9518B6185636E3FF06    - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll -    RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
      BB09CC53C23844B3B2A0A39BC30576B6    - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll -    RealPlayer Version Plugin
      CF46E0E1398B382CE0CE738C67A38DD1    - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -    Windows Live? Photo Gallery
      AB87EEFFD18F2BAAFC274E7075EA6C67    - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -    Windows Presentation Foundation / Windows Presentation Foundation
      6DE7BF0DADC0881F7ED82D9FCC998B89    - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\browser\nppdf32.dll -    Adobe Acrobat
      274C5170DF9AFE81421F0728BF301682    - C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrlui.dll -    Microsoft® Silverlight Profilepath: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\wgvsj648.default-1468873265639
      6DE7BF0DADC0881F7ED82D9FCC998B89    - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\browser\nppdf32.dll -    Adobe Acrobat
      510AA818C6033853AAD2571C96487C4A    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll -    RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)
      A203B7672EB56D4CA3EAEA795970B05A    - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll -    RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)
      BB09CC53C23844B3B2A0A39BC30576B6    - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll -    RealPlayer Version Plugin
      E3938E12FFD7FE9518B6185636E3FF06    - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll -    RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
      6E46B7DB2471D0F4BE904488BFC524BB    - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll -    RealJukebox NS Plugin
      AB87EEFFD18F2BAAFC274E7075EA6C67    - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -    Windows Presentation Foundation / Windows Presentation Foundation
      CF46E0E1398B382CE0CE738C67A38DD1    - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -    Windows Live? Photo Gallery
      A3257C59695BD691B433DFF4B3E36C86    - C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll -    Silverlight Plug-In
      0DD687A1F6A242131C3DA07D8BF84AE4    - C:\Program Files\Google\Picasa3\npPicasa3.dll -    Picasa
      073B9D80F013E1B10C70C4660859A407    - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll -    Google Earth Plugin
      54FC590185D7D00D65E53B9A5990DC14    - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll -    Shockwave Flash
      274C5170DF9AFE81421F0728BF301682    - C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrlui.dll -    Microsoft® Silverlight
      ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
      jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[04-09-2011 00:14] Google Slides - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
      Google Docs - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
      Google Drive - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
      YouTube - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      Google Sheets - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
      Google Docs Offline - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
      Chrome Web Store Payments - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
      Gmail - Jo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
      Docs - Rui - Janita\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
      RealPlayer HTML5Video Downloader Extension - Rui - Janita\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://www.google.pt/"
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
      "Tabs"="res://ieframe.dll/tabswelcome.htm"
      "Original Tabs"="res://ieframe.dll/tabswelcome.htm"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
      "DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}] not found ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}"
      HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
      HKLM\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E} - http://search.myheritage.com?orig=ds&q={searchTerms}
      HKCU\SearchScopes "DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}"
      HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
      HKCU\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E} - http://search.myheritage.com?orig=ds&q={searchTerms} ==== HijackThis Entries ====================== R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R3 - URLSearchHook: MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Family Toolbar\tbhelper.dll
      O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
      O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
      O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
      O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
      O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
      O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ==== EOF on 24-01-2017 at  3:13:43.29 ======================   Farbar Service Scanner Version: 27-01-2016
      Ran by Jo (administrator) on 24-01-2017 at 02:57:27
      Running from "C:\Users\Jo\Downloads"
      Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86)
      Boot Mode: Network
      **************************************************************** Internet Services:
      ============ Connection Status:
      ==============
      Localhost is accessible.
      LAN connected.
      Google IP is accessible.
      Google.com is accessible.
      Yahoo.com is accessible.
      Windows Firewall:
      ============= Firewall Disabled Policy:
      ==================
      System Restore:
      ============
      SDRSVC Service is not running. Checking service configuration:
      The start type of SDRSVC service is OK.
      The ImagePath of SDRSVC service is OK.
      The ServiceDll of SDRSVC service is OK. VSS Service is not running. Checking service configuration:
      The start type of VSS service is OK.
      The ImagePath of VSS service is OK.
      System Restore Policy:
      ========================
      Security Center:
      ============ wscsvc Service is not running. Checking service configuration:
      The start type of wscsvc service is OK.
      The ImagePath of wscsvc service is OK.
      The ServiceDll of wscsvc service is OK.
      Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.
      Windows Update:
      ============
      wuauserv Service is not running. Checking service configuration:
      The start type of wuauserv service is OK.
      The ImagePath of wuauserv service is OK.
      The ServiceDll of wuauserv service is OK. BITS Service is not running. Checking service configuration:
      The start type of BITS service is set to Demand. The default start type is Auto.
      The ImagePath of BITS service is OK.
      The ServiceDll of BITS service is OK.
      Checking LEGACY_BITS: ATTENTION!=====> Unable to open LEGACY_BITS\0000 registry key. The key does not exist. EventSystem Service is not running. Checking service configuration:
      The start type of EventSystem service is OK.
      The ImagePath of EventSystem service is OK.
      The ServiceDll of EventSystem service is OK.
      Windows Autoupdate Disabled Policy:
      ============================
      Windows Defender:
      ==============
      WinDefend Service is not running. Checking service configuration:
      The start type of WinDefend service is set to Demand. The default start type is Auto.
      The ImagePath of WinDefend service is OK.
      The ServiceDll of WinDefend service is OK.
      Windows Defender Disabled Policy:
      ==========================
      Other Services:
      ==============
      File Check:
      ========
      C:\Windows\system32\nsisvc.dll => File is digitally signed
      C:\Windows\system32\Drivers\nsiproxy.sys => File is digitally signed
      C:\Windows\system32\dhcpcsvc.dll => File is digitally signed
      C:\Windows\system32\Drivers\afd.sys => File is digitally signed
      C:\Windows\system32\Drivers\tdx.sys => File is digitally signed
      C:\Windows\system32\Drivers\tcpip.sys => File is digitally signed
      C:\Windows\system32\dnsrslvr.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\system32\mpssvc.dll => File is digitally signed
      C:\Windows\system32\bfe.dll => File is digitally signed
      C:\Windows\system32\Drivers\mpsdrv.sys => File is digitally signed
      C:\Windows\system32\SDRSVC.dll => File is digitally signed
      C:\Windows\system32\vssvc.exe => File is digitally signed
      C:\Windows\system32\wscsvc.dll => File is digitally signed
      C:\Windows\system32\wbem\WMIsvc.dll => File is digitally signed
      C:\Windows\system32\wuaueng.dll => File is digitally signed
      C:\Windows\system32\qmgr.dll => File is digitally signed
      C:\Windows\system32\es.dll => File is digitally signed
      C:\Windows\system32\cryptsvc.dll => File is digitally signed
      C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      **** End of log ****   MBRScan v1.1.1 OS             : Windows Vista Service Pack 2 (32 bit) PROCESSOR      : x86 Family 6 Model 15 Stepping 11, GenuineIntel BOOT           : Safe Boot with network DATE           : 2017/01/24 (ISO 8601) at 03:06:49 ________________________________________________________________________________ DISK           : Device\Harddisk0\DR0 __WDC WD5000AAKS-00YGA0 (12.01C02) BUS_TYPE       : (0x03)  P-ATA USE_PIO        : NO MAX_TRANSFER   : 128 Kb ALIGNMENT_MASK : word aligned ________________________________________________________________________________ Device\Harddisk0\DR0    465.8 Go  [Fixed] ==> Vista MBR Code MBR_MD5   : 6E28B82AD94C9FA36131922336A78B2A MBR_SHA1  : 03B7C32FE9B0545C7D635CAAB29BF46552B3E36F Device\Harddisk0\Partition1    166.9 Go      0x07 NTFS / HPFS __ BOOTABLE __ Device\Harddisk0\Partition2    298.8 Go      0x07 NTFS / HPFS ________________________________________________________________________________ ############################### Additional scan ################################ DRIVER  : C:\Windows\System32\Drivers\dump_dumpata.sys => Invisible on the disk ADDRESS : 0x8DAD3000 SIZE    : 44.0 Ko DRIVER  : C:\Windows\System32\Drivers\dump_atapi.sys => Invisible on the disk ADDRESS : 0x8DADE000 SIZE    : 32.0 Ko BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020) SystemStartOptions : /NOEXECUTE=OPTIN /SAFEBOOT:NETWORK /SOS /BOOTLOG /NOGUIBOOT /BOOTLOGO ________________________________________________________________________________ _______MBR   \Device\Harddisk0\DR0   0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.м.|.À.ؾ.|¿. 0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹.. 0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 10 01 83 C5 10   ½¾..~..|......Å. 0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF.. 0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu. 0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t 0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h. 0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ. 0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V. 0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1E FE   .v..N..n.Í.fas.þ 0x000000A0   4E 11 0F 85 0C 00 80 7E 00 80 0F 84 8A 00 B2 80   N......~......². 0x000000B0   EB 82 55 32 E4 8A 56 00 CD 13 5D EB 9C 81 3E FE   ë.U2ä.V.Í.]ë..>þ 0x000000C0   7D 55 AA 75 6E FF 76 00 E8 8A 00 0F 85 15 00 B0   }Uªun.v.è......° 0x000000D0   D1 E6 64 E8 7F 00 B0 DF E6 60 E8 78 00 B0 FF E6   Ñædè..°ßæ`èx.°.æ 0x000000E0   64 E8 71 00 B8 00 BB CD 1A 66 23 C0 75 3B 66 81   dèq.¸.»Í.f#Àu;f. 0x000000F0   FB 54 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07   ûTCPAu2.ù..r,fh. 0x00000100   BB 00 00 66 68 00 02 00 00 66 68 08 00 00 00 66   »..fh....fh....f 0x00000110   53 66 53 66 55 66 68 00 00 00 00 66 68 00 7C 00   SfSfUfh....fh.|. 0x00000120   00 66 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00   .fah...Í.Z2öê.|. 0x00000130   00 CD 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07   .Í..·.ë..¶.ë..µ. 0x00000140   32 E4 05 00 07 8B F0 AC 3C 00 74 FC BB 07 00 B4   2ä....ð¬<.tü»..´ 0x00000150   0E CD 10 EB F2 2B C9 E4 64 EB 00 24 02 E0 F8 24   .Í.ëò+Éädë.$.àø$ 0x00000160   02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 74   .ÃInvalid partit 0x00000170   69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 20   ion table.Error 0x00000180   6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 6E   loading operatin 0x00000190   67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E 67   g system.Missing 0x000001A0   20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 65    operating syste 0x000001B0   6D 00 00 00 00 62 7A 99 0D 43 C2 88 00 00 80 20   m....bz..CÂ.... 0x000001C0   21 00 07 FE FF FF 00 08 00 00 00 D0 DD 14 00 FE   !..þ.......ÐÝ..þ 0x000001D0   FF FF 07 FE FF FF 00 D8 DD 14 00 78 5A 25 00 00   ...þ...ØÝ..xZ%.. 0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................ 0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª
    • Mais uma vez, obrigado, Elias. Fechando o tópico.
    • Olá a todos recentemente meu computador se tornou incapaz de receber a conexão de internet vinda do meu celular, ja testei com outros e mesmo assim o problema continua, quando tento dar ip config renew ele me diz o seguinte "Erro ao liberar interface Loopback Pseudo-Interface 1: O sistema não pode encontrar o arquivo especificado.   O que posso fazer ?
    • Olá, boa noite. Meu computador, esta travando todos os programas, photoshop, corel e outros, ele desliga sozinho, não consigo passar o antivirus avast e nem abrir o provedor do google. está muito lento e não consigo abrir nenhuma pasta de documentos. Acho que é isso. Obrigada pela atenção Fabiana
    • Ao rodar o HijackThis, apareceram duas mensagens de erro, mas o log foi salvo. Grato. Malwarebytes: Malwarebytes
      www.malwarebytes.com -Detalhes de registro-
      Data da análise: 23/01/17
      Hora da análise: 21:31
      Arquivo de registro: 
      Administrador: Sim -Informação do software-
      Versão: 3.0.5.1299
      Versão de componentes: 1.0.43
      Versão do pacote de definições: 1.0.1084
      Licença: Versão de avaliação -Informação do sistema-
      Sistema operacional: Windows 10
      CPU: x64
      Sistema de arquivos: NTFS
      Usuário: FABRICIO-PC\Fabr\u00c3\u00adcio -Resumo da análise-
      Tipo de análise: Análise de Ameaças
      Resultado: Concluído
      Objetos verificados: 612563
      Tempo decorrido: 28 min, 3 seg -Opções da análise-
      Memória: Habilitado
      Inicialização: Habilitado
      Sistema de arquivos: Habilitado
      Arquivos compactados: Habilitado
      Rootkits: Habilitado
      Heurística: Habilitado
      PUP: Habilitado
      PUM: Habilitado -Detalhes da análise-
      Processo: 0
      (Nenhum item malicioso detectado) Módulo: 0
      (Nenhum item malicioso detectado) Chave de registro: 1
      PUP.Optional.Conduit, HKLM\SOFTWARE\DIVX\INSTALL\SETUP\WIZARDLAYOUT\ConduitToolbar, Nenhuma ação do usuário, [716], [183615],1.0.1084 Valor de registro: 0
      (Nenhum item malicioso detectado) Fluxo de dados: 0
      (Nenhum item malicioso detectado) Pasta: 0
      (Nenhum item malicioso detectado) Arquivo: 1
      PUP.Optional.SysTweak, C:\WINDOWS\SYSTEM32\ROBOOT64.EXE, Nenhuma ação do usuário, [321], [336802],1.0.1084 Setor físico: 0
      (Nenhum item malicioso detectado)
      (end)   HijackThis: Logfile of HijackThis v1.99.1
      Scan saved at 22:21:53, on 23/01/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.14393.0000) Running processes:
      C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
      C:\PROGRA~2\GbPlugin\GbpSv.exe
      C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
      C:\Program Files\AVAST Software\Avast\avastui.exe
      C:\WINDOWS\SysWOW64\ctfmon.exe
      C:\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com.br/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE11PTBR/MCM_WCP
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
      O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O2 - BHO: (no name) - {451C804F-C205-4F03-B48E-537EC94937BF} - (no file)
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
      O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
      O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
      O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe
      O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
      O4 - HKCU\..\Run: [Google Update] C:\Users\Fabrício\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Fabrício\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabrício\AppData\Local\Microsoft\OneDrive\17.3.6386.0412_1\amd64"
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Fabrício\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fabrício\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
      O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
      O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
      O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
      O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
      O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
      O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
      O10 - Unknown file in Winsock LSP: c:\program files (x86)\bonjour\mdnsnsp.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O11 - Options group: [INTERNATIONAL] International
      O13 - Gopher Prefix: 
      O15 - Trusted Zone: www.bancobrasil.com.br
      O15 - Trusted Zone: www14.bancobrasil.com.br
      O15 - Trusted Zone: www2.bancobrasil.com.br
      O15 - Trusted Zone: aapj.bb.com.br
      O15 - Trusted Zone: seg.bb.com.br
      O15 - Trusted Zone: www.bb.com.br
      O15 - Trusted Zone: http://www.bb.com.br
      O15 - Trusted Zone: http://download.cnet.com
      O15 - Trusted Zone: cloud.gastecnologia.com.br
      O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: skype4com - (no CLSID) - (no file)
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
      O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
      O20 - AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvsmi.inf_amd64_a21c8f6c576d9a7c\nvinit.dll
      O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
      O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      O23 - Service: Advanced SystemCare Service 10 (AdvancedSystemCareService10) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
      O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30011 (AppHostSvc) - Unknown owner - %windir%\system32\svchost.exe (file missing)
      O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: Serviço Clique para Executar do Microsoft Office (ClickToRunSvc) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service (file missing)
      O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
      O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files (x86)\Common Files\Desura\desura_service.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
      O23 - Service: SCP DS3 Service (Ds3Service) - Scarlet.Crush Productions - C:\Program Files\Scarlet.Crush Productions\ScpService.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
      O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
      O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
      O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (file missing)
      O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc (file missing)
      O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
      O23 - Service: isesrv - Unknown owner - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe" -service (file missing)
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
      O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
      O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
      O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
      O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
      O23 - Service: @%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195 (NetMsmqActivator) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator (file missing)
      O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\windows\system32\GameMon.des.exe (file missing)
      O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - Unknown owner - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem (file missing)
      O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - Unknown owner - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService (file missing)
      O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - Unknown owner - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem (file missing)
      O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
      O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
      O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
      O23 - Service: Steam Client Service - Unknown owner - C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService (file missing)
      O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
      O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
      O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
      O23 - Service: vToolbarUpdater15.2.0 - AVG Secure Search - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
      O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30014 (w3logsvc) - Unknown owner - %windir%\system32\svchost.exe (file missing)
      O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30003 (W3SVC) - Unknown owner - %windir%\system32\svchost.exe (file missing)
      O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe
      O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30001 (WAS) - Unknown owner - %windir%\system32\svchost.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - %ProgramFiles%\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - %ProgramFiles%\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)  
    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VIAKaraokeService Quero saber se o VIA Karaoke é um Cavalo de Troia ou outro tipo de virus?Esta no meu PC e pelo que li pode  ser ou não.
    • Baixe o Malwarebytes' Anti-Malware (MBAM). Dê um duplo-clique no mbam-setup.exe para instalar o programa. Desmarque a caixa Ativar trial gratuito do MalwareBytes Anti-Malware PRO. A que deve estar marcada é a caixa Executar Malwarebytes Anti-Malware. Clique então, em Concluir. Se houver atualizações a serem feitas, serão baixadas e instaladas. Ao final da atualização, caso o programa tenha sido instalado em Inglês, com o programa aberto, clique em Settings e no campo Language mude para Portuguese (Brasil). Em Configurações e depois em Detecção e proteção. Em Opções de detecção, marque Procurar rootkits e Verificar nos arquivos. Em Proteção contra non-malware, nas opções Detecções PUP (programas potencialmente indesejados) e Detecções PUM (modificações potencialmente indesejadas), selecione Tratar detecções como malware. Depois clique em Painel e no botão Verificar. Começará então o exame. Aguarde, pois pode demorar. Ao acabar o exame, se houver ítens encontrados, clique em Salvar resultados. Escolha Arquivo de texto (*.txt) para salvar o log. NÃO USE O FORMATO ARQUIVO .XML PARA SALVAR O LOG. Depois de ter feito isso, clique agora no botão Remover selecionados. Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo). Selecione, copie e cole todo o conteúdo do log que salvou, na sua próxima resposta, juntamente com um novo log do HijackThis.
      NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.  
    • Elias, devo remover os threats selecionados? O roguekiller.txt está na área de trabalho, mas já tentei várias vezes selecionar o texto, copiar e o resultado da colagem é sempre o link abaixo: http://www.adlice.com/contact/ Posso te mandar o arquivo inteiro "fechado"?
  • Aniversariantes de Hoje

    1. alexandreramos
      alexandreramos
      (%s anos)
    2. anjiver
      anjiver
      (%s anos)
    3. BUSMÃO
      BUSMÃO
      (%s anos)
    4. CLMA2401
      CLMA2401
      (%s anos)
    5. davph
      davph
      (%s anos)
    View all
  • Próximos Eventos

    Nenhum evento futuro encontrado