Ir ao conteúdo
  • Cadastre-se
lcsmarsom

Problemas com paginas abrindo

Recommended Posts

estou usando o chrome e do nada se deixar uns 2 3 minutos sem mexer quando clico pra ir em outra pagina abre uma pagina de vendas um tal de shoppingdeals, e tambem essas abas , gostaria de saber como tirar,

 

imagem do problema

http://postimg.org/image/4m8uj3i2z/full/

ZA-Scan.txt

Editado por lcsmarsom

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá @lcsmarsom

 

Por favor, atente para o seguinte:
  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

1)
 
Faça o download do Farbar Service Scanner e salve em seu Desktop

  • Marque as caixas:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Clique em Scan
  • Será criado um log (FSS.txt) no Desktop
  • Anexe o do log em sua próxima resposta.

2)

Baixe MbrScan.exe by Eric_71 > salve no desktop.
 
Dê um duplo-clique para executar a ferramenta. Clique no botão Scan. Ao final do exame clique no botão Report. Abrirá um bloco de notas com o resultado do exame. É salvo no desktop com o nome de MbrScan.log.
 
Selecione, copie e cole o seu conteúdo na próxima resposta.

 

3)

 

Baixe o 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR)

Extraia o arquivos para sua área de trabalho

  • Acesse a pasta mbar e execute o arquivo mbar.exe
  • Clique no botão Next, depois em Update,
  • Clique novamente em Next, e em seguida em Scan.
  • Ao final, Não clique no Cleanup, basta apenas sair do programa.
  • Anexe os logs mbar-log.txt e system-log.txt , localizado na pasta mbar

Compartilhar este post


Link para o post
Compartilhar em outros sites
MBRScan v1.1.1 OS             : Windows 7  (64 bit)PROCESSOR      : Intel64 Family 6 Model 58 Stepping 9, GenuineIntelBOOT           : Normal BootDATE           : 2015/09/20 (ISO 8601) at 17:28:32________________________________________________________________________________ DISK           : Device\Harddisk0\DR0 __WDC WD10EZEX-00RKKA0 (80.00A80)BUS_TYPE       : (0x03)  P-ATAUSE_PIO        : NOMAX_TRANSFER   : 128 KbALIGNMENT_MASK : word aligned________________________________________________________________________________ Device\Harddisk0\DR0 931.5 Go  [Fixed] ==> 7 MBR Code MBR_MD5   : 30EA00599088E4EAEE3AA393A39895CEMBR_SHA1  : 03F98FE458EDF60ACC26D974E122F2FE07DCC789 Device\Harddisk0\Partition1 100.0 Mo   0x07 NTFS / HPFS __ BOOTABLE __Device\Harddisk0\Partition2 638.4 Go   0x07 NTFS / HPFSDevice\Harddisk0\Partition3 293.0 Go   0x07 NTFS / HPFS________________________________________________________________________________ ############################### Additional scan ################################ DRIVER  : C:\Windows\system32\hal.dll => Invisible on the diskADDRESS : 0x033F4000SIZE    : 292.0 Ko DRIVER  : C:\Windows\system32\kdcom.dll => Invisible on the diskADDRESS : 0x00BB6000SIZE    : 40.0 Ko DRIVER  : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the diskADDRESS : 0x00CA5000SIZE    : 272.0 Ko DRIVER  : C:\Windows\system32\CLFS.SYS => Invisible on the diskADDRESS : 0x00CFD000SIZE    : 376.0 Ko DRIVER  : C:\Windows\system32\CI.dll => Invisible on the diskADDRESS : 0x00E58000SIZE    : 768.0 Ko DRIVER  : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the diskADDRESS : 0x00F18000SIZE    : 656.0 Ko DRIVER  : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the diskADDRESS : 0x00FBC000SIZE    : 60.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\ACPI.sys => Invisible on the diskADDRESS : 0x00E00000SIZE    : 348.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\WMILIB.SYS => Invisible on the diskADDRESS : 0x00FCB000SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\msisadrv.sys => Invisible on the diskADDRESS : 0x00FD4000SIZE    : 40.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\pci.sys => Invisible on the diskADDRESS : 0x00D5B000SIZE    : 204.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\vdrvroot.sys => Invisible on the diskADDRESS : 0x00FDE000SIZE    : 52.0 Ko DRIVER  : C:\Windows\System32\drivers\partmgr.sys => Invisible on the diskADDRESS : 0x00FEB000SIZE    : 84.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\volmgr.sys => Invisible on the diskADDRESS : 0x00D8E000SIZE    : 84.0 Ko DRIVER  : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the diskADDRESS : 0x00DA3000SIZE    : 368.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\pciide.sys => Invisible on the diskADDRESS : 0x00C00000SIZE    : 28.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\PCIIDEX.SYS => Invisible on the diskADDRESS : 0x00C07000SIZE    : 64.0 Ko DRIVER  : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the diskADDRESS : 0x00C17000SIZE    : 104.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\atapi.sys => Invisible on the diskADDRESS : 0x00C31000SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\ataport.SYS => Invisible on the diskADDRESS : 0x00C3A000SIZE    : 168.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\amdxata.sys => Invisible on the diskADDRESS : 0x00C64000SIZE    : 44.0 Ko DRIVER  : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the diskADDRESS : 0x010A7000SIZE    : 304.0 Ko DRIVER  : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the diskADDRESS : 0x010F3000SIZE    : 80.0 Ko DRIVER  : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the diskADDRESS : 0x0122A000SIZE    : 1.64 Mo DRIVER  : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the diskADDRESS : 0x01107000SIZE    : 376.0 Ko DRIVER  : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the diskADDRESS : 0x013CD000SIZE    : 104.0 Ko DRIVER  : C:\Windows\System32\Drivers\cng.sys => Invisible on the diskADDRESS : 0x01165000SIZE    : 460.0 Ko DRIVER  : C:\Windows\System32\drivers\pcw.sys => Invisible on the diskADDRESS : 0x013E7000SIZE    : 68.0 Ko DRIVER  : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the diskADDRESS : 0x01200000SIZE    : 40.0 Ko DRIVER  : C:\Windows\system32\drivers\ndis.sys => Invisible on the diskADDRESS : 0x01455000SIZE    : 968.0 Ko DRIVER  : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the diskADDRESS : 0x01547000SIZE    : 384.0 Ko DRIVER  : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the diskADDRESS : 0x015A7000SIZE    : 172.0 Ko DRIVER  : C:\Windows\System32\drivers\tcpip.sys => Invisible on the diskADDRESS : 0x01603000SIZE    : 1.99 Mo DRIVER  : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the diskADDRESS : 0x01400000SIZE    : 296.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\vmstorfl.sys => Invisible on the diskADDRESS : 0x015D2000SIZE    : 64.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\volsnap.sys => Invisible on the diskADDRESS : 0x01000000SIZE    : 304.0 Ko DRIVER  : C:\Windows\System32\Drivers\spldr.sys => Invisible on the diskADDRESS : 0x015E2000SIZE    : 32.0 Ko DRIVER  : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the diskADDRESS : 0x0104C000SIZE    : 232.0 Ko DRIVER  : C:\Windows\System32\Drivers\mup.sys => Invisible on the diskADDRESS : 0x015EA000SIZE    : 72.0 Ko DRIVER  : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the diskADDRESS : 0x0144A000SIZE    : 36.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the diskADDRESS : 0x0183D000SIZE    : 232.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\disk.sys => Invisible on the diskADDRESS : 0x01877000SIZE    : 88.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\CLASSPNP.SYS => Invisible on the diskADDRESS : 0x0188D000SIZE    : 192.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the diskADDRESS : 0x018F3000SIZE    : 168.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\asd2fsm.sys => Invisible on the diskADDRESS : 0x0191D000SIZE    : 64.0 Ko DRIVER  : C:\Windows\System32\Drivers\Null.SYS => Invisible on the diskADDRESS : 0x0192D000SIZE    : 36.0 Ko DRIVER  : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the diskADDRESS : 0x01936000SIZE    : 28.0 Ko DRIVER  : C:\Windows\System32\drivers\vga.sys => Invisible on the diskADDRESS : 0x0193D000SIZE    : 56.0 Ko DRIVER  : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the diskADDRESS : 0x0194B000SIZE    : 148.0 Ko DRIVER  : C:\Windows\System32\drivers\watchdog.sys => Invisible on the diskADDRESS : 0x01970000SIZE    : 64.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the diskADDRESS : 0x01980000SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the diskADDRESS : 0x01989000SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the diskADDRESS : 0x01992000SIZE    : 36.0 Ko DRIVER  : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the diskADDRESS : 0x0199B000SIZE    : 44.0 Ko DRIVER  : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the diskADDRESS : 0x019A6000SIZE    : 68.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the diskADDRESS : 0x019B7000SIZE    : 120.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the diskADDRESS : 0x019D5000SIZE    : 52.0 Ko DRIVER  : C:\Windows\system32\drivers\afd.sys => Invisible on the diskADDRESS : 0x02C5F000SIZE    : 552.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the diskADDRESS : 0x02CE9000SIZE    : 276.0 Ko DRIVER  : C:\Windows\system32\drivers\ws2ifsl.sys => Invisible on the diskADDRESS : 0x02D2E000SIZE    : 44.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the diskADDRESS : 0x02D39000SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the diskADDRESS : 0x02D42000SIZE    : 152.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the diskADDRESS : 0x02D68000SIZE    : 60.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\serial.sys => Invisible on the diskADDRESS : 0x02D77000SIZE    : 116.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the diskADDRESS : 0x02D94000SIZE    : 108.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\termdd.sys => Invisible on the diskADDRESS : 0x02DAF000SIZE    : 80.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the diskADDRESS : 0x02C00000SIZE    : 324.0 Ko DRIVER  : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the diskADDRESS : 0x02C51000SIZE    : 48.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\mssmbios.sys => Invisible on the diskADDRESS : 0x02DC3000SIZE    : 44.0 Ko DRIVER  : C:\Windows\System32\drivers\discache.sys => Invisible on the diskADDRESS : 0x02DCE000SIZE    : 60.0 Ko DRIVER  : C:\Windows\system32\drivers\csc.sys => Invisible on the diskADDRESS : 0x03AB4000SIZE    : 524.0 Ko DRIVER  : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the diskADDRESS : 0x03B37000SIZE    : 120.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\blbdrive.sys => Invisible on the diskADDRESS : 0x03B55000SIZE    : 68.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\nvlddmkm.sys => Invisible on the diskADDRESS : 0x0480C000SIZE    : 10.86 Mo DRIVER  : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the diskADDRESS : 0x052E8000SIZE    : 976.0 Ko DRIVER  : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the diskADDRESS : 0x03B8C000SIZE    : 280.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\HDAudBus.sys => Invisible on the diskADDRESS : 0x053DC000SIZE    : 144.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\HECIx64.sys => Invisible on the diskADDRESS : 0x03BD2000SIZE    : 76.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\usbehci.sys => Invisible on the diskADDRESS : 0x03BE5000SIZE    : 68.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\USBPORT.SYS => Invisible on the diskADDRESS : 0x03A00000SIZE    : 344.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\Rt64win7.sys => Invisible on the diskADDRESS : 0x040EB000SIZE    : 716.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\serenum.sys => Invisible on the diskADDRESS : 0x0419E000SIZE    : 48.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\intelppm.sys => Invisible on the diskADDRESS : 0x041AA000SIZE    : 88.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\wmiacpi.sys => Invisible on the diskADDRESS : 0x041C0000SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\CompositeBus.sys => Invisible on the diskADDRESS : 0x041C9000SIZE    : 64.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the diskADDRESS : 0x041D9000SIZE    : 88.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the diskADDRESS : 0x04000000SIZE    : 144.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the diskADDRESS : 0x04024000SIZE    : 48.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the diskADDRESS : 0x04030000SIZE    : 188.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the diskADDRESS : 0x0405F000SIZE    : 108.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the diskADDRESS : 0x0407A000SIZE    : 132.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the diskADDRESS : 0x0409B000SIZE    : 104.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\rdpbus.sys => Invisible on the diskADDRESS : 0x040B5000SIZE    : 44.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\kbdclass.sys => Invisible on the diskADDRESS : 0x040C0000SIZE    : 60.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\mouclass.sys => Invisible on the diskADDRESS : 0x040CF000SIZE    : 60.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\swenum.sys => Invisible on the diskADDRESS : 0x040DE000SIZE    : 8.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\ks.sys => Invisible on the diskADDRESS : 0x03A56000SIZE    : 268.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\umbus.sys => Invisible on the diskADDRESS : 0x03A99000SIZE    : 72.0 Ko DRIVER  : C:\Windows\system32\drivers\nvvad64v.sys => Invisible on the diskADDRESS : 0x041EF000SIZE    : 52.0 Ko DRIVER  : C:\Windows\system32\drivers\portcls.sys => Invisible on the diskADDRESS : 0x01800000SIZE    : 244.0 Ko DRIVER  : C:\Windows\system32\drivers\drmk.sys => Invisible on the diskADDRESS : 0x02DDD000SIZE    : 136.0 Ko DRIVER  : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the diskADDRESS : 0x040E0000SIZE    : 24.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\usbhub.sys => Invisible on the diskADDRESS : 0x0445F000SIZE    : 360.0 Ko DRIVER  : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the diskADDRESS : 0x044B9000SIZE    : 84.0 Ko DRIVER  : C:\Windows\system32\drivers\nvhda64v.sys => Invisible on the diskADDRESS : 0x044CE000SIZE    : 208.0 Ko DRIVER  : C:\Windows\system32\drivers\HdAudio.sys => Invisible on the diskADDRESS : 0x04502000SIZE    : 368.0 Ko DRIVER  : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the diskADDRESS : 0x0455E000SIZE    : 56.0 Ko DRIVER  : C:\Windows\System32\Drivers\dump_dumpata.sys => Invisible on the diskADDRESS : 0x0456C000SIZE    : 48.0 Ko DRIVER  : C:\Windows\System32\Drivers\dump_atapi.sys => Invisible on the diskADDRESS : 0x04578000SIZE    : 36.0 Ko DRIVER  : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the diskADDRESS : 0x04581000SIZE    : 76.0 Ko DRIVER  : C:\Windows\System32\win32k.sys => Invisible on the diskADDRESS : 0x00080000SIZE    : 3.06 Mo DRIVER  : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the diskADDRESS : 0x04594000SIZE    : 48.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the diskADDRESS : 0x045A0000SIZE    : 56.0 Ko DRIVER  : C:\Windows\System32\TSDDD.dll => Invisible on the diskADDRESS : 0x00550000SIZE    : 40.0 Ko DRIVER  : C:\Windows\System32\cdd.dll => Invisible on the diskADDRESS : 0x00740000SIZE    : 156.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\usbccgp.sys => Invisible on the diskADDRESS : 0x045AE000SIZE    : 116.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the diskADDRESS : 0x045CB000SIZE    : 8.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\hidusb.sys => Invisible on the diskADDRESS : 0x045CD000SIZE    : 56.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\HIDCLASS.SYS => Invisible on the diskADDRESS : 0x045DB000SIZE    : 100.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\HIDPARSE.SYS => Invisible on the diskADDRESS : 0x045F4000SIZE    : 36.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\mouhid.sys => Invisible on the diskADDRESS : 0x04400000SIZE    : 52.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\kbdhid.sys => Invisible on the diskADDRESS : 0x0440D000SIZE    : 56.0 Ko DRIVER  : C:\Windows\system32\drivers\usbaudio.sys => Invisible on the diskADDRESS : 0x0441B000SIZE    : 108.0 Ko DRIVER  : C:\Windows\system32\drivers\luafv.sys => Invisible on the diskADDRESS : 0x04436000SIZE    : 140.0 Ko DRIVER  : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the diskADDRESS : 0x03B66000SIZE    : 132.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the diskADDRESS : 0x018BD000SIZE    : 84.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the diskADDRESS : 0x018D2000SIZE    : 96.0 Ko DRIVER  : C:\Windows\system32\drivers\HTTP.sys => Invisible on the diskADDRESS : 0x08E54000SIZE    : 800.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the diskADDRESS : 0x08F1C000SIZE    : 120.0 Ko DRIVER  : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the diskADDRESS : 0x08F3A000SIZE    : 96.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the diskADDRESS : 0x08F52000SIZE    : 176.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the diskADDRESS : 0x08F7E000SIZE    : 308.0 Ko DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the diskADDRESS : 0x08FCB000SIZE    : 140.0 Ko DRIVER  : C:\Windows\system32\drivers\peauth.sys => Invisible on the diskADDRESS : 0x0A6E8000SIZE    : 664.0 Ko DRIVER  : C:\Windows\system32\drivers\rzpmgrk.sys => Invisible on the diskADDRESS : 0x0A78E000SIZE    : 32.0 Ko DRIVER  : C:\Windows\system32\drivers\rzpnk.sys => Invisible on the diskADDRESS : 0x0A796000SIZE    : 120.0 Ko DRIVER  : C:\Windows\System32\Drivers\secdrv.SYS => Invisible on the diskADDRESS : 0x0A7B4000SIZE    : 44.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the diskADDRESS : 0x0A7BF000SIZE    : 180.0 Ko DRIVER  : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the diskADDRESS : 0x0A7EC000SIZE    : 72.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the diskADDRESS : 0x0A600000SIZE    : 420.0 Ko DRIVER  : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the diskADDRESS : 0x0ACD9000SIZE    : 608.0 Ko DRIVER  : C:\Windows\system32\drivers\spsys.sys => Invisible on the diskADDRESS : 0x0AD89000SIZE    : 452.0 Ko DRIVER  : C:\Windows\System32\smss.exe => Invisible on the diskADDRESS : 0x478C0000SIZE    : 128.0 Ko BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020) SystemStartOptions :  NOEXECUTE=OPTIN ________________________________________________________________________________ _______MBR   \Device\Harddisk0\DR0   0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.м.|.À.ؾ.|¿.0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst0x000001B0   65 6D 00 00 00 63 7B 9A 76 C1 CA 9F 00 00 80 20   em...c{.vÁÊ.... 0x000001C0   21 00 07 DF 13 0C 00 08 00 00 00 20 03 00 00 DF   !..ß....... ...ß0x000001D0   14 0C 07 FE FF FF 00 28 03 00 00 38 CE 4F 00 FE   ...þ...(...8ÎO.þ0x000001E0   FF FF 07 FE FF FF 00 60 D1 4F 00 F8 9E 24 00 00   ...þ...`ÑO.ø.$..0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

Obrigado por responder =D

FSS.txt

mbar-log-2015-09-20 (17-31-16).txt

system-log.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok,

 

1)
 
Baixe o AdwCleaner e salve em sua área de trabalho (Desktop)
https://toolslib.net...d/1-adwcleaner/

Execute o arquivo adwcleaner.exe

*** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo adwcleaner.exe, depois clique em execadmin.png.
 
Clique na aba Opções e deixe marcado apenas "Redefinir Políticas do IE" e "Redefinir Políticas do Chrome"

Clique no botão Verificar e aguarde o exame finalizar.

Clique no botão Limpar.

Abrirá um bloco de notas com o resultado. Selecione, copie e cole o seu conteúdo na próxima resposta.
 
O log também será salvo em C:\AdwCleaner

NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.
 
2)

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe 1268r49.png e salve em sua área de trabalho (Desktop). Dê um duplo-clique para executar o Junkware Removal Tool (JRT).

* No Windows Vista e Windows 7:

Clique com o direito sobre o JRT.exe e selecione run_as_adm1.png

A ferramenta começara o exame do seu sistema. Tenha paciência pois pode demorar um pouco dependendo da quantidades de ítens a examinar.

Ao final, um log se abrirá. É salvo no desktop com o nome de JRT.txt.

Selecione, copie e cole o conteúdo deste log na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites
# AdwCleaner v5.008 - Relatório criado 25/09/2015 às 20:30:33

# Atualizado 18/09/2015 por Xplode

# Banco de dados : 2015-09-23.1 [servidor]

# Sistema operacional : Windows 7 Ultimate  (x64)

# Usuário : seven - SEVEN-PC

# Executando de : C:\Users\seven\Desktop\adwcleaner_5.008.exe

# Opção : Limpar


 

***** [ Serviços ] *****

 

 

***** [ Pastas ] *****

 

[#] Pasta Excluído : C:\Users\seven\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk

 

***** [ Arquivos ] *****

 

[-] Arquivo Excluído : C:\Users\seven\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp

[-] Arquivo Excluído : C:\Users\seven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jcgcoifbkbphhjnekfkmohklfaimhikk_0.localstorage

[-] Arquivo Excluído : C:\Users\seven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jcgcoifbkbphhjnekfkmohklfaimhikk_0.localstorage-journal

[-] Arquivo Excluído : C:\Windows\Sysnative\WinDivert64.sys

 

***** [ Atalhos ] *****

 

 

***** [ Tarefas agendadas ] *****

 

 

***** [ Registro ] *****

 

[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}

[-] Chave Excluída : HKU\.DEFAULT\Software\{b52a04f2-e793-40f1-a041-3ddbe1b31408}

[-] Chave Excluída : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}

[-] Chave Excluída : HKCU\Software\WEBAPP

[-] Chave Excluída : HKCU\Software\{b52a04f2-e793-40f1-a041-3ddbe1b31408}

[-] Chave Excluída : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}

[-] Chave Excluída : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider

[!] Chave Não Excluída : [x64] HKCU\Software\WEBAPP

[!] Chave Não Excluída : [x64] HKCU\Software\{b52a04f2-e793-40f1-a041-3ddbe1b31408}

 

***** [ Navegadores ] *****

 

[-] [C:\Users\seven\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Excluído : jcgcoifbkbphhjnekfkmohklfaimhikk

 

*************************

 

:: Políticas do Chrome excluídas

 

*************************

 

C:\AdwCleaner[s3].txt - [300 bytes] - [09/09/2015 22:55:44]

C:\AdwCleaner[s4].txt - [300 bytes] - [09/09/2015 22:56:02]

 

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2262 bytes] ##########

 


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 7.6.3 (09.21.2015:1)

OS: Windows 7 Ultimate x64

Ran by seven on 25/09/2015 at 20:35:35,72

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Tasks

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ Chrome

 

 

[C:\Users\seven\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

 

[C:\Users\seven\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

 

[C:\Users\seven\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

 

[C:\Users\seven\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:

[]

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 25/09/2015 at 20:38:03,75

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Compartilhar este post


Link para o post
Compartilhar em outros sites
 

ZA-Scan V1.0.0.4 Updated 27-09-2015

Tool run by seven on 27/09/2015 at 11:08:02,76.

Microsoft Windows 7 Ultimate  6.1.7600  x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\seven\Desktop\ZA-Scan.exe [Z-Analyse Scan]

 

==== Running Processes ======================

 

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe

C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Srv.exe

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Users\seven\AppData\Local\Crsoft\crsvc.exe

C:\Users\seven\AppData\Roaming\DNSHelper\DNSSVC.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Users\seven\AppData\Roaming\NetService\netservice.exe

C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

C:\Windows\SysWOW64\IoctlSvc.exe

C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe

C:\Program Files (x86)\Popcorn Time\Updater.exe

C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

C:\Users\seven\AppData\Roaming\Spotify\SpotifyWebHelper.exe

C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe

C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe

C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe

C:\Users\seven\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Users\seven\Desktop\ZA-Scan.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

C:\Users\seven\AppData\Local\Temp\ZAScan.exe

 

==== Services(whitelist) ======================

Powered by E Dev

 

R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe

R2 - [AnviCsbSvc] - Anvi Cloud System Booster Speed Service - c:\program files (x86)\anvisoft\cloud system booster\csbsvc.exe

R2 - [ASD2Svc] - Anvi Smart Defender 2 Service - c:\program files (x86)\anvisoft\anvi smart defender\asd2srv.exe

R2 - [Crashhd] - Windows Crash Handler - c:\users\seven\appdata\local\crsoft\crsvc.exe

R2 - [DNSSVC] - DNS Helper - c:\users\seven\appdata\roaming\dnshelper\dnssvc.exe

R2 - [GbpSv] - Gbp Service - c:\progra~2\gbplugin\gbpsv.exe

R2 - [GfExperienceService] - NVIDIA GeForce Experience Service - c:\program files\nvidia corporation\geforce experience service\gfexperienceservice.exe

R2 - [intel® Capability Licensing Service Interface] - Intel® Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe

R2 - [jhi_service] - Intel® Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel® management engine components\dal\jhi_service.exe

R2 - [LMS] - Intel® Management and Security Application Local Management Service - c:\program files (x86)\intel\intel® management engine components\lms\lms.exe

R2 - [Nero BackItUp Scheduler 3] - Nero BackItUp Scheduler 3 - c:\program files (x86)\nero\nero8\nero backitup\nbservice.exe

R2 - [NetTcpHandler] - Net.Tcp Service Handler - c:\users\seven\appdata\roaming\netservice\netservice.exe

R2 - [NvNetworkService] - NVIDIA Network Service - c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe

R2 - [NvStreamSvc] - NVIDIA Streamer Service - c:\program files\nvidia corporation\nvstreamsrv\nvstreamservice.exe

R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe

R2 - [PLFlash DeviceIoControl Service] - PLFlash DeviceIoControl Service - c:\windows\syswow64\ioctlsvc.exe

R2 - [Razer Game Scanner Service] - Razer Game Scanner - c:\program files (x86)\razer\razer services\gss\gamescannerservice.exe

R2 - [sppsvc] - Proteção de Software - c:\windows\system32\sppsvc.exe

R2 - [stereo Service] - NVIDIA Stereoscopic 3D Driver Service - c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe

R2 - [uNS] - Intel® Management and Security Application User Notification Service - c:\program files (x86)\intel\intel® management engine components\uns\uns.exe

R2 - [update service] - Update service - c:\program files (x86)\popcorn time\updater.exe

R2 - [Warsaw Technology] - Warsaw Technology - c:\program files\diebold\warsaw\core.exe

R2 - [WMPNetworkSvc] - Serviço de Compartilhamento de Rede do Windows Media Player - c:\program files\windows media player\wmpnetwk.exe

R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe

R3 - [VSS] - Cópia de Sombra de Volume - c:\windows\system32\vssvc.exe

S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe

S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe

S2 - [gupdate] - Serviço do Google Update (gupdate) - c:\program files (x86)\google\update\googleupdate.exe

S2 - [KMService] - KMService - c:\windows\system32\srvany.exe [x]

S2 - [skypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe

S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe

S3 - [ALG] - Serviço Gateway de Camada de Aplicativo - c:\windows\system32\alg.exe

S3 - [aspnet_state] - ASP.NET State Service - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe

S3 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe

S3 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe

S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe

S3 - [cphs] - Intel® Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe

S3 - [EasyAntiCheat] - EasyAntiCheat - c:\windows\system32\easyanticheat.exe [x]

S3 - [ehRecvr] - Serviço Receptor do Windows Media Center - c:\windows\ehome\ehrecvr.exe

S3 - [ehSched] - Serviço Agendador do Windows Media Center - c:\windows\ehome\ehsched.exe

S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe

S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe

S3 - [gupdatem] - Serviço do Google Update (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe

S3 - [iDriverT] - InstallDriver Table Manager - c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe

S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files (x86)\microsoft office\office14\groove.exe

S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe

S3 - [MSDTC] - Coordenador de transações distribuídas - c:\windows\system32\msdtc.exe

S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe

S3 - [NMIndexingService] - NMIndexingService - c:\program files (x86)\common files\nero\lib\nmindexingservice.exe

S3 - [Origin Client Service] - Origin Client Service - c:\program files (x86)\origin\originclientservice.exe

S3 - [ose] - Office  Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe

S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe

S3 - [PerfHost] - Host de DLL de Contador de Desempenho - c:\windows\syswow64\perfhost.exe

S3 - [RpcLocator] - Alocador Remote Procedure Call (RPC) - c:\windows\system32\locator.exe

S3 - [sNMPTRAP] - Interceptação SNMP - c:\windows\system32\snmptrap.exe

S3 - [steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe

S3 - [TrustedInstaller] - Instalador de Módulos do Windows - c:\windows\servicing\trustedinstaller.exe

S3 - [vds] - Disco Virtual - c:\windows\system32\vds.exe

S3 - [wbengine] - Serviço de Mecanismo de Backup em Nível de Bloco - c:\windows\system32\wbengine.exe

S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe

 

==== Drivers(whitelist) ======================

Powered by E Dev

 

R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys

R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys

R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys

R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys

R3 - [srv] - Driver SMB 1.xxx do Servidor - C:\Windows\system32\Drivers\srv.sys

R3 - [srv2] - Driver SMB 2.xxx do Servidor - C:\Windows\system32\Drivers\srv2.sys

R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys

R0 - [amdxata] - amdxata - C:\Windows\system32\Drivers\amdxata.sys

R0 - [atapi] - Canal de IDE - C:\Windows\system32\Drivers\atapi.sys

R0 - [CLFS] - Log Comum (CLFS) - C:\Windows\system32\Drivers\CLFS.sys [x]

R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys

R0 - [Disk] - Driver de disco - C:\Windows\system32\Drivers\Disk.sys

R0 - [fvevol] - Driver de Filtro de Criptografia de Unidade de Disco BitLocker - C:\Windows\system32\Drivers\fvevol.sys

R0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys

R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys

R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys

R0 - [mountmgr] - Gerenciador de Pontos de Montagem - C:\Windows\system32\Drivers\mountmgr.sys

R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys

R0 - [NDIS] - Driver do Sistema NDIS - C:\Windows\system32\Drivers\NDIS.sys

R0 - [partmgr] - Gerenciador de Partições - C:\Windows\system32\Drivers\partmgr.sys

R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys

R0 - [pciide] - pciide - C:\Windows\system32\Drivers\pciide.sys

R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys

R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys

R0 - [spldr] - Security Processor Loader Driver - C:\Windows\system32\Drivers\spldr.sys

R0 - [storflt] - Driver de Filtro de Aceleração do Barramento da Máquina Virtual do Disco - C:\Windows\system32\Drivers\storflt.sys [x]

R0 - [Tcpip] - Driver de Protocolo TCP/IP - C:\Windows\system32\Drivers\Tcpip.sys

R0 - [vdrvroot] - Driver de enumerador da unidade virtual Microsoft - C:\Windows\system32\Drivers\vdrvroot.sys

R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys

R0 - [volmgrx] - Gerenciador de Volume Dinâmico - C:\Windows\system32\Drivers\volmgrx.sys

R0 - [volsnap] - Volumes de armazenamento - C:\Windows\system32\Drivers\volsnap.sys

R0 - [Wdf01000] - Wdf01000 - C:\Windows\system32\Drivers\Wdf01000.sys

R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys

R1 - [beep] - Beep - C:\Windows\system32\Drivers\Beep.sys

R1 - [tdx] - Driver de Suporte a TDI Herdado de NetIO - C:\Windows\system32\Drivers\tdx.sys

R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys

 

==== Startup Registry Enabled ======================

 

[HKEY_USERS\S-1-5-21-1422293673-3347950008-3499644051-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

"Spotify Web Helper"="C:\Users\seven\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

"Spotify"="C:\Users\seven\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Razer Synapse"="C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"

"Kraken0502Launcher"="C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe /start"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

"Spotify Web Helper"="C:\Users\seven\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

"Spotify"="C:\Users\seven\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"

 

==== Startup Registry Enabled x64 ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"

"Diebold - Warsaw"="C:\Program Files\Diebold\Warsaw\core.exe"

 

==== Startup Registry Disabled x64 ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BCSSync"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="CCleaner Monitoring"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarenaPlus]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="GarenaPlus"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Garena Plus\\GarenaMessenger.exe\" -autolaunch"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HDAudDeck]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HDAudDeck"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\VIA\\VIAudioi\\VDeck\\VDeck.exe -r"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HotKeysCmds"

"hkey"="HKLM"

"command"="C:\\Windows\\system32\\hkcmd.exe"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="IgfxTray"

"hkey"="HKLM"

"command"="C:\\Windows\\system32\\igfxtray.exe"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Common Files\\Nero\\Lib\\NMIndexStoreSvr.exe\" ASO-616B5711-6DAE-4795-A05F-39A1E5104020"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBKeyScan]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NBKeyScan"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\""

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvBackend]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NvBackend"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe\""

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Persistence"

"hkey"="HKLM"

"command"="C:\\Windows\\system32\\igfxpers.exe"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ShadowPlay]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ShadowPlay"

"hkey"="HKLM"

"command"="C:\\Windows\\system32\\rundll32.exe C:\\Windows\\system32\\nvspcap64.dll,ShadowPlayOnSystemStart"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Spotify Web Helper"

"hkey"="HKCU"

"command"="\"C:\\Users\\seven\\AppData\\Roaming\\Spotify\\SpotifyWebHelper.exe\""

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SunJavaUpdateSched"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\USB Gamepad]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="USB Gamepad"

"hkey"="HKLM"

"command"="C:\\Windows\\USB Vibration\\7906\\USB Gamepad.exe -boot"

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^seven^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Uniblue SpeedUpMyPC 2015 V 6.0.8.0 Serial Key is Here ! [Latest].lnk]

"path"="C:\\Users\\seven\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Uniblue SpeedUpMyPC 2015 V 6.0.8.0 Serial Key is Here ! [Latest].lnk"

"backup"="C:\\Windows\\pss\\Uniblue SpeedUpMyPC 2015 V 6.0.8.0 Serial Key is Here ! [Latest].lnk.Startup"

"backupExtension"=".Startup"

"command"="C:\\PROGRA~3\\{CE062~1\\UNIBLU~1.EXE --startup=1"

"item"="Uniblue SpeedUpMyPC 2015 V 6.0.8.0 Serial Key is Here ! [Latest]"

 

 

==== Task Scheduler Jobs ======================

 

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [22/09/2015 13:38]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1422293673-3347950008-3499644051-1000Core.job --a------ [undetermined Task]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1422293673-3347950008-3499644051-1000UA.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/02/2015 21:51]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/02/2015 21:51]

 

==== Other Scheduled Tasks ======================

 

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\avastBCLRestart_chrome.exe" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1422293673-3347950008-3499644051-1000Core" [C:\Users\seven\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1422293673-3347950008-3499644051-1000UA" [C:\Users\seven\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

 

==== Firefox Start and Search pages ======================

 

ProfilePath: C:\Users\seven\AppData\Roaming\Mozilla\Firefox\Profiles\z6slmhq5.default-1428193219019

user_pref("browser.startup.homepage", "www.123rede.com?oem=mbtkv6&uid=WD-WCC1S3789858_WDCWD10EZEX-00RKKA0&tm=1436458824");

user_pref("browser.newtab.url", "www.123rede.com?oem=mbtkv6&uid=WD-WCC1S3789858_WDCWD10EZEX-00RKKA0&tm=1436458824");

 

==== Firefox Extensions ======================

 

ProfilePath: C:\Users\seven\AppData\Roaming\Mozilla\Firefox\Profiles\z6slmhq5.default-1428193219019

- Undetermined - C:\Program Files\AVAST Software\Avast\WebRep\FF

 

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- AnviAdblock - %AppDir%\browser\extensions\AnviAdblock@anvisoft.com.xpi

 

==== Firefox Plugins ======================

 

Profilepath: C:\Users\seven\AppData\Roaming\Mozilla\Firefox\Profiles\z6slmhq5.default-1428193219019

CA6755C23F8E96E1A237FFB6E1D08B76 - C:\Users\seven\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

3CD19649B2C3023D65E67C056457A2BC - C:\Users\seven\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

DCB0BCEF594E2C410793C4A823C318F3 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll - Shockwave for Director / Shockwave for Director

575DA7CF3B98F5709FF6A05B1B36070D - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll - AdblockPlugin

 

 

==== Fake Chromium Profiles Check ======================

 

Fake profile C:\Users\Administrador\AppData\Local\Google\Chrome Found

Fake profile C:\Users\Administrador\AppData\Local\Google\Chrome SxS Found

Fake profile C:\Users\Administrador\AppData\Local\Comodo\Dragon Found

Fake profile C:\Users\Convidado\AppData\Local\Google\Chrome Found

Fake profile C:\Users\Convidado\AppData\Local\Google\Chrome SxS Found

Fake profile C:\Users\Convidado\AppData\Local\Comodo\Dragon Found

Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome Found

Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS Found

Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon Found

Fake profile C:\Users\seven\AppData\Local\Google\Chrome SxS Found

Fake profile C:\Users\seven\AppData\Local\Comodo\Dragon Found

 

==== Chromium Look ======================

 

Google Chrome Version: 45.0.2454.101

 

 

Google Slides - seven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek

Google Docs - seven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - seven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - seven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

selector is not a valid CSS selector - seven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb

Google Search - seven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Sheets - seven\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap

Google Docs Offline - seven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi

EasyCalendar - seven\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk

Chrome Hotword Shared Module - seven\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg

Google Wallet - seven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - seven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

 

==== IE Start and Search Settings ======================

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://www.google.com"

"Search Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://www.google.com"

"Search Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

 

==== All HKCU SearchScopes ======================

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

 

==== HijackThis Entries ======================

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.123rede.com?oem=mbtkv6&uid=WD-WCC1S3789858_WDCWD10EZEX-00RKKA0&tm=1436458824

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.123rede.com?oem=mbtkv6&uid=WD-WCC1S3789858_WDCWD10EZEX-00RKKA0&tm=1436458824

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll

O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehuni.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll

 

==== EOF on 27/09/2015 at 11:08:52,22 ======================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok,

 

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

 

Baixe o anexo deste post e salve-o no mesmo local onde está o ZA-Scan.

 

Dê um duplo-clique sobre o ZA-Scan.exe.

 

Ao final, um log se abrirá.

 

Anexe-o em sua próxima resposta.

zascript.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

@lcsmarsom

 

Desculpa a demora, tive problema com a internet. :(

 

Desative temporiariamente seu AntiVirus

  • Segure o botão Ctrl e clique neste link para abrir o ESET Online Scanner em uma nova janela.
  • Clique neste botão: j9Byf.png?1
  • Para navegadores alternativos: (Caso use o Internet Explorer, pule esta etapa)esetsmartinstaller_enu.png
    • Clique em esetsmartinstaller_enu.exe para baixar o ESET Smart Intaller. Salve-o em seu desktop.
    • Duplo clique no ícone em seu desktop.
  • Marque "YES, I accept the Terms of Use."
  • Clique em Start.
  • Aceite qualquer aviso de segurança de seu browser.
  • Marque: "Enable detection of potentially unwanted applications"
  • Clique em Hide Advanced settings e marque o seguinte:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Clique Change e marque também a caixa Computador.
  • Clique em Start.
  • Ele vai atualizar por conta própria, e escanear o computador. Tenha paciência, o processo pode demorar horas.
  • Quando o scan terminar, clique em List of found threats
  • Clique em Export to text file e salve o log na sua área de trabalho.
  • Clique em Back.
  • Clique em Finish.
  • Anexe o conteúdo do log.

Poste também um novo log do ZA-Scan.

 

Editado por CarlosTurco
Post Duplicado

Compartilhar este post


Link para o post
Compartilhar em outros sites

OK,

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

Baixe o Farbar Recovery Scan Tool e salve em sua área de trabalho.
32 bit (x86) ou 64 bit (x64)

Dê um duplo-clique para executar a ferramenta. Marque a caixa 90 Days Files e clique no botão Scan.

Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

 

Anexe os logs na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@lcsmarsom

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o anexo deste post e salve-o no desktop.

Execute o FRST64.exe e clique no botão Fix.

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

 

Anexe o log em sua próxima resposta.

 

 

 

fixlist.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua área de trabalho (Desktop)

* No Windows Vista e Windows 7:

Clique com o direito sobre o ZHPCleaner.exe e selecione run_as_adm1.png

 

Clique no botão Scanner.

 

A ferramenta começara o exame do seu sistema. Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.

 

Em seguida clique no botão Reparar.

Ao final, um log será salvo em sua área de trabalho. Anexe-o log na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Não estou conseguindo usar fica dando este erro , e começo a aparecer o site www.321oyun.com na minha tela principal

post-730211-0-50538100-1447381311_thumb.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Não precisa mais se preocupar e pode dar o topico como concluido, eu formatei o computador e aproveitei pra dar uma limpada.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Problema resolvido!

Caso o autor necessite, o mesmo será reaberto, para isso deverá entrar em contato com um Analista de Segurança do Fórum solicitando o desbloqueio.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×