Ir ao conteúdo
  • Cadastre-se
Flpmod

Malware dentro do meu navegador

Recommended Posts

@Flpmod

 

Por favor, atente para o seguinte:

  • Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito.
  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Respeite a ordem das instruções passadas.
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está abaixo:

 

createsrpoint;
shortcutfix;
ffdefaults;
chrdefaults;
resetwmi;
resetieproxy;
network.proxy;ff
emptyclsid;
autoclean;
ipconfig /flushdns >>"%temp%\log.txt";b

 

Salve este arquivo na na sua área de trabalho com o nome zascript

Novamente, execute o ZA-Scan.exe e aguarde.
Copie e cole o conteúdo desse arquivo em sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Eu reparei que o Malwarebytes agora está funcionando a proteção em tempo real e que o meu navegador Google Chrome resetou.

 


ZA-Scan V1.0.0.5 Updated 30-09-2015
Tool run by Flpmod on 30/04/2017 at 17:54:19,58.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Flpmod\Desktop\ZA-Scan.exe
Script used: C:\Users\Flpmod\Desktop\zascript.txt

==== System Restore Info ======================

30/04/2017 17:57:21 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~3\RevitInterProcess deleted successfully
C:\Users\Flpmod\AppData\Roaming\QuickScan deleted successfully
C:\Users\Flpmod\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Batch Command(s) Run By Tool======================


Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

==== Deleting Files \ Folders ======================

C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Flpmod\AppData\Local\cache deleted
C:\Users\Flpmod\Downloads\driver_booster_setup_cnet.exe deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi" [19/01/2017 19:05]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi" [19/01/2017 19:05]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
fhoibnponjcgjgcnfacekaijdbbplhib - https://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

Google Drive App Launcher - Flpmod\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Chrome Media Router - Flpmod\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shopping.uol.com.br_0.localstorage deleted successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shopping.uol.com.br_0.localstorage-journal deleted successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage deleted successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage-journal deleted successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.deepask.com_0.localstorage deleted successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.deepask.com_0.localstorage-journal deleted successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.newtabtvplussearch.com_0.localstorage deleted successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.newtabtvplussearch.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1b03ab69.TMP was reset successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1ee99e34.TMP was reset successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1fad5ec8.TMP was reset successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF263ea971.TMP was reset successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF3e25b4d.TMP was reset successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Preferences~RFf9ae5c.TMP was reset successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Flpmod\Desktop\Aide PDF to DWG Converter.lnk - C:\Program Files (x86)\Aide PDF to DWG Converter\pdc.exe 
C:\Users\Flpmod\Desktop\AltoQi Hydros V4.lnk - C:\Program Files (x86)\AltoQi\AltoQi Hydros V4\hidro.exe 
C:\Users\Flpmod\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Flpmod\Desktop\Google Drive.lnk - C:\Users\Flpmod\Google Drive 
C:\Users\Flpmod\Desktop\QiBuilder.lnk - C:\Program Files (x86)\AltoQi\QiBuilder\QiBuilder.exe 
C:\Users\Flpmod\Desktop\QiEditor de Armaduras.lnk - C:\Program Files (x86)\AltoQi\QiBuilder\QiCad.exe 
C:\Users\Flpmod\Desktop\TRAB FRAN\A comunicação é a forma pelo qual o ser humano interage e se desenvolve socialmente.docx - Atalho (2).lnk -  
C:\Users\Flpmod\Desktop\TRAB FRAN\A comunicação é a forma pelo qual o ser humano interage e se desenvolve socialmente.docx - Atalho.lnk -  

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Aplicativo da área de trabalho Autodesk.lnk -  
C:\Users\Public\Desktop\AutoCAD 2013 - English.lnk - C:\Program Files (x86)\Autodesk\AutoCAD 2013\acad.exe  /product ACAD /language "en-US"
C:\Users\Public\Desktop\AutoMETAL.lnk - C:\AutoMETAL\AutoMETAL.exe 
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\Users\Public\Desktop\Driver Booster 4.lnk - C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe 
C:\Users\Public\Desktop\Dynamo 0.9.1.lnk - C:\Program Files (x86)\Dynamo 0.9\DynamoSandbox.exe 
C:\Users\Public\Desktop\Google Earth Pro.lnk - C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe 
C:\Users\Public\Desktop\Kaspersky Internet Security.lnk - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe 
C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe -navigate ksde://mainwindow
C:\Users\Public\Desktop\LayOut 2016.lnk - C:\Program Files (x86)\SketchUp\SketchUp 2016\LayOut\LayOut.exe 
C:\Users\Public\Desktop\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe 
C:\Users\Public\Desktop\Revit 2017.lnk - C:\Program Files (x86)\Autodesk\Revit 2017\Revit.exe /language PTB
C:\Users\Public\Desktop\Safe Money.lnk - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe -safebanking
C:\Users\Public\Desktop\SketchUp 2016.lnk - C:\Program Files (x86)\SketchUp\SketchUp 2016\SketchUp.exe 
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe 
C:\Users\Public\Desktop\Style Builder 2016.lnk - C:\Program Files (x86)\SketchUp\SketchUp 2016\Style Builder\Style Builder.exe 

==== shortcuts in Users Start Menu ======================

C:\Users\Flpmod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe https://launchpage.org/?uid=oTlKGGjMhxpsXWEz4kz14VfcyvzHiEEkzTbyncuq0QugjYNeDbLfRJgfzYV3i%2BugXdm4
C:\Users\Flpmod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe https://launchpage.org/?uid=oTlKGGjMhxpsXWEz4kz14VfcyvzHiEEkzTbyncuq0QugjYNeDbLfRJgfzYV3i%2BugXdm4

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}\SC_Reader.ico 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://launchpage.org/?uid=oTlKGGjMhxpsXWEz4kz14VfcyvzHiEEkzTbyncuq0QugjYNeDbLfRJgfzYV3i%2BugXdm4
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 14\ABBYY Comparar documentos.lnk - C:\Windows\Installer\{F14000FE-0001-6400-0000-074957833700}\NewShortcut3_2337A0F811554C418A641102A1EDEB09.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 14\ABBYY FineReader 14 OCR Editor.lnk - C:\Windows\Installer\{F14000FE-0001-6400-0000-074957833700}\NewShortcut1_84B27E90F5EE4D828CAB9B1FBEE3480F.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 14\ABBYY FineReader 14.lnk - C:\Windows\Installer\{F14000FE-0001-6400-0000-074957833700}\ICON_FineReader.exe -Shortcut
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 14\ABBYY Hot Folder.lnk - C:\Windows\Installer\{F14000FE-0001-6400-0000-074957833700}\ICON_HF.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 14\ABBYY Screenshot Reader.lnk - C:\Windows\Installer\{F14000FE-0001-6400-0000-074957833700}\_SHCT_Screenshot_397AA9974495488387EF13875979FAE5.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4\Desinstalar Driver Booster 4.lnk - C:\Program Files (x86)\IObit\Driver Booster\4.3.0\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4\Driver Booster 4.lnk - C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro\Start Google Earth Pro in DirectX mode.lnk - C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe  -setDX
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro\Start Google Earth Pro in OpenGL mode.lnk - C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe  -setOGL
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro\Start Google Earth Pro.lnk - C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro\Uninstall Google Earth Pro.lnk - C:\Windows\System32\msiexec.exe /x {DE706580-82C7-4B1A-ABA4-EA48AC15B045}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe 

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Flpmod\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Aide PDF to DWG Converter.lnk - C:\Program Files (x86)\Aide PDF to DWG Converter\pdc.exe 
C:\Users\Flpmod\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://launchpage.org/?uid=oTlKGGjMhxpsXWEz4kz14VfcyvzHiEEkzTbyncuq0QugjYNeDbLfRJgfzYV3i%2BugXdm4
C:\Users\Flpmod\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe https://launchpage.org/?uid=oTlKGGjMhxpsXWEz4kz14VfcyvzHiEEkzTbyncuq0QugjYNeDbLfRJgfzYV3i%2BugXdm4
C:\Users\Flpmod\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Flpmod\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Flpmod\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Flpmod\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe 
C:\Users\Flpmod\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== shortcuts After Repair ======================

C:\Users\Flpmod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
C:\Users\Flpmod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Flpmod\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Flpmod\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="<local>"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Flpmod\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Flpmod\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== Reset WMI ======================

Os seguintes servi‡os sÆo dependentes do servi‡o de Testador de instrumenta‡Æo de gerenciam. do Windows.
Finalizar o servi‡o Testador de instrumenta‡Æo de gerenciam. do Windows tamb‚m finalizar  estes servi‡os.

   Central de Seguran‡a
   Malwarebytes Service
   Auxiliar de IP

O servi‡o de Central de Seguran‡a est  sendo finalizado .
O servi‡o de Central de Seguran‡a foi finalizado com ˆxito.

O servi‡o de Malwarebytes Service est  sendo finalizado ........
O servi‡o de Malwarebytes Service nÆo p“de ser finalizado.

O servi‡o de Auxiliar de IP est  sendo finalizado .
O servi‡o de Auxiliar de IP foi finalizado com ˆxito.

Erro de sistema 1051.

Um controle de parada foi enviado a um servi‡o, do qual dependem outros servi‡os que estÆo sendo executados.

C:\Windows\system32\wbem\repository not renamed
C:\Windows\syswow64\wbem\repository renamed to repository.old

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Flpmod\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Flpmod\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 30/04/2017 at 18:29:51,10 ======================
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok,

 

# Etapa nº 1 #
 
Baixe o AdwCleaner e salve em sua Área de trabalho (Desktop)

Execute o arquivo adwcleaner.exe

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Clique na aba Opções e deixe marcado apenas "Restaurar Políticas do IE" e "Restaurar Políticas do Chrome"
  • Clique no botão Verificar e aguarde o exame finalizar.
  • Clique no botão Limpar.
  • Abrirá um bloco de notas com o resultado.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.
  • O log também será salvo em C:\AdwCleaner


NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar.
 
# Etapa nº 2 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Junkware Removal Tool (JRT) e salve em sua Área de trabalho (Desktop)

 

Clique duas vezes para executar o jrt.exe.
 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • A ferramenta começará o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Ao final um log se abrirá. Será salvo no desktop com o nome de JRT.txt.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 
# Etapa nº 3 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

#1

 

# AdwCleaner v6.046 - Relatório criado 08/05/2017 às 03:06:29
# Atualizado em 24/04/2017 por Malwarebytes
# Banco de dados : 2017-05-05.1 [Servidor]
# Sistema operacional : Windows 7 Professional Service Pack 1 (X64)
# Usuário : Flpmod - FLPMOD-PC
# Executando de : C:\Users\Flpmod\Desktop\adwcleaner_6.046.exe
# Modo: Limpo
# Apoio : https://www.malwarebytes.com/support

***** [ Serviços ] *****

***** [ Pastas ] *****

***** [ Arquivos ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Atalhos ] *****

***** [ Atividades agendadas ] *****

***** [ Registro ] *****

***** [ Verificando navegadores ... ] *****

*************************

:: Chaves "Tracing" excluídas
:: Políticas do IE excluídas
:: Políticas do Chrome excluídas

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [856 Bytes] - [08/05/2017 03:06:29]
C:\AdwCleaner\AdwCleaner[S0].txt - [1337 Bytes] - [08/05/2017 03:04:44]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1001 Bytes] ##########
 

 

#2

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 7 Professional x64 
Ran by Flpmod (Administrator) on 08/05/2017 at  3:29:21,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 12 

Successfully deleted: C:\ProgramData\1478642344.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (Flpmod) (Task)
Successfully deleted: C:\Users\Flpmod\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A80YYZA9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Flpmod\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J1MSOFYE (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Flpmod\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LYDBR1BH (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Flpmod\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W3QDHXQL (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A80YYZA9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J1MSOFYE (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LYDBR1BH (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W3QDHXQL (Temporary Internet Files Folder) 

Registry: 0 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/05/2017 at  3:33:57,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

#3

 

~ ZHPCleaner v2017.5.6.77 by Nicolas Coolman (2017/05/06)
~ Run by Flpmod (Administrator)  (08/05/2017 03:52:22)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparo
~ Report : C:\Users\Flpmod\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Flpmod\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)


---\\  Serviços (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Navegadores de Internet (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Arquivo hosts (1)
~ O arquivo hosts é legítimo (21)


---\\  Tarefas automáticas agendadas. (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Explorer ( Arquivos, Pastas) (38)
MOVIDO pasta: C:\Windows\Prefetch\AUTOKMS.EXE-7CC2D49E.pf    =>HackTool.AutoKMS
MOVIDO pasta: C:\Windows\Installer\wix{62F029AB-85F2-0000-866A-9FC0DD99DDBC}.SchedServiceConfig.rmi    =>.Superfluous.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\au-descriptor-1.8.0_131-b11.xml    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\CFG314B.tmp    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\CFG3807.tmp    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\CFG4E52.tmp    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\CFG57D6.tmp    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\CFG5EDC.tmp    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\CFGBF9A.tmp    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\CFGD025.tmp    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\CFGD1CD.tmp    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\clm-05-05-2017.log    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\Flpmod.bmp    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\MSI44fb3.LOG    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\MSI4e186.LOG    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\MSI5d655.LOG    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\MSI65d21.LOG    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\MSIbece8.LOG    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\MSIc6c35.LOG    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\MSIec0b6.LOG    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\MSIf4752.LOG    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\Setup Log 2017-05-08 #001.txt    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Temp\~DF9F99B63E7769B344.TMP    =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Flpmod\Downloads\Ativador Office 2013 by ArphanetBR\ARQUIVOS\Microsoft Toolkit 2.5 Beta 5.exe [CODYQX4 - Microsoft Toolkit]  =>HackTool.WinActivator
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ol.at.atwola.com_0.localstorage    =>.Superfluous.Atwola
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ol.at.atwola.com_0.localstorage-journal    =>.Superfluous.Atwola
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_wix-instantsearchplus-ssl.akamaized.net_0.localstorage    =>.Superfluous.AkamaiHD
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_wix-instantsearchplus-ssl.akamaized.net_0.localstorage-journal    =>.Superfluous.AkamaiHD
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.solvusoft.com_0.localstorage    =>.Superfluous.Solvusoft
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.solvusoft.com_0.localstorage-journal    =>.Superfluous.Solvusoft
MOVIDO pasta: C:\Windows\AutoKMS\AutoKMS.exe [CODYQX4 - AutoKMS]  =>HackTool.AutoKMS
MOVIDO pasta: C:\Windows\AutoKMS\AutoKMS.log    =>HackTool.AutoKMS
MOVIDO pasta: C:\Users\Flpmod\AppData\Local\Akamai\netsession_win.exe [Akamai Technologies, Inc. - Akamai NetSession Client]  =>.Superfluous.AkamaiHD
MOVIDO arquivo: C:\ProgramData\Microsoft Toolkit  =>HackTool.AutoKMS
MOVIDO arquivo: C:\Windows\AutoKMS  =>HackTool.AutoKMS
MOVIDO arquivo: C:\Users\Flpmod\AppData\Local\Akamai  =>.Superfluous.AkamaiHD
MOVIDO arquivo: C:\Users\Flpmod\AppData\Local\Google\Chrome\User Data\Default\File System\008  =>PUP.Optional.DomaIQ
MOVIDO arquivo: C:\Windows\Installer\MSI33A6.tmp-  =>.Superfluous.Empty


---\\  Registro ( Chaves, Valores, Dados ) (6)
SUPRIMIDO chave*: HKEY_USERS\S-1-5-21-3457736446-3868644079-333518033-1000\SOFTWARE\Akamai []  =>.Superfluous.AkamaiHD
SUPRIMIDO chave: HKCU\Software\Akamai []  =>.Superfluous.AkamaiHD
SUPRIMIDO chave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Akamai [Akamai Technologies, Inc]  =>.Superfluous.AkamaiHD
SUPRIMIDO valor: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface ["C:\Users\Flpmod\AppData\Local\Akamai\netsession_win.exe"]  =>.Superfluous.AkamaiHD
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{C5ABB516-F927-486C-9436-3DC8256AE6EA}C:\users\flpmod\appdata\local\akamai\netsession_win.exe [C:\users\flpmod\appdata\local\akamai\netsession_win.exe]  =>.Superfluous.AkamaiHD
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{EDB4DD16-AF1C-432C-9D62-E54918B9F36E}C:\users\flpmod\appdata\local\akamai\netsession_win.exe [C:\users\flpmod\appdata\local\akamai\netsession_win.exe]  =>.Superfluous.AkamaiHD


---\\  Resumo dos elementos encontrados na sua estação de trabalho (8)
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/  =>HackTool.AutoKMS
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Empty
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Temporary.Empty
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/  =>HackTool.WinActivator
https://nicolascoolman.eu/2017/02/04/superfluous-atwola/  =>.Superfluous.Atwola
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.AkamaiHD
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.Superfluous.Solvusoft
https://www.nicolascoolman.com/fr/adware-domaiq/  =>PUP.Optional.DomaIQ


---\\  Dodatkowe oczyszczenie. (14)
~ Chave de registro Tracing Supprimido (14)
~ Remover os relatórios antigos ZHPCleaner. (0)


---\\ Resultado de reparação
Reparação efectuada com sucesso
~ Este navegador está faltando ! (Mozilla Firefox)
~ Este navegador está faltando ! (Opera Software)


---\\ Estatísticas
~ Items scan : 479
~ Items encontrado : 0
~ items cancelados : 0
~ Items réparo : 44


~ End of clean in 00h00mn13s
~====================
ZHPCleaner-[R]-08052017-03_52_35.txt
ZHPCleaner--08052017-03_50_27.txt
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Flpmod

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Stinger e salve em sua Área de trabalho (Desktop).
32 bit (x86) ou 64 bit (x64)

  • Execute o arquivo Stinger.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Clique no botão “I Accept”


Stinger%20a.png

Na nova janela clique em “Advanced” e depois “Settings”

Stinger%20b.png

Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

9hnsyu.png

Clique em “Customize my Scan”

Stinger%20f.png

Selecione as unidades do sistema e em seguida clique no botão “Scan”

Stinger%20g.png

Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.
Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

McAfee Stinger Scan Results

McAfee® Labs Stinger™ Version 12.1.0.2361 built on May 10 2017 at 23:29:50

Copyright© 2015, McAfee, Inc. All Rights Reserved.

 

AV Engine version v5900.7806 for Windows.

Virus data file v1000.0 created on May 11, 2017

Ready to scan for 10105 viruses, trojans and variants.

 

Custom scan initiated on sexta-feira, maio 12, 2017 13:59:02

Rootkit scan result : Not Scanned.

Summary Report on C:

D:

File(s)

TotalFiles:............ 729508

Clean:................. 272073

Not Scanned:........... 457435

Possibly Infected:..... 0

 

Time: 03:20:30

Scan completed on sexta-feira, maio 12, 2017 17:19:32

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Flpmod

 

Baixe Security Check, by glax24 e salve em sua Área de trabalho (Desktop).

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Aguarde enquanto a ferramenta faz o exame.
  • Ao final abrirá um log: SecurityCheck.txt.
  • Este log é salvo em C: (Disco local) na pasta SecurityCheck que foi criada.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

SecurityCheck by glax24 & Severnyj v.1.4.0.49 [15.04.17]
WebSite: www.safezone.cc
DateLog: 15.05.2017 23:45:11
Path starting: C:\Users\Flpmod\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Flpmod
VersionXML: 4.12s-15.04.2017
___________________________________________________________________________

Windows 7(6.1.7601) Service Pack 1 (x64) Professional Lang: Portuguese(0416)
Installation date OS: 21.01.2016 21:33:58
LicenseStatus: Windows(R) 7, Professional edition Volume activation will expire : 247920 minutes
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [465.7 Gb] Used: [119 Gb] Free: [346.7 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18665 [+]
User Account Control enabled
Automatically download and schedule installation
Date install updates: 2017-05-11 07:03:46
Windows Update (wuauserv) - The service is running
Central de Segurança (wscsvc) - The service is running
Registro remoto (RemoteRegistry) - The service has stopped
Descoberta SSDP (SSDPSRV) - The service has stopped
Serviços de Área de Trabalho Remota (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2013 x64 v.15.0.4420.1017
---------------------------- [ Antivirus_WMI ] ----------------------------
Kaspersky Internet Security (enabled and up to date)
Malwarebytes (disabled and up to date)
---------------------------- [ Firewall_WMI ] -----------------------------
Kaspersky Internet Security (enabled)
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Malwarebytes (enabled and up to date)
Kaspersky Internet Security (enabled and up to date)
Windows Defender (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Bitdefender Agent v.20.0.23.1252
Kaspersky Secure Connection v.17.0.0.611
Kaspersky Internet Security v.17.0.0.611
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes versão 3.1.2.1733 v.3.1.2.1733
--------------------------- [ OtherUtilities ] ----------------------------
WinRAR 5.31 (64-bit) v.5.31.0 Warning! Download Update
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.30 v.7.30.105 Warning! Download Update
^Optional update.^
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 111 (64-bit) v.8.0.1110.14 Warning! Download Update
Uninstall old version and install new one (jre-8u121-windows-x64.exe).
Java 8 Update 112 (64-bit) v.8.0.1120.15 Warning! Download Update
Uninstall old version and install new one (jre-8u121-windows-x64.exe).
Java 8 Update 121 (64-bit) v.8.0.1210.13
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 25 ActiveX v.25.0.0.171 [+]
Adobe Acrobat Reader DC - Português v.17.009.20044
------------------------------- [ Browser ] -------------------------------
Google Chrome v.58.0.3029.110 [+]
------------------ [ AntivirusFirewallProcessServices ] -------------------
ProductAgentService (ProductAgentService) - The service is running
C:\Program Files\Bitdefender Agent\ProductAgentService.exe v.21.0.24.24
Serviço do Kaspersky Anti-Virus 17.0.0 (AVP17.0.0) - The service is running
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe v.17.0.0.611
klvssbrigde64 (klvssbrigde64) - The service has stopped
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe v.17.0.0.643
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe v.3.0.0.1068
Malwarebytes Service (MBAMService) - The service is running
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.1.0.479
McAfee Validation Trust Protection Service (mfevtp) - The service is running
C:\Windows\System32\mfevtps.exe
Windows Defender (WinDefend) - The service is running
---------------------------- [ UnwantedApps ] -----------------------------
Driver Booster 4.3 v.4.3.0 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Flpmod

 

Para finalizar:

 

# Etapa nº 1 #

 

Renomeie o combofix para uninstall. Clique duas vezes nele e aguarde o programa ser removido.

 

# Etapa nº 2 #

 

Baixe o Delfix by Xplode e salve na sua área de trabalho.

 

Clique duas vezes no delfix.exe para executá-lo. Marque as caixas conforme imagem.

 

** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo delfix.exe, depois clique em execadmin.png.

 

2mez6ld.png

 

Clique no botão Executar.

 

Ao final será gerado um log, mas não é necessário postar.
 
# Etapa nº 3 #
 
imageproxy.php?img=http%3A%2F%2Fi65.tiny Versões antigas de programas têm vulnerabilidades que alguns malwares podem usar para infectar o seu sistema.
 
Por isso, é recomendável atualizar os programas que o Security Check apontou como desatualizados (os updates opcionais ficam ao seu critério).
 
Basta clicar no Download Update de cada aviso, que irá para o site do desenvolvedor.

<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Turco fiz todos os procedimentos que me pediu, sobrou o Stinger64.exe. Desinstalo ele também?

 

Estou mandando mensagem por aqui porque não consigo mandar mensagem privada.

Compartilhar este post


Link para o post
Compartilhar em outros sites
5 horas atrás, Flpmod disse:

sobrou o Stinger64.exe. Desinstalo ele também?

 

 

Sim, pode desinstalar.

 

:thumbsup:

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×