Ir ao conteúdo
  • Cadastre-se
Juliana Lira

ZA-Scan não funciona no computador

Posts recomendados

Olá! Inicialmente vim procurar ajuda para solucionar o problema de lentidão do meu computador ao iniciar, travamentos e já deu tela azul umas duas vezes. No gerenciador de tarefas, o sistema sobrecarrega o disco, que fica em 100%. Ao executar o ZA-Scan pra iniciar o tópico, ele deu a seguinte mensagem: "O Windows não pode encontrar 'pezv.exe.'. Certifique-se de que o nome foi digitado corretamente e tente novamente." Ele dá essa mensagem sempre, exceto uma vez, que ele rodou, mas acredito que não tenha funcionado de forma correta, visto que o log que ele gerou não consta nada. 
 

O que posso fazer?

Obrigada

ZA-Scan.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Por favor, atente para o seguinte:

  • Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento de arquivos, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Respeite a ordem das instruções passadas;
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Você pode seguir os passos do link abaixo

https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/

OU seguir os passos abaixo:

 

ETAPA 1

Copie o comando abaixo:

chrome://settings/syncSetup

Cole na barra de URL do navegador e pressione <ENTER>

 

Na pagina que se abriu, clique em Desativar

 

Qp8vLPC.png

 

Quando solicitado, clique em Limpar e Continuar

 

L6uIGMW.png

 

Clique no link https://chrome.google.com/sync

 

Após isso, clique em REDEFINIR SINCRONIZAÇÃO

 

ORzpFxo.png

 

Aguarde o processo terminar e feche o Google Chrome.

 

Execute o Malwarebytes:

 

  • Na aba Análise > Analise Personalizada marque a opção Procurar rootkits e as entradas referente a instalação do sistema operacional. Normalmente é o drive 😄;
  • Clique em Analisar Agora. Aguarde, pois o scan pode demorar;
  • Ao acabar o scan, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas ou Colocar em Quarentena;
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo);
  • Caso o mbam não seja executado automaticamente após a reinicialização, execute manualmente;
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Relatórios na janela principal do programa;
  • Clique duas vezes no log (Registro de verificação). Clique no botão Exportar e utilize o formato .txt para exportar o log. Salve na Área de Trabalho.


ATENÇÃO: Abra o arquivo, selecione tudo, copie e cole o conteúdo deste log em sua próxima resposta.

 

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

 

ETAPA 2

 

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.
https://toolslib.net/downloads/viewdownload/1-adwcleaner/
http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em VRIfczU.png

Clique em VERIFICAR. Após o termino clique em LIMPAR e aguarde.

Será aberto o bloco de notas com o resultado.

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.


ETAPA 3


Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.


Faça o download do ZHPCleaner no link abaixo e salve em sua Área de trabalho (Desktop)

https://www.majorgeeks.com/files/details/zhpcleaner.html


Execute o arquivo ZHPCleaner.exe Como Administrador:

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

ETAPA 4

 

Habilite novamente a sincronização do Google Chrome

Compartilhar este post


Link para o post
Compartilhar em outros sites

Log Malwarebytes:

 

Malwarebytes
www.malwarebytes.com

-Detalhes do Relatório-
Data da análise: 28/02/2020
Hora da análise: 21:53
Arquivo de relatório: f3fb7210-5a8d-11ea-8ed7-54bf644aa7ba.json

-Informações do Software-
Versão: 4.1.0.56
Versão de componentes: 1.0.835
Versão do pacote de definições: 1.0.19986
Licença: Gratuita

-Informações do Sistema-
Sistema operacional: Windows 10 (Build 17763.1039)
CPU: x64
Sistema de arquivos: NTFS
Usuário: JLNCRVLH\julii

-Resumo da Análise-
Tipo de análise: Análise Customizada
Análise Iniciada Por: Manual
Resultado: Concluída
Objetos verificados: 718506
Ameaças detectadas: 29
Ameaças em quarentena: 0
Tempo decorrido: 43 hr, 44 min, 23 seg

-Opções da Análise-
Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
Programa Potencialmente Indesejado: Detetar
PUM: Detetar

-Detalhes da Análise-
Processo: 0
(Nenhum item malicioso detectado)

Módulo: 0
(Nenhum item malicioso detectado)

Chave de registro: 24
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\REI_AxControl.DLL, Nenhuma ação pelo usuário, 381, 327193, 1.0.19986, , ame, 
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\REI_AxControl.DLL, Nenhuma ação pelo usuário, 381, 327193, 1.0.19986, , ame, 
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}, Nenhuma ação pelo usuário, 381, 327197, , , , 
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine.1, Nenhuma ação pelo usuário, 381, 327197, , , , 
PUP.Optional.Reimage, HKU\S-1-5-21-944098539-2003292006-2082099386-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, Nenhuma ação pelo usuário, 381, 327197, , , , 
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, Nenhuma ação pelo usuário, 381, 327197, , , , 
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, Nenhuma ação pelo usuário, 381, 327197, , , , 
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, Nenhuma ação pelo usuário, 381, 327197, , , , 
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, Nenhuma ação pelo usuário, 381, 327197, , , , 
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, Nenhuma ação pelo usuário, 381, 327197, , , , 
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}, Nenhuma ação pelo usuário, 381, 327197, , , , 
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BD51A48E-EB5F-4454-8774-EF962DF64546}, Nenhuma ação pelo usuário, 381, 327197, , , , 
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, Nenhuma ação pelo usuário, 381, 327197, , , , 
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}, Nenhuma ação pelo usuário, 381, 327197, , , , 
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine, Nenhuma ação pelo usuário, 381, 327197, 1.0.19986, , ame, 
PUP.Optional.Reimage, HKU\S-1-5-21-944098539-2003292006-2082099386-1001\SOFTWARE\REIMAGE\PC REPAIR, Nenhuma ação pelo usuário, 381, 327204, 1.0.19986, , ame, 
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\REI_AxControl.DLL, Nenhuma ação pelo usuário, 381, 327193, 1.0.19986, , ame, 
PUP.Optional.Reimage, HKU\S-1-5-21-944098539-2003292006-2082099386-1001\SOFTWARE\Reimage, Nenhuma ação pelo usuário, 381, 357494, 1.0.19986, , ame, 
PUP.Optional.Reimage, HKU\S-1-5-21-944098539-2003292006-2082099386-1001\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Fixer - Windows Problem Relief., Nenhuma ação pelo usuário, 381, 709541, 1.0.19986, , ame, 
PUP.Optional.Reimage, HKLM\SOFTWARE\REIMAGE\Reimage Repair, Nenhuma ação pelo usuário, 381, 336077, 1.0.19986, , ame, 
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}, Nenhuma ação pelo usuário, 381, 327206, 1.0.19986, , ame, 
PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, Nenhuma ação pelo usuário, 381, 332494, , , , 
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, Nenhuma ação pelo usuário, 381, 332494, , , , 
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, Nenhuma ação pelo usuário, 381, 332494, 1.0.19986, , ame, 

Valor de registro: 1
PUP.Optional.Reimage, HKU\S-1-5-21-944098539-2003292006-2082099386-1001\SOFTWARE\REIMAGE\PC REPAIR|QUITMESSAGE, Nenhuma ação pelo usuário, 381, 327204, 1.0.19986, , ame, 

Dados de registro: 0
(Nenhum item malicioso detectado)

Fluxo de dados: 0
(Nenhum item malicioso detectado)

Pasta: 0
(Nenhum item malicioso detectado)

Arquivo: 4
Generic.Malware/Suspicious, C:\$RECYCLE.BIN\S-1-5-21-944098539-2003292006-2082099386-1001\$RRTUAG9.EXE, Nenhuma ação pelo usuário, 0, 392686, 1.0.19986, , shuriken, 
PUP.Optional.Reimage, C:\$RECYCLE.BIN\S-1-5-21-944098539-2003292006-2082099386-1001\$RVRYZQO.EXE, Nenhuma ação pelo usuário, 381, 331559, 1.0.19986, , ame, 
HackTool.Agent, C:\PROGRAM FILES\LUMION 9.0\LUMIONPROV902-TPC.EXE, Nenhuma ação pelo usuário, 3941, 1570, 1.0.19986, 000000000000000000000003, dds, 00610523
PUP.Optional.Reimage, C:\WINDOWS\REIMAGE.INI, Nenhuma ação pelo usuário, 381, 412667, 1.0.19986, , ame, 

Setor físico: 0
(Nenhum item malicioso detectado)

Instrumentação do Windows (WMI): 0
(Nenhum item malicioso detectado)


(end)

 

 

 

Log AdwCleaner:

 

# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build:    03-02-2020
# Database: 2020-03-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    03-03-2020
# Duration: 00:00:16
# OS:       Windows 10 Home Single Language
# Cleaned:  19
# Failed:   4


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\Software\Reimage

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.DellCommand|PowerManager   Folder   C:\Program Files\DELL\COMMANDPOWERMANAGER
Deleted       Preinstalled.DellCommand|PowerManager   Folder   C:\ProgramData\DELL\COMMANDPOWERMANAGER
Deleted       Preinstalled.DellCommand|PowerManager   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}
Deleted       Preinstalled.DellSupportAssistAgent   Folder   C:\Program Files\DELL\SAREMEDIATION\AGENT
Deleted       Preinstalled.DellSupportAssistAgent   Folder   C:\Program Files\DELL\SAREMEDIATION\AUDIT
Deleted       Preinstalled.DellSupportAssistAgent   Folder   C:\ProgramData\DELL\SAREMEDIATION\AGENT
Deleted       Preinstalled.DellSupportAssistAgent   Folder   C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Deleted       Preinstalled.DellSupportAssistAgent   Folder   C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Deleted       Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91055DE9-E4F6-4568-BA5D-B1E0FA314969} 
Deleted       Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91055DE9-E4F6-4568-BA5D-B1E0FA314969} 
Deleted       Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Deleted       Preinstalled.DellSupportAssistAgent   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{03C35F56-A9AD-4B59-B061-B8CE41C4C22B}
Deleted       Preinstalled.DellSupportAssistAgent   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9BEF4D9A-592C-4073-B202-30234347B3DA}
Deleted       Preinstalled.DellSupportAssistAgent   Task   C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Deleted       Preinstalled.DellUpdateforWindows10   Folder   C:\Program Files\DELL\UPDATE
Deleted       Preinstalled.DellUpdateforWindows10   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{70E9F8CC-A23E-4C25-B292-C86C1821587C}
Deleted       Preinstalled.SmartByte   Folder   C:\Program Files\RIVET NETWORKS
Deleted       Preinstalled.SmartByte   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIVET NETWORKS
Not Deleted   Preinstalled.DellSupportAssistAgent   Folder   C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Not Deleted   Preinstalled.DellSupportAssistAgent   Folder   C:\Program Files\DELL\SUPPORTASSISTAGENT
Not Deleted   Preinstalled.DellUpdateforWindows10   Folder   C:\Program Files (x86)\DELL\UPDATESERVICE
Not Deleted   Preinstalled.DellUpdateforWindows10   Folder   C:\ProgramData\DELL\UPDATESERVICE


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4214 octets] - [03/03/2020 13:19:25]
AdwCleaner[S01].txt - [3912 octets] - [03/03/2020 19:10:06]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
 

 

Log ZHPCleaner:

 

~ ZHPCleaner v2020.2.14.178 by Nicolas Coolman (2020/02/14)
~ Run by julii (Administrator)  (03/03/2020 19:27:28)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scan
~ Report : C:\Users\julii\OneDrive\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\julii\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : 
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home Single Language, 64-bit  (Build 17763)


---\\  Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (0)
~ No malicious or unnecessary items found.


---\\  Hosts file (1)
~ The hosts file is legitimate (21)


---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\  Explorer ( File, Folder) (11)
FOUND file: C:\Users\julii\OneDrive\Desktop\BitTorrent.lnk  [Bad : C:\Users\julii\AppData\Roaming\BitTorrent\BitTorrent.exe](.BitTorrent Inc..)  =>BitTorrent (P2P)
FOUND file: C:\Users\julii\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk  [Bad : C:\Users\julii\AppData\Roaming\BitTorrent\BitTorrent.exe](.BitTorrent Inc..)  =>BitTorrent (P2P)
FOUND file: C:\Users\julii\AppData\Roaming\BitTorrent\BitTorrent.exe [BitTorrent Inc. - BitTorrent]  =>BitTorrent (P2P)
FOUND file: C:\Users\julii\OneDrive\Desktop\BitTorrent.lnk    =>BitTorrent (P2P)
FOUND file: C:\Users\julii\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk    =>BitTorrent (P2P)
FOUND file: C:\Windows\Prefetch\KMS-R@1NHOOK.EXE-572109D9.pf    =>HackTool.AutoKMS
FOUND file: C:\Windows\Prefetch\REIMAGE.EXE-02B30964.pf    =>SUP.Optional.ReimageRepair
FOUND file: C:\Windows\Prefetch\REIMAGEREPAIR.EXE-08072D4B.pf    =>SUP.Optional.ReimageRepair
FOUND file: C:\Windows\Prefetch\REIMAGEREPAIR.EXE-9C5E4F2B.pf    =>SUP.Optional.ReimageRepair
FOUND folder: C:\Program Files (x86)\DummyDir  =>.SUP.Empty
FOUND folder: C:\Users\julii\AppData\Local\Akamai  =>.SUP.AkamaiHD


---\\  Registry ( Key, Value, Data) (2)
FOUND key: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrent [BitTorrent Inc.]  =>BitTorrent (P2P)
FOUND key: [X64] HKLM\SOFTWARE\Classes\CLSID\{63005CD0-8541-439c-A66A-617F4B1F2BCB} [TVWizard Class]  =>PUP.Optional.TVWizard


---\\  Summary of the elements found (6)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/  =>HackTool.AutoKMS
https://nicolascoolman.eu/2017/01/27/superfluous-reimagerepair/  =>SUP.Optional.ReimageRepair
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Empty
https://nicolascoolman.eu/2017/12/26/sup-akamaihd/  =>.SUP.AkamaiHD
https://www.nicolascoolman.com/fr/pup-tvwizard/  =>PUP.Optional.TVWizard


---\\ Result of repair
~ Any repair made
~ Google Chrome OK
~ Internet Explorer OK


---\\ Statistics
~ Items scanned : 113263
~ Items found : 16
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 9/16


---\\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis

~ End of search in 00h10mn51s

---\\  Reports (0)
ZHPCleaner--03032020-19_38_19.txt
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Juliana Lira

 

Faça o download do RogueKiller by Tigzy, e salve na sua área de trabalho (Desktop).
roguekiller.exe (x64) << link

  • Feche todos os programas
  • Execute o RogueKiller.exe.
    ** Usuários do Windows Vista, Windows 7, 8, 8.1 e Windows 10:
    Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png.
  • Clique em SCAN
  • Clique no primeiro START "Standard Scan (recommended)" e aguarde o scan...
  • Clique no botão RESULTS
  • Clique na opção REPORT e em EXPORT e selecione a opção Text file...
  • Salve o arquivo na area de trabalho com o nome roguekiller_report


Atente para abrir o arquivo, copiar e colar todo o conteúdo na sua próxima resposta

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Elias Pereira

 

RogueKiller Anti-Malware V14.4.0.0 (x64) [Apr  1 2020] (Premium) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.17763) 64 bits
Started in : Normal mode
User : julii [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20200424_130303, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/04/26 16:54:56 (Duration : 00:22:36)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Suspicious.Path (Potentially Malicious)] \Rerun Warsaw's CoreFixer -- C:\Windows\TEMP\is-G44IU.tmp\corefixer.exe [/norerun] -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.HackTool (Potentially Malicious)] (file) KMS-R@1nHook.dll -- C:\Windows\KMS-R@1nHook.dll -> Found
[PUP.PCProtect (Potentially Malicious)] (folder) TotalAV -- C:\ProgramData\TotalAV -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Juliana Lira

 

Feche todos os programas

  • Execute RogueKiller.exe.
    ** Usuários do Windows Vista, 7, 8/8.1 e windows 10:
    Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em VRIfczU.png
  • Quando a Eula aparecer, clique em Accept.
  • Selecione a aba SCAN e clique em START SCAN
  • Aguarde ate que o scan termine.
  • Clique em RESULTS e verifique se todas os checkboxs
  • >>>>>>> Navegue entre as abas e marque todas as entradas encontradas <<<<<<<
  • Clique em REMOVAL
  • Aguarde ate que o programa termine de deletar as infecções.
  • Clique em RESULTS
  • Clique no botão REPORT e depois em EXPORT > TXT FILE
  • Salve como report.txt na sua Área de Trabalho

Abra o arquivo report.txt salvo no sua Área de Trabalho, copie e cole todo o conteudo na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Elias Pereira

 

RogueKiller Anti-Malware V14.4.0.0 (x64) [Apr  1 2020] (Premium) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.17763) 64 bits
Started in : Normal mode
User : julii [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20200427_095401, Driver : Loaded
Mode : Standard Scan, Delete -- Date : 2020/04/28 13:08:00 (Duration : 00:19:23)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Suspicious.Path (Potentially Malicious)] \Rerun Warsaw's CoreFixer -- C:\Windows\TEMP\is-G44IU.tmp\corefixer.exe (/norerun) -> Deleted
[PUP.HackTool (Potentially Malicious)] KMS-R@1nHook.dll -- %SystemRoot%\KMS-R@1nHook.dll -> Deleted
[PUP.PCProtect (Potentially Malicious)] TotalAV -- %programdata%\TotalAV -> Deleted
=> cache -- C:\PROGRA~3\TotalAV\cache [1]
=> account.jdat -- C:\PROGRA~3\TotalAV\data\account.jdat [1]
=> addon.jdat -- C:\PROGRA~3\TotalAV\data\addon.jdat [1]
=> avconfig.jdat -- C:\PROGRA~3\TotalAV\data\avconfig.jdat [1]
=> avlic.jdat -- C:\PROGRA~3\TotalAV\data\avlic.jdat [1]
=> certs.jdat -- C:\PROGRA~3\TotalAV\data\certs.jdat [1]
=> details.jdat -- C:\PROGRA~3\TotalAV\data\details.jdat [1]
=> driver.jdat -- C:\PROGRA~3\TotalAV\data\driver.jdat [1]
=> idpro.jdat -- C:\PROGRA~3\TotalAV\data\idpro.jdat [1]
=> cert.db -- C:\PROGRA~3\TotalAV\data\pfdata\SSL\cert.db [1]
=> TotalAV Malicious URL Protection CA 2.cer -- C:\PROGRA~3\TotalAV\data\pfdata\SSL\TotalAV Malicious URL Protection CA 2.cer [1]
=> x2.db -- C:\PROGRA~3\TotalAV\data\pfdata\SSL\x2.db [1]
=> xtls2.db -- C:\PROGRA~3\TotalAV\data\pfdata\SSL\xtls2.db [1]
=> xv2.db -- C:\PROGRA~3\TotalAV\data\pfdata\SSL\xv2.db [1]
=> SSL -- C:\PROGRA~3\TotalAV\data\pfdata\SSL [1]
=> pfdata -- C:\PROGRA~3\TotalAV\data\pfdata [1]
=> prefs.jdat -- C:\PROGRA~3\TotalAV\data\prefs.jdat [1]
=> sdet.jdat -- C:\PROGRA~3\TotalAV\data\sdet.jdat [1]
=> sf_notify.dict -- C:\PROGRA~3\TotalAV\data\sf_notify.dict [1]
=> ui.jdat -- C:\PROGRA~3\TotalAV\data\ui.jdat [1]
=> updates.jdat -- C:\PROGRA~3\TotalAV\data\updates.jdat [1]
=> vpn_locations.jdat -- C:\PROGRA~3\TotalAV\data\vpn_locations.jdat [1]
=> wwwcache.dict -- C:\PROGRA~3\TotalAV\data\wwwcache.dict [1]
=> data -- C:\PROGRA~3\TotalAV\data [1]
=> main.log -- C:\PROGRA~3\TotalAV\logs\main.log [1]
=> monitor_service_install.log -- C:\PROGRA~3\TotalAV\logs\monitor_service_install.log [1]
=> savapi.log -- C:\PROGRA~3\TotalAV\logs\savapi.log [1]
=> security_service.log -- C:\PROGRA~3\TotalAV\logs\security_service.log [1]
=> security_service_monitor.log -- C:\PROGRA~3\TotalAV\logs\security_service_monitor.log [1]
=> service-1583599570.logc -- C:\PROGRA~3\TotalAV\logs\service-1583599570.logc [1]
=> service-1585225802.logc -- C:\PROGRA~3\TotalAV\logs\service-1585225802.logc [1]
=> service_install.log -- C:\PROGRA~3\TotalAV\logs\service_install.log [1]
=> threat.log -- C:\PROGRA~3\TotalAV\logs\threat.log [1]
=> logs -- C:\PROGRA~3\TotalAV\logs [1]
=> lwfzozoj.lhw.queue -- C:\PROGRA~3\TotalAV\queues\lwfzozoj.lhw.queue [1]
=> ztle0ru2.avk.queue -- C:\PROGRA~3\TotalAV\queues\ztle0ru2.avk.queue [1]
=> queues -- C:\PROGRA~3\TotalAV\queues [1]
=> subinacl.exe -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\bins\subinacl.exe [1]
=> bins -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\bins [1]
=> devcon.exe -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\driver\amd64\devcon.exe [1]
=> OemWin2k.inf -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\driver\amd64\OemWin2k.inf [1]
=> tap0901.cat -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\driver\amd64\tap0901.cat [1]
=> tap0901.map -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\driver\amd64\tap0901.map [1]
=> tap0901.pdb -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\driver\amd64\tap0901.pdb [1]
=> tap0901.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\driver\amd64\tap0901.sys [1]
=> amd64 -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\driver\amd64 [1]
=> devcon.exe -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\driver\i386\devcon.exe [1]
=> OemWin2k.inf -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\driver\i386\OemWin2k.inf [1]
=> tap0901.cat -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\driver\i386\tap0901.cat [1]
=> tap0901.map -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\driver\i386\tap0901.map [1]
=> tap0901.pdb -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\driver\i386\tap0901.pdb [1]
=> tap0901.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\driver\i386\tap0901.sys [1]
=> i386 -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\driver\i386 [1]
=> driver -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\driver [1]
=> libcrypto-1_1.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\libcrypto-1_1.dll [1]
=> libssl-1_1.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\libssl-1_1.dll [1]
=> lib_SCAPI.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\lib_SCAPI.dll [1]
=> da_DK.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\locale\da_DK.mo [1]
=> de_DE.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\locale\de_DE.mo [1]
=> es_ES.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\locale\es_ES.mo [1]
=> fr_FR.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\locale\fr_FR.mo [1]
=> it_IT.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\locale\it_IT.mo [1]
=> nl_NL.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\locale\nl_NL.mo [1]
=> nn_NO.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\locale\nn_NO.mo [1]
=> pl_PL.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\locale\pl_PL.mo [1]
=> pt_PT.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\locale\pt_PT.mo [1]
=> sv_SE.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\locale\sv_SE.mo [1]
=> tr_TR.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\locale\tr_TR.mo [1]
=> locale -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\locale [1]
=> chrome-manifest.json -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\Manifest\chrome-manifest.json [1]
=> firefox-manifest.json -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\Manifest\firefox-manifest.json [1]
=> Manifest -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\Manifest [1]
=> Microsoft.VC90.CRT.manifest -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\Microsoft.VC90.CRT.manifest [1]
=> msvcm90.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\msvcm90.dll [1]
=> msvcp120.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\msvcp120.dll [1]
=> msvcp90.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\msvcp90.dll [1]
=> msvcr120.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\msvcr120.dll [1]
=> msvcr90.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\msvcr90.dll [1]
=> nfapi.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\nfapi.dll [1]
=> libcrypto-1_1.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\ovpn\libcrypto-1_1.dll [1]
=> liblzo2-2.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\ovpn\liblzo2-2.dll [1]
=> libpkcs11-helper-1.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\ovpn\libpkcs11-helper-1.dll [1]
=> libssl-1_1.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\ovpn\libssl-1_1.dll [1]
=> openssl.exe -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\ovpn\openssl.exe [1]
=> openvpn.exe -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\ovpn\openvpn.exe [1]
=> openvpn_down.bat -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\ovpn\openvpn_down.bat [1]
=> openvpn_up.bat -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\ovpn\openvpn_up.bat [1]
=> ovpn -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\ovpn [1]
=> PasswordExtension.Win.exe -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\PasswordExtension.Win.exe [1]
=> PasswordExtension.Win.exe.config -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\PasswordExtension.Win.exe.config [1]
=> ProtocolFilters.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\ProtocolFilters.dll [1]
=> SCAPI.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\SCAPI.dll [1]
=> SecurityProductInformation.ini -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\SecurityProductInformation.ini [1]
=> SecurityService.exe -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\SecurityService.exe [1]
=> SecurityService.exe.config -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\SecurityService.exe.config [1]
=> System.Data.SQLite.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\System.Data.SQLite.dll [1]
=> TotalAV.exe -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\TotalAV.exe [1]
=> TotalAV.exe.config -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\TotalAV.exe.config [1]
=> webshieldfilter.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\tdi\amd64\webshieldfilter.sys [1]
=> amd64 -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\tdi\amd64 [1]
=> webshieldfilter.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\tdi\i386\webshieldfilter.sys [1]
=> i386 -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\tdi\i386 [1]
=> tdi -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\tdi [1]
=> webshieldfilter.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\wfp\windows10\amd64\webshieldfilter.sys [1]
=> amd64 -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\wfp\windows10\amd64 [1]
=> webshieldfilter.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\wfp\windows10\i386\webshieldfilter.sys [1]
=> i386 -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\wfp\windows10\i386 [1]
=> windows10 -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\wfp\windows10 [1]
=> webshieldfilter.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\wfp\windows7\amd64\webshieldfilter.sys [1]
=> amd64 -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\wfp\windows7\amd64 [1]
=> webshieldfilter.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\wfp\windows7\i386\webshieldfilter.sys [1]
=> i386 -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\wfp\windows7\i386 [1]
=> windows7 -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\wfp\windows7 [1]
=> webshieldfilter.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\wfp\windows8\amd64\webshieldfilter.sys [1]
=> amd64 -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\wfp\windows8\amd64 [1]
=> webshieldfilter.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\wfp\windows8\i386\webshieldfilter.sys [1]
=> i386 -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\wfp\windows8\i386 [1]
=> windows8 -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\wfp\windows8 [1]
=> wfp -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv\wfp [1]
=> urldrv -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\urldrv [1]
=> Utilizr.Ras.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\Utilizr.Ras.dll [1]
=> vccorlib120.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\vccorlib120.dll [1]
=> SQLite.Interop.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\x64\SQLite.Interop.dll [1]
=> x64 -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\x64 [1]
=> SQLite.Interop.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\x86\SQLite.Interop.dll [1]
=> x86 -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted\x86 [1]
=> extracted -- C:\PROGRA~3\TotalAV\updates\5_5_83\extracted [1]
=> package.zip -- C:\PROGRA~3\TotalAV\updates\5_5_83\package.zip [1]
=> subinacl.exe -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\bins\subinacl.exe [1]
=> bins -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\bins [1]
=> devcon.exe -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\driver\amd64\devcon.exe [1]
=> OemWin2k.inf -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\driver\amd64\OemWin2k.inf [1]
=> tap0901.cat -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\driver\amd64\tap0901.cat [1]
=> tap0901.map -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\driver\amd64\tap0901.map [1]
=> tap0901.pdb -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\driver\amd64\tap0901.pdb [1]
=> tap0901.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\driver\amd64\tap0901.sys [1]
=> amd64 -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\driver\amd64 [1]
=> devcon.exe -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\driver\i386\devcon.exe [1]
=> OemWin2k.inf -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\driver\i386\OemWin2k.inf [1]
=> tap0901.cat -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\driver\i386\tap0901.cat [1]
=> tap0901.map -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\driver\i386\tap0901.map [1]
=> tap0901.pdb -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\driver\i386\tap0901.pdb [1]
=> tap0901.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\driver\i386\tap0901.sys [1]
=> i386 -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\driver\i386 [1]
=> driver -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\driver [1]
=> libcrypto-1_1.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\libcrypto-1_1.dll [1]
=> libssl-1_1.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\libssl-1_1.dll [1]
=> lib_SCAPI.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\lib_SCAPI.dll [1]
=> da_DK.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\locale\da_DK.mo [1]
=> de_DE.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\locale\de_DE.mo [1]
=> es_ES.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\locale\es_ES.mo [1]
=> fr_FR.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\locale\fr_FR.mo [1]
=> it_IT.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\locale\it_IT.mo [1]
=> nl_NL.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\locale\nl_NL.mo [1]
=> nn_NO.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\locale\nn_NO.mo [1]
=> pl_PL.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\locale\pl_PL.mo [1]
=> pt_PT.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\locale\pt_PT.mo [1]
=> sv_SE.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\locale\sv_SE.mo [1]
=> tr_TR.mo -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\locale\tr_TR.mo [1]
=> locale -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\locale [1]
=> chrome-manifest.json -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\Manifest\chrome-manifest.json [1]
=> firefox-manifest.json -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\Manifest\firefox-manifest.json [1]
=> Manifest -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\Manifest [1]
=> Microsoft.VC90.CRT.manifest -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\Microsoft.VC90.CRT.manifest [1]
=> msvcm90.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\msvcm90.dll [1]
=> msvcp120.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\msvcp120.dll [1]
=> msvcp90.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\msvcp90.dll [1]
=> msvcr120.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\msvcr120.dll [1]
=> msvcr90.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\msvcr90.dll [1]
=> nfapi.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\nfapi.dll [1]
=> libcrypto-1_1.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\ovpn\libcrypto-1_1.dll [1]
=> liblzo2-2.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\ovpn\liblzo2-2.dll [1]
=> libpkcs11-helper-1.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\ovpn\libpkcs11-helper-1.dll [1]
=> libssl-1_1.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\ovpn\libssl-1_1.dll [1]
=> openssl.exe -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\ovpn\openssl.exe [1]
=> openvpn.exe -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\ovpn\openvpn.exe [1]
=> openvpn_down.bat -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\ovpn\openvpn_down.bat [1]
=> openvpn_up.bat -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\ovpn\openvpn_up.bat [1]
=> ovpn -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\ovpn [1]
=> PasswordExtension.Win.exe -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\PasswordExtension.Win.exe [1]
=> PasswordExtension.Win.exe.config -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\PasswordExtension.Win.exe.config [1]
=> ProtocolFilters.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\ProtocolFilters.dll [1]
=> SCAPI.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\SCAPI.dll [1]
=> SecurityProductInformation.ini -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\SecurityProductInformation.ini [1]
=> SecurityService.exe -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\SecurityService.exe [1]
=> SecurityService.exe.config -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\SecurityService.exe.config [1]
=> System.Data.SQLite.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\System.Data.SQLite.dll [1]
=> TotalAV.exe -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\TotalAV.exe [1]
=> TotalAV.exe.config -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\TotalAV.exe.config [1]
=> webshieldfilter.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\tdi\amd64\webshieldfilter.sys [1]
=> amd64 -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\tdi\amd64 [1]
=> webshieldfilter.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\tdi\i386\webshieldfilter.sys [1]
=> i386 -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\tdi\i386 [1]
=> tdi -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\tdi [1]
=> webshieldfilter.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\wfp\windows10\amd64\webshieldfilter.sys [1]
=> amd64 -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\wfp\windows10\amd64 [1]
=> webshieldfilter.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\wfp\windows10\i386\webshieldfilter.sys [1]
=> i386 -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\wfp\windows10\i386 [1]
=> windows10 -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\wfp\windows10 [1]
=> webshieldfilter.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\wfp\windows7\amd64\webshieldfilter.sys [1]
=> amd64 -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\wfp\windows7\amd64 [1]
=> webshieldfilter.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\wfp\windows7\i386\webshieldfilter.sys [1]
=> i386 -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\wfp\windows7\i386 [1]
=> windows7 -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\wfp\windows7 [1]
=> webshieldfilter.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\wfp\windows8\amd64\webshieldfilter.sys [1]
=> amd64 -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\wfp\windows8\amd64 [1]
=> webshieldfilter.sys -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\wfp\windows8\i386\webshieldfilter.sys [1]
=> i386 -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\wfp\windows8\i386 [1]
=> windows8 -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\wfp\windows8 [1]
=> wfp -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv\wfp [1]
=> urldrv -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\urldrv [1]
=> Utilizr.Ras.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\Utilizr.Ras.dll [1]
=> vccorlib120.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\vccorlib120.dll [1]
=> SQLite.Interop.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\x64\SQLite.Interop.dll [1]
=> x64 -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\x64 [1]
=> SQLite.Interop.dll -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\x86\SQLite.Interop.dll [1]
=> x86 -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev\x86 [1]
=> prev -- C:\PROGRA~3\TotalAV\updates\5_5_83\prev [1]
=> 5_5_83 -- C:\PROGRA~3\TotalAV\updates\5_5_83 [1]
=> aebb.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aebb.dll [1]
=> aecore.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aecore.dll [1]
=> aecrypto.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aecrypto.dll [1]
=> aedroid.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aedroid.dll [1]
=> aedroid_gwf.dat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aedroid_gwf.dat [1]
=> aeemu.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aeemu.dll [1]
=> aeexp.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aeexp.dll [1]
=> aeexp_gwf.dat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aeexp_gwf.dat [1]
=> aegen.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aegen.dll [1]
=> aehelp.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aehelp.dll [1]
=> aeheur.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aeheur.dll [1]
=> aeheur_agen.dat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aeheur_agen.dat [1]
=> aeheur_gwf.dat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aeheur_gwf.dat [1]
=> aeheur_mv.dat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aeheur_mv.dat [1]
=> aelibinf.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aelibinf.dll [1]
=> aelibinf_db.dat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aelibinf_db.dat [1]
=> aelidb.dat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aelidb.dat [1]
=> aemobile.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aemobile.dll [1]
=> aeoffice.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aeoffice.dll [1]
=> aeoffice_gwf.dat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aeoffice_gwf.dat [1]
=> aepack.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aepack.dll [1]
=> aerdl.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aerdl.dll [1]
=> aesbx.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aesbx.dll [1]
=> aescn.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aescn.dll [1]
=> aescript.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aescript.dll [1]
=> aeset.dat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aeset.dat [1]
=> aevdf.dat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aevdf.dat [1]
=> aevdf.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\aevdf.dll [1]
=> amswsccomm.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\amswsccomm.dll [1]
=> ams_setup.exe -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\ams_setup.exe [1]
=> apcfile.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\apcfile.dll [1]
=> apchash.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\apchash.dll [1]
=> avupdate-savapilib-engine.conf -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\avupdate-savapilib-engine.conf [1]
=> avupdate.exe -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\avupdate.exe [1]
=> avupdate_msg.avr -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\avupdate_msg.avr [1]
=> cacert.crt -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\cacert.crt [1]
=> AMSAgent.exe -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\elam_ppl\AMSAgent.exe [1]
=> AMSProtectedService.exe -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\elam_ppl\AMSProtectedService.exe [1]
=> concrt140.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\elam_ppl\concrt140.dll [1]
=> mfc140u.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\elam_ppl\mfc140u.dll [1]
=> msvcp140.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\elam_ppl\msvcp140.dll [1]
=> vcruntime140.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\elam_ppl\vcruntime140.dll [1]
=> amselam.sys -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\elam_ppl\win32\win10RS6\amselam.sys [1]
=> win10RS6 -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\elam_ppl\win32\win10RS6 [1]
=> win32 -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\elam_ppl\win32 [1]
=> amselam.sys -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\elam_ppl\win64\win10RS6\amselam.sys [1]
=> win10RS6 -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\elam_ppl\win64\win10RS6 [1]
=> win64 -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\elam_ppl\win64 [1]
=> elam_ppl -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\elam_ppl [1]
=> README -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\README [1]
=> avgio.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win7\avgio.dll [1]
=> avgntflt.cat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win7\avgntflt.cat [1]
=> avgntflt.inf -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win7\avgntflt.inf [1]
=> avgntflt.sys -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win7\avgntflt.sys [1]
=> avipbb.cat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win7\avipbb.cat [1]
=> avipbb.inf -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win7\avipbb.inf [1]
=> avipbb.sys -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win7\avipbb.sys [1]
=> avkmgr.cat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win7\avkmgr.cat [1]
=> avkmgr.inf -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win7\avkmgr.inf [1]
=> avkmgr.sys -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win7\avkmgr.sys [1]
=> win7 -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win7 [1]
=> avgio.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win8\avgio.dll [1]
=> avgntflt.cat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win8\avgntflt.cat [1]
=> avgntflt.inf -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win8\avgntflt.inf [1]
=> avgntflt.sys -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win8\avgntflt.sys [1]
=> avipbb.cat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win8\avipbb.cat [1]
=> avipbb.inf -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win8\avipbb.inf [1]
=> avipbb.sys -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win8\avipbb.sys [1]
=> avkmgr.cat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win8\avkmgr.cat [1]
=> avkmgr.inf -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win8\avkmgr.inf [1]
=> avkmgr.sys -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win8\avkmgr.sys [1]
=> win8 -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32\win8 [1]
=> win32 -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win32 [1]
=> avgio.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win7\avgio.dll [1]
=> avgntflt.cat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win7\avgntflt.cat [1]
=> avgntflt.inf -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win7\avgntflt.inf [1]
=> avgntflt.sys -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win7\avgntflt.sys [1]
=> avipbb.cat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win7\avipbb.cat [1]
=> avipbb.inf -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win7\avipbb.inf [1]
=> avipbb.sys -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win7\avipbb.sys [1]
=> avkmgr.cat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win7\avkmgr.cat [1]
=> avkmgr.inf -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win7\avkmgr.inf [1]
=> avkmgr.sys -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win7\avkmgr.sys [1]
=> win7 -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win7 [1]
=> avgio.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win8\avgio.dll [1]
=> avgntflt.cat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win8\avgntflt.cat [1]
=> avgntflt.inf -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win8\avgntflt.inf [1]
=> avgntflt.sys -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win8\avgntflt.sys [1]
=> avipbb.cat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win8\avipbb.cat [1]
=> avipbb.inf -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win8\avipbb.inf [1]
=> avipbb.sys -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win8\avipbb.sys [1]
=> avkmgr.cat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win8\avkmgr.cat [1]
=> avkmgr.inf -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win8\avkmgr.inf [1]
=> avkmgr.sys -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win8\avkmgr.sys [1]
=> win8 -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64\win8 [1]
=> win64 -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access\win64 [1]
=> on_access -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\on_access [1]
=> productname.dat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\productname.dat [1]
=> savapi.conf -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\savapi.conf [1]
=> savapi.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\savapi.dll [1]
=> savapi.exe -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\savapi.exe [1]
=> savapiclient.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\savapiclient.dll [1]
=> savapi_post.bat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\savapi_post.bat [1]
=> savapi_pre.bat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\savapi_pre.bat [1]
=> savapi_pretest.bat -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\savapi_pretest.bat [1]
=> savapi_restart.exe -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\savapi_restart.exe [1]
=> savapi_stub.exe -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\savapi_stub.exe [1]
=> vdfupd.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\vdfupd.dll [1]
=> xvdfmerge.dll -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0\xvdfmerge.dll [1]
=> SAVAPI 5.0.0 -- C:\PROGRA~3\TotalAV\updates\SAVAPI 5.0.0 [1]
=> updates -- C:\PROGRA~3\TotalAV\updates [1]
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Juliana Lira

 

  1. Clique no menu Iniciar, e após isso clique com o botão direito do mouse sob Este computador e selecione a opção Propriedades. .

  2. Em Propriedades, selecione a opção Configurações avançadas do sistema.

  3. Vá na aba Proteção do Sistema, e em Restauração do Sistema, vá na opção Criar.

    fce2f587-5556-456b-93d4-00966ae7f59d

  4. Depois basta seguir as instruções em tela, para criar seu ponto de restauração.

    OBS: Lembre-se de colocar um nome de fácil entendimento para uma posterior restauração a partir deste ponto.

Pressione as teclas Windows conheca-atalhos-de-teclado-para-dominar- + R e digite: msconfig
 
- Clique na guia Serviços, marque a opção Ocultar todos os serviços Microsoft e depois clique em Desativar tudo
- Clique na guia Inicialização de Programas e clique em Abrir Gerenciador de Tarefas
- Clique com o botão direito em cada entrada da inicialização e clique em Desabilitar/Desativar.

Volte para a tela de Configurações do Sistema e clique em Aplicar e depois em OK.
 
Siga as mensagens ate que seja solicitado a reiniciar.

Após isso me informe se os problemas em relação a malwares ainda persistem.

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Elias Pereira

 

O computador ficou bem mais leve ao iniciar. Porém rodei o malwarebytes e ele encontrou isso aqui:

 

Malwarebytes
www.malwarebytes.com

-Detalhes do Relatório-
Data da análise: 18/05/2020
Hora da análise: 19:42
Arquivo de relatório: d85f20c4-9958-11ea-8b9d-54bf644aa7ba.json

-Informações do Software-
Versão: 4.1.0.56
Versão de componentes: 1.0.835
Versão do pacote de definições: 1.0.24068
Licença: Gratuita

-Informações do Sistema-
Sistema operacional: Windows 10 (Build 17763.1217)
CPU: x64
Sistema de arquivos: NTFS
Usuário: JULIANALIRA\julii

-Resumo da Análise-
Tipo de análise: Análise de Ameaças
Análise Iniciada Por: Manual
Resultado: Concluída
Objetos verificados: 325114
Ameaças detectadas: 20
Ameaças em quarentena: 20
Tempo decorrido: 6 min, 59 seg

-Opções da Análise-
Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Desabilitado
Heurística: Habilitado
Programa Potencialmente Indesejado: Detetar
PUM: Detetar

-Detalhes da Análise-
Processo: 0
(Nenhum item malicioso detectado)

Módulo: 0
(Nenhum item malicioso detectado)

Chave de registro: 5
RiskWare.KMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\R@1n-KMS\Office15ProPlus, Quarentena, 3711, 820459, , , , 
RiskWare.KMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D7731588-3DF8-4DA2-BEAE-F87402CF518D}, Quarentena, 3711, 820459, , , , 
RiskWare.KMS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{D7731588-3DF8-4DA2-BEAE-F87402CF518D}, Quarentena, 3711, 820459, , , , 
PUP.Optional.TotalAV, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\TotalAV_RASAPI32, Quarentena, 1669, 795108, 1.0.24068, , ame, 
PUP.Optional.TotalAV, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\TotalAV_RASMANCS, Quarentena, 1669, 795108, 1.0.24068, , ame, 

Valor de registro: 0
(Nenhum item malicioso detectado)

Dados de registro: 0
(Nenhum item malicioso detectado)

Fluxo de dados: 0
(Nenhum item malicioso detectado)

Pasta: 3
PUP.Optional.TotalAV, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV\5.0.0, Quarentena, 1669, 795099, , , , 
PUP.Optional.TotalAV, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\TOTALAV, Quarentena, 1669, 795099, 1.0.24068, , ame, 
RiskWare.KMS, C:\WINDOWS\SYSTEM32\TASKS\R@1N-KMS, Quarentena, 3711, 820459, 1.0.24068, , ame, 

Arquivo: 12
PUP.Optional.TotalAV, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV\5.0.0\avira32redist.zip, Quarentena, 1669, 795099, , , , 
PUP.Optional.TotalAV, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV\vdf_1583500348.zip, Quarentena, 1669, 795099, , , , 
PUP.Optional.TotalAV, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV\vdf_1585139152.zip, Quarentena, 1669, 795099, , , , 
RiskWare.KMS, C:\Windows\System32\Tasks\R@1n-KMS\Office15ProPlus, Quarentena, 3711, 820459, , , , 
PUP.Optional.TotalAV, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\32ECFD446F9BFE4C.VIR, Quarentena, 1669, 795109, 1.0.24068, , ame, 
PUP.Optional.TotalAV, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\9C22EFD6E7565AC9.VIR, Quarentena, 1669, 795109, 1.0.24068, , ame, 
PUP.Optional.TotalAV, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\0BA885BFCEDAB902.VIR, Quarentena, 1669, 795109, 1.0.24068, , ame, 
PUP.Optional.TotalAV, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\770009716301FCFB.VIR, Quarentena, 1669, 795109, 1.0.24068, , ame, 
PUP.Optional.TotalAV, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\B4BFD79827383947.VIR, Quarentena, 1669, 795109, 1.0.24068, , ame, 
PUP.Optional.TotalAV, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\B6387528BC25F125.VIR, Quarentena, 1669, 795109, 1.0.24068, , ame, 
PUP.Optional.TotalAV, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\DE552A73ED6D5ABD.VIR, Quarentena, 1669, 795109, 1.0.24068, , ame, 
Malware.Generic.3691863201, C:\USERS\JULII\ONEDRIVE\DESKTOP\ZA-SCAN.EXE, Quarentena, 1000000, 0, 1.0.24068, 4EEA4435C23F6067DC0D5CA1, dds, 00725646

Setor físico: 0
(Nenhum item malicioso detectado)

Instrumentação do Windows (WMI): 0
(Nenhum item malicioso detectado)


(end)

Compartilhar este post


Link para o post
Compartilhar em outros sites

@Juliana Lira

 

Ele encontrou um ativador do office e infecções que estavam na quarentena do RogueKiller. Rode novamente e remova as entradas.

 

No mais, tudo tranquilo.


MANTENHA O SO ATUALIZADO:
Mantenha como "automatica" as atualizações do windows. Novas brechas de segurança são descobertas com freqüência. Muitos malwares exploram essas brechas, infectando sistemas sem depender de nenhuma ação do usuário. A Microsoft corrige essas brechas através das atualizações. Por isso é fundamental manter o seu sistema atualizado.

Se não tiver mais problema em relação a malwares, clique em Denunciar Post localizado no topo da pagina e diga que seu topico está RESOLVIDO. Se você tiver alguma dúvida relacionada a informática e tecnologia, sinta-se à vontade para postar em qualquer área do CdH.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Problema resolvido!

 

Caso o autor necessite, o mesmo será reaberto, para isso deverá entrar em contato com um Analista de Segurança ou Coordenador solicitando o desbloqueio.

 

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas comunidades sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

Aprenda a ler resistores e capacitores

EBOOK GRÁTIS!

CLIQUE AQUI E BAIXE AGORA MESMO!