Ir para conteúdo

BABOO e KTS 2018 no YouTube Loja online do BABOO

segny

Solicitação de Análise de Logs

Mensagem Recomendada

Boa tarde,

Já fiz todos os procedimentos solicitados no Tópico Oficial.

O meu problema é infeção.

Segue meu log para exame:  

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:24:15, on 17/10/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0608)
Boot mode: Normal

Running processes:
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Windows\TEMP\DPTF\esif_assist.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Users\Nicolas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\eM Client\MailClient.exe
C:\Program Files (x86)\eM Client\MailClient.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Users\Nicolas\Downloads\HijackThis(1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?PC=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://internetbanking.caixa.gov.br/SIIBC/index.processa
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131527188466230175&GUID=4171FAB0-00E8-460E-A562-76F06C6E0770
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehuni.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [Redirector] "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
O4 - HKLM\..\Run: [unpkcs1132] C:\Program Files (x86)\Common Files\unpkcs11buf\BRZPKCS32.exe -install
O4 - HKLM\..\Run: [unpkcs1164] C:\Program Files (x86)\Common Files\unpkcs11buf\BRZPKCS64.exe -install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Nicolas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE')
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Global Startup: Dell System Manager.lnk = C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
O8 - Extra context menu item: Barra de Ferramentas do RF - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
O8 - Extra context menu item: Capturar esta página - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Capturar favorito - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Capturar imagem - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Capturar seleção - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Nova nota - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Personalizar Menu - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Preencher - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html
O8 - Extra context menu item: Salvar Formulários - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html
O9 - Extra button: Preencher - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Preencher - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Salvar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Salvar Formulários - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Exibir Barra de Ferramentas - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Barra de Ferramentas do RF - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files (x86)\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: http://www.bb.com.br
O15 - Trusted Zone: http://www.caixa.gov.br
O15 - Trusted Zone: http://www.itau.com.br
O15 - Trusted Zone: http://www.itaupersonnalite.com.br
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} (ObjWinNTCheck Class) - https://172.17.0.4:4343/officescan/console/html/ClientInstall/WinNTChk.cab
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
O20 - Winlogon Notify:  GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
O20 - Winlogon Notify:  GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll
O23 - Service: 724929b6c04a295afad7e34e78c09f4b - Unknown owner - C:\Program Files\724929b6c04a295afad7e34e78c09f4b\18f4a8e3bbd5bc3dc9fd33825f61ae33.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @oem31.inf,%HidMonitor.SvcDisp%;Alps HID Monitor Service (ApHidMonitorService) - Alps Electric Co., Ltd. - C:\Program Files\DellTPad\HidMonitorSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - c:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - c:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: Dell System Manager Service (dcpsysmgrsvc) - Dell Inc. - C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
O23 - Service: Dell Foundation Services - Dell - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: Dell Product Registration Manager (DellProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
O23 - Service: Dell Update Service (DellUpdate) - Dell Inc. - C:\Program Files (x86)\Dell Update\DellUpService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem86.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\Windows\system32\ibtsiva (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: IntelUSBoverIP - Intel - C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\Windows\System32\drivers\o2flash.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: The vSnapshot Service (ThevSnapshotService) - Unknown owner - C:\Program Files (x86)\vSnapshot\1.2.0.0\vSnapshotServ.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe
O23 - Service: Waves Audio Services (WavesSysSvc) - Waves Audio Ltd. - C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 19912 bytes

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Amigo, baixe MbrScan.exe by Eric_71 > salve no desktop.

Dê um duplo-clique para executar a ferramenta. Clique no botão Scan. Ao final do exame clique no botão Report. Abrirá um bloco de notas com o resultado do exame. É salvo no desktop com o nome de MbrScan.log.

Selecione, copie e cole o seu conteúdo na próxima resposta.

Baixe Farbar Service Scanner e salve no desktop. Execute a ferramenta.

Além das checkboxes que já estão marcadas por padrão, marque as seguintes:

  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender
  • Other Services


Clique em Scan e aguarde o exame acabar, Ao final será gerado um log chamado FSS.txt que é salvo no mesmo diretório que está o FSS, ou seja, no desktop.

Selecione, copie e cole o seu conteúdo na próxima resposta.

 


 

 

xerl_roums_16.JPG

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá amigo,

 

Seguem os Logs:

 

MBRScan v1.1.1

OS             : Windows 8  (64 bit)
PROCESSOR      : Intel64 Family 6 Model 61 Stepping 4, GenuineIntel
BOOT           : Normal Boot
DATE           : 2017/10/17 (ISO 8601) at 16:13:34
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __ST500LX012-1LM162-SSHD (0001SDM1)
BUS_TYPE       : (0x08)  RAID
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0    465.8 Go  [Fixed] ==> Unknown MBR Code...

MBR_MD5   : 71E7E3737903D01323E9625038AA79F5
MBR_SHA1  : C29FBC475DD6766ED6F324FC2BF4947959CCEAD6

Device\Harddisk0\Partition1    2.00 To      0xEE EFI GPT[1]
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\Windows\system32\ntoskrnl.exe => Invisible on the disk
ADDRESS : 0x8F61E000
SIZE    : 8.54 Mo

DRIVER  : C:\Windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x8FEA7000
SIZE    : 496.0 Ko

DRIVER  : C:\Windows\system32\kd.dll => Invisible on the disk
ADDRESS : 0x90000000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x6AC40000
SIZE    : 568.0 Ko

DRIVER  : C:\Windows\System32\drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x6ACD0000
SIZE    : 380.0 Ko

DRIVER  : C:\Windows\System32\drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x6AD30000
SIZE    : 164.0 Ko

DRIVER  : C:\Windows\System32\drivers\werkernel.sys => Invisible on the disk
ADDRESS : 0x6AD60000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\System32\drivers\CLFS.SYS => Invisible on the disk
ADDRESS : 0x6AD80000
SIZE    : 404.0 Ko

DRIVER  : C:\Windows\System32\drivers\tm.sys => Invisible on the disk
ADDRESS : 0x6A800000
SIZE    : 148.0 Ko

DRIVER  : C:\Windows\System32\drivers\FLTMGR.SYS => Invisible on the disk
ADDRESS : 0x6A860000
SIZE    : 404.0 Ko

DRIVER  : C:\Windows\System32\drivers\clipsp.sys => Invisible on the disk
ADDRESS : 0x6A8D0000
SIZE    : 896.0 Ko

DRIVER  : C:\Windows\System32\drivers\cmimcext.sys => Invisible on the disk
ADDRESS : 0x6A9B0000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\ntosext.sys => Invisible on the disk
ADDRESS : 0x6A9C0000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x6A9D0000
SIZE    : 672.0 Ko

DRIVER  : C:\Windows\System32\drivers\cng.sys => Invisible on the disk
ADDRESS : 0x6AA80000
SIZE    : 648.0 Ko

DRIVER  : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x6AB30000
SIZE    : 888.0 Ko

DRIVER  : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x6AC10000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\system32\drivers\SleepStudyHelper.sys => Invisible on the disk
ADDRESS : 0x6AC30000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\Drivers\acpiex.sys => Invisible on the disk
ADDRESS : 0x6AE90000
SIZE    : 140.0 Ko

DRIVER  : C:\Windows\System32\Drivers\WppRecorder.sys => Invisible on the disk
ADDRESS : 0x6AEC0000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x6AED0000
SIZE    : 732.0 Ko

DRIVER  : C:\Windows\System32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x6AF90000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\System32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x6AFA0000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x6AE00000
SIZE    : 364.0 Ko

DRIVER  : C:\Windows\System32\drivers\tpm.sys => Invisible on the disk
ADDRESS : 0x6AFB0000
SIZE    : 232.0 Ko

DRIVER  : C:\Windows\System32\drivers\intelpep.sys => Invisible on the disk
ADDRESS : 0x6AE60000
SIZE    : 92.0 Ko

DRIVER  : C:\Windows\system32\drivers\WindowsTrustedRT.sys => Invisible on the disk
ADDRESS : 0x6B270000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys => Invisible on the disk
ADDRESS : 0x6B290000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x6B2A0000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\System32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x6B2C0000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\system32\drivers\pdc.sys => Invisible on the disk
ADDRESS : 0x6B2E0000
SIZE    : 140.0 Ko

DRIVER  : C:\Windows\system32\drivers\CEA.sys => Invisible on the disk
ADDRESS : 0x6B310000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x6B330000
SIZE    : 172.0 Ko

DRIVER  : C:\Windows\System32\drivers\spaceport.sys => Invisible on the disk
ADDRESS : 0x6B360000
SIZE    : 592.0 Ko

DRIVER  : C:\Windows\System32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x6B000000
SIZE    : 100.0 Ko

DRIVER  : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x6B020000
SIZE    : 376.0 Ko

DRIVER  : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x6B080000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\System32\drivers\iaStorA.sys => Invisible on the disk
ADDRESS : 0x6C0C0000
SIZE    : 2.79 Mo

DRIVER  : C:\Windows\System32\drivers\storport.sys => Invisible on the disk
ADDRESS : 0x6B400000
SIZE    : 552.0 Ko

DRIVER  : C:\Windows\System32\drivers\EhStorClass.sys => Invisible on the disk
ADDRESS : 0x6B490000
SIZE    : 112.0 Ko

DRIVER  : C:\Windows\System32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x6B4B0000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Wof.sys => Invisible on the disk
ADDRESS : 0x6B4D0000
SIZE    : 236.0 Ko

DRIVER  : C:\Windows\system32\drivers\WdFilter.sys => Invisible on the disk
ADDRESS : 0x6B510000
SIZE    : 312.0 Ko

DRIVER  : C:\Windows\system32\drivers\MBAMSwissArmy.sys => Invisible on the disk
ADDRESS : 0x6B560000
SIZE    : 256.0 Ko

DRIVER  : C:\Windows\system32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x6B5A0000
SIZE    : 404.0 Ko

DRIVER  : C:\Windows\System32\Drivers\NTFS.sys => Invisible on the disk
ADDRESS : 0x6B610000
SIZE    : 2.26 Mo

DRIVER  : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x6B860000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x6B870000
SIZE    : 1.21 Mo

DRIVER  : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x6B9B0000
SIZE    : 532.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x6BA40000
SIZE    : 192.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x6BA70000
SIZE    : 2.60 Mo

DRIVER  : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x6BD10000
SIZE    : 424.0 Ko

DRIVER  : C:\Windows\System32\drivers\wfplwfs.sys => Invisible on the disk
ADDRESS : 0x6BD80000
SIZE    : 176.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x6BDB0000
SIZE    : 728.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\stdcfltn.sys => Invisible on the disk
ADDRESS : 0x6BE70000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\drivers\volume.sys => Invisible on the disk
ADDRESS : 0x6BE80000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x6BE90000
SIZE    : 400.0 Ko

DRIVER  : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x6BF00000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x6BF50000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\drivers\iorate.sys => Invisible on the disk
ADDRESS : 0x6BF80000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\System32\drivers\IntelPcc.sys => Invisible on the disk
ADDRESS : 0x6BFA0000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\System32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0x6BFD0000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x6C010000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\System32\drivers\cdrom.sys => Invisible on the disk
ADDRESS : 0x6CD10000
SIZE    : 184.0 Ko

DRIVER  : C:\Windows\system32\drivers\filecrypt.sys => Invisible on the disk
ADDRESS : 0x6CD40000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\system32\drivers\tbs.sys => Invisible on the disk
ADDRESS : 0x6CD60000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x6CD70000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x6CD80000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ctxusbm.sys => Invisible on the disk
ADDRESS : 0x6CD90000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\System32\drivers\BasicDisplay.sys => Invisible on the disk
ADDRESS : 0x6CDB0000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x6CDD0000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x6DD20000
SIZE    : 2.35 Mo

DRIVER  : C:\Windows\System32\drivers\vmbkmclr.sys => Invisible on the disk
ADDRESS : 0x6DF80000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\System32\drivers\BasicRender.sys => Invisible on the disk
ADDRESS : 0x6DFA0000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\drivers\wsddfac.sys => Invisible on the disk
ADDRESS : 0x6DFB0000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x6DFC0000
SIZE    : 100.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x6DFE0000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\drivers\gbpddfac64.sys => Invisible on the disk
ADDRESS : 0x6DFF0000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x6D200000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x6D230000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x6D240000
SIZE    : 328.0 Ko

DRIVER  : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x6D2A0000
SIZE    : 620.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wsddntf.sys => Invisible on the disk
ADDRESS : 0x6D340000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\System32\drivers\vwififlt.sys => Invisible on the disk
ADDRESS : 0x6D350000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\System32\drivers\pacer.sys => Invisible on the disk
ADDRESS : 0x6D370000
SIZE    : 164.0 Ko

DRIVER  : C:\Windows\system32\drivers\netbios.sys => Invisible on the disk
ADDRESS : 0x6D3A0000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x6D3C0000
SIZE    : 468.0 Ko

DRIVER  : C:\Windows\system32\drivers\csc.sys => Invisible on the disk
ADDRESS : 0x6D440000
SIZE    : 572.0 Ko

DRIVER  : C:\Windows\System32\drivers\zamguard64.sys => Invisible on the disk
ADDRESS : 0x6D4D0000
SIZE    : 520.0 Ko

DRIVER  : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x6D570000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\drivers\npsvctrig.sys => Invisible on the disk
ADDRESS : 0x6D590000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\System32\drivers\mssmbios.sys => Invisible on the disk
ADDRESS : 0x6D5A0000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\drivers\gpuenergydrv.sys => Invisible on the disk
ADDRESS : 0x6D5B0000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x6D5C0000
SIZE    : 172.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ahcache.sys => Invisible on the disk
ADDRESS : 0x6D610000
SIZE    : 260.0 Ko

DRIVER  : C:\Windows\System32\drivers\usb3Hub.sys => Invisible on the disk
ADDRESS : 0x6D680000
SIZE    : 228.0 Ko

DRIVER  : C:\Windows\System32\drivers\USBD.SYS => Invisible on the disk
ADDRESS : 0x6D6C0000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\kdnic.sys => Invisible on the disk
ADDRESS : 0x6D6D0000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\drivers\umbus.sys => Invisible on the disk
ADDRESS : 0x6D6E0000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\System32\drivers\CAD.sys => Invisible on the disk
ADDRESS : 0x6D700000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\igdkmd64.sys => Invisible on the disk
ADDRESS : 0x6ED40000
SIZE    : 7.75 Mo

DRIVER  : C:\Windows\System32\drivers\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x6F510000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\System32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x6F530000
SIZE    : 396.0 Ko

DRIVER  : C:\Windows\System32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x6F5A0000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\System32\drivers\ks.sys => Invisible on the disk
ADDRESS : 0x6E800000
SIZE    : 412.0 Ko

DRIVER  : C:\Windows\System32\Drivers\fastfat.SYS => Invisible on the disk
ADDRESS : 0x6E870000
SIZE    : 368.0 Ko

DRIVER  : C:\Windows\System32\drivers\dptf_cpu.sys => Invisible on the disk
ADDRESS : 0x6E8D0000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\drivers\USBXHCI.SYS => Invisible on the disk
ADDRESS : 0x6E8E0000
SIZE    : 400.0 Ko

DRIVER  : C:\Windows\system32\drivers\ucx01000.sys => Invisible on the disk
ADDRESS : 0x6E950000
SIZE    : 228.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\TeeDriverx64.sys => Invisible on the disk
ADDRESS : 0x6E990000
SIZE    : 140.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\e1d65x64.sys => Invisible on the disk
ADDRESS : 0x6E9C0000
SIZE    : 532.0 Ko

DRIVER  : C:\Windows\System32\drivers\O2FJ2w8x64.sys => Invisible on the disk
ADDRESS : 0x6EA50000
SIZE    : 200.0 Ko

DRIVER  : C:\Windows\System32\drivers\SCSIPORT.SYS => Invisible on the disk
ADDRESS : 0x6EA90000
SIZE    : 196.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\Netwtw04.sys => Invisible on the disk
ADDRESS : 0x97EA0000
SIZE    : 7.53 Mo

DRIVER  : C:\Windows\system32\DRIVERS\wdiwifi.sys => Invisible on the disk
ADDRESS : 0x98630000
SIZE    : 768.0 Ko

DRIVER  : C:\Windows\System32\drivers\vwifibus.sys => Invisible on the disk
ADDRESS : 0x986F0000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\usbehci.sys => Invisible on the disk
ADDRESS : 0x98700000
SIZE    : 112.0 Ko

DRIVER  : C:\Windows\System32\drivers\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x98720000
SIZE    : 476.0 Ko

DRIVER  : C:\Windows\System32\drivers\dptf_acpi.sys => Invisible on the disk
ADDRESS : 0x987A0000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\i8042prt.sys => Invisible on the disk
ADDRESS : 0x987B0000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\System32\drivers\kbdclass.sys => Invisible on the disk
ADDRESS : 0x987E0000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\Apfiltr.sys => Invisible on the disk
ADDRESS : 0x97E00000
SIZE    : 604.0 Ko

DRIVER  : C:\Windows\System32\drivers\mouclass.sys => Invisible on the disk
ADDRESS : 0x6EAD0000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\System32\drivers\parport.sys => Invisible on the disk
ADDRESS : 0x6EAF0000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ST_Accel.sys => Invisible on the disk
ADDRESS : 0x6EB10000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\System32\drivers\intelppm.sys => Invisible on the disk
ADDRESS : 0x6EB30000
SIZE    : 224.0 Ko

DRIVER  : C:\Windows\System32\drivers\acpipagr.sys => Invisible on the disk
ADDRESS : 0x6EB70000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\wmiacpi.sys => Invisible on the disk
ADDRESS : 0x6EB80000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\System32\drivers\CmBatt.sys => Invisible on the disk
ADDRESS : 0x6EB90000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\BATTC.SYS => Invisible on the disk
ADDRESS : 0x6EBA0000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\DellRbtn.sys => Invisible on the disk
ADDRESS : 0x6EBB0000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\System32\drivers\mshidkmdf.sys => Invisible on the disk
ADDRESS : 0x6EBC0000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x6EBD0000
SIZE    : 204.0 Ko

DRIVER  : C:\Windows\System32\drivers\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x6EC10000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\drivers\NdisVirtualBus.sys => Invisible on the disk
ADDRESS : 0x6ECB0000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\drivers\swenum.sys => Invisible on the disk
ADDRESS : 0x6ECC0000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\System32\drivers\iwdbus.sys => Invisible on the disk
ADDRESS : 0x6ECD0000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\System32\drivers\rdpbus.sys => Invisible on the disk
ADDRESS : 0x6ECE0000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\drivers\usbhub.sys => Invisible on the disk
ADDRESS : 0x6D720000
SIZE    : 520.0 Ko

DRIVER  : C:\Windows\System32\drivers\UsbHub3.sys => Invisible on the disk
ADDRESS : 0x6D7B0000
SIZE    : 560.0 Ko

DRIVER  : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x6ECF0000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\drivers\RTDVHD64.sys => Invisible on the disk
ADDRESS : 0x6D840000
SIZE    : 2.76 Mo

DRIVER  : C:\Windows\System32\drivers\usbccgp.sys => Invisible on the disk
ADDRESS : 0x6ED00000
SIZE    : 196.0 Ko

DRIVER  : C:\Windows\System32\drivers\hidusb.sys => Invisible on the disk
ADDRESS : 0x6F5D0000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\drivers\mouhid.sys => Invisible on the disk
ADDRESS : 0x6F5F0000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\System32\win32kbase.sys => Invisible on the disk
ADDRESS : 0x1F250000
SIZE    : 2.02 Mo

DRIVER  : C:\Windows\System32\Drivers\dump_diskdump.sys => Invisible on the disk
ADDRESS : 0x6D5F0000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_iaStorA.sys => Invisible on the disk
ADDRESS : 0x6CDF0000
SIZE    : 2.79 Mo

DRIVER  : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x6DB30000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ibtusb.sys => Invisible on the disk
ADDRESS : 0x6DB50000
SIZE    : 236.0 Ko

DRIVER  : C:\Windows\System32\drivers\BTHUSB.sys => Invisible on the disk
ADDRESS : 0x6DB90000
SIZE    : 112.0 Ko

DRIVER  : C:\Windows\System32\drivers\bthport.sys => Invisible on the disk
ADDRESS : 0x6DBB0000
SIZE    : 988.0 Ko

DRIVER  : C:\Windows\System32\Drivers\usbvideo.sys => Invisible on the disk
ADDRESS : 0x6DCB0000
SIZE    : 292.0 Ko

DRIVER  : C:\Windows\System32\drivers\dxgmms2.sys => Invisible on the disk
ADDRESS : 0x6D0C0000
SIZE    : 716.0 Ko

DRIVER  : C:\Windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x1F470000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x1F480000
SIZE    : 260.0 Ko

DRIVER  : C:\Windows\System32\drivers\monitor.sys => Invisible on the disk
ADDRESS : 0x6DD00000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\System32\Drivers\cvusbdrv.sys => Invisible on the disk
ADDRESS : 0x6D180000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0x6CCD0000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\System32\drivers\WinUSB.SYS => Invisible on the disk
ADDRESS : 0x6CCF0000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\System32\drivers\WUDFRd.sys => Invisible on the disk
ADDRESS : 0x6D1A0000
SIZE    : 244.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\scfilter.sys => Invisible on the disk
ADDRESS : 0x6D1E0000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\system32\drivers\wcifs.sys => Invisible on the disk
ADDRESS : 0x6C050000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x6C080000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\drivers\mmcss.sys => Invisible on the disk
ADDRESS : 0x6C390000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\system32\drivers\storqosflt.sys => Invisible on the disk
ADDRESS : 0x6C3B0000
SIZE    : 100.0 Ko

DRIVER  : C:\Windows\System32\drivers\registry.sys => Invisible on the disk
ADDRESS : 0x6D600000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\condrv.sys => Invisible on the disk
ADDRESS : 0x6C3D0000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\drivers\esif_lf.sys => Invisible on the disk
ADDRESS : 0x6B0A0000
SIZE    : 200.0 Ko

DRIVER  : C:\Windows\system32\drivers\lltdio.sys => Invisible on the disk
ADDRESS : 0x6C030000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\drivers\mslldp.sys => Invisible on the disk
ADDRESS : 0x6B0E0000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x6B100000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\drivers\rspndr.sys => Invisible on the disk
ADDRESS : 0x6B120000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\drivers\ndisuio.sys => Invisible on the disk
ADDRESS : 0x6B140000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x6B160000
SIZE    : 560.0 Ko

DRIVER  : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x8E600000
SIZE    : 1.08 Mo

DRIVER  : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x8E720000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x8E750000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x8E770000
SIZE    : 492.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x8E400000
SIZE    : 244.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x8E440000
SIZE    : 280.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x8E490000
SIZE    : 736.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x8E550000
SIZE    : 312.0 Ko

DRIVER  : C:\Windows\system32\drivers\Ndu.sys => Invisible on the disk
ADDRESS : 0x8E5A0000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x8EFD0000
SIZE    : 792.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x8F0A0000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x8F0C0000
SIZE    : 564.0 Ko

DRIVER  : C:\Windows\System32\drivers\vwifimp.sys => Invisible on the disk
ADDRESS : 0x998C0000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\Drivers\WdNisDrv.sys => Invisible on the disk
ADDRESS : 0x99900000
SIZE    : 140.0 Ko

DRIVER  : C:\Windows\system32\drivers\wsddprm.sys => Invisible on the disk
ADDRESS : 0x99990000
SIZE    : 36.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions :  NOEXECUTE=OPTIN  NOVGA

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000010   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000020   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000030   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000040   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 85 6D 58 49 00 00 00 00   .........mXI....
0x000001C0   02 00 EE FF FF FF 01 00 00 00 FF FF FF FF 00 00   ..î.............
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª
[/code]

 

 

 

 

Farbar Service Scanner Version: 27-01-2016
Ran by Nicolas (administrator) on 17-10-2017 at 16:16:06
Running from "C:\Users\Nicolas\Downloads"
Microsoft Windows 10 Pro  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.


Baixe o ZHPCleaner e salve no desktop.

http://www.nicolascoolman.fr/download/zhpcleaner-2/?wpdmdl=2148

Dê um duplo-clique sobre o ZHPCleaner.exe.

Clique no botão Scanner.

A ferramenta comecará o exame do seu sistema. Tenha paciência pois pode demorar um pouco dependendo da quantidades de ítens a examinar.

Ao final da verificação, clique no botão Reparar.

Concluído a operação, um log se abrirá. Caso isso não aconteça, clique no botão Relatório e salve o log.

Selecione, copie e cole o conteúdo deste log na sua próxima resposta.

 


 

 

xerl_roums_16.JPG

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá,

 

Rodei o ZHP cleaner, porem ao clicar no "reparar" e "relatorio" não aconteceu nada. Somente apareceu esta janela com 8 itens encontrados...

 

image.png.30706b2299a96207cff34cede108d774.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

 

Bom dia!

 

Segue o log

 

~ ZHPCleaner v2017.10.16.183 by Nicolas Coolman (2017/10/16)
~ Run by Nicolas (Administrator)  (18/10/2017 10:14:33)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version KO
~ Certificate ZHPCleaner: Legal
~ Type : Scanner
~ Report : C:\Users\Nicolas\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Nicolas\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit  (Build 15063)


---\\  Serviços (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Navegadores de Internet (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Arquivo hosts (1)
~ O arquivo hosts é legítimo (36)


---\\  Tarefas automáticas agendadas. (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Explorer ( Arquivos, Pastas) (4)
ENCONTRADO arquivo: C:\Users\Nicolas\AppData\Roaming\vSnapshot  =>.SUP.vSnapshot
ENCONTRADO arquivo: C:\Program Files (x86)\Dashlane  =>.SUP.Empty
ENCONTRADO arquivo: C:\Program Files (x86)\Miped  =>Adware.Suspect
ENCONTRADO arquivo: C:\Program Files (x86)\Company  =>PUP.Optional.Company


---\\  Registro ( Chaves, Valores, Dados ) (4)
ENCONTRADO chave: HKCU\Software\enjoyWifi []  =>.SUP.EnjoyWiFi
ENCONTRADO chave: HKLM\SYSTEM\CurrentControlSet\Services\IObitUnSvr []  =>.SUP.Elex
ENCONTRADO chave: [X64] HKLM\SOFTWARE\DtsEncodeTools []  =>PUP.Optional.WeatherTool
ENCONTRADO chave: [X64] HKLM\SOFTWARE\Wow6432Node\SrcAAAesom Browser Enhancer []  =>PUP.Optional.Wajam


---\\  Resumo dos elementos encontrados na sua estação de trabalho (8)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.vSnapshot
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty
https://nicolascoolman.eu/2017/03/02/adware-suspect/ =>Adware.Suspect
https://www.nicolascoolman.com/fr/link-657/ =>PUP.Optional.Company
https://nicolascoolman.eu/2017/09/27/adware-enjoywifi/ =>.SUP.EnjoyWiFi
https://nicolascoolman.eu/2017/03/28/superfluous-elex/ =>.SUP.Elex
https://www.nicolascoolman.com/fr/pup-optional-weathertool =>PUP.Optional.WeatherTool
https://nicolascoolman.eu/2017/02/24/pup-optional-wajam/ =>PUP.Optional.Wajam


---\\ Resultado de reparação
~ Eventuais reparações feita
~ Este navegador está faltando ! (Opera Software)


---\\ Estatísticas
~ Items scan : 96008
~ Items encontrado : 10
~ items cancelados : 0
~ Items réparo : 0


~ End of search in 00h05mn15s
~====================
ZHPCleaner--17102017-22_05_30.txt
ZHPCleaner--18102017-10_19_48.txt

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

segui os procedimentos, mas continuo impossibilitado de usar o Reparar...

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desative temporariamente seu AntiVirus.

Clique em esetsmartinstaller_enu.exe para baixar o ESET Smart Installer. Salve-o em seu desktop.

Dê um duplo clique no seu ícone no desktop.

  • Marque "YES, I accept the Terms of Use."
  • Clique em Start.
  • Aceite qualquer aviso de segurança de seu browser.
  • Marque as opções abaixo:
  • Enable detection of potencially unwanted applications.
  • Clique em Hide advanced settings e marque:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Clique Change e marque também a caixa Computador.
  • Clique em Start.
  • Ele vai atualizar por conta própria, e escanear o computador. Tenha paciência, o processo pode demorar horas.
  • Quando o scan terminar, clique em List Threats.
  • Clique em Export to text file e salve o log na sua área de trabalho.
  • Copie e cole o conteúdo em sua próxima resposta.
  • Obs: Se nada for encontrado, nenhum log será gerado.
  • Clique em Back.
  • Clique em Finish.

 


 

 

xerl_roums_16.JPG

Compartilhar este post


Link para o post
Compartilhar em outros sites

 

Bom dia!

 

segue o log:

 

C:\Program Files (x86)\vSnapshot\1.2.0.0\InstallHelper.exe    a variant of Win32/Toptools.I potentially unwanted application    cleaned by deleting
C:\Program Files (x86)\vSnapshot\1.2.0.0\vSnapshotServ.exe    a variant of Win32/Toptools.J potentially unwanted application    cleaned by deleting
C:\Users\Nicolas\AppData\Roaming\1337\Setup-logger.exe    Win64/CoinMiner.FH trojan    cleaned by deleting
C:\Users\Nicolas\Downloads\ccsetup532.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    cleaned by deleting

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ok, por favor, siga estas instruções:

1 - Atualize o Malwarebytes' Anti-Malware (MBAM)

  • Ao final da atualização, na tela de Configurações, na aba Proteção, ative Procurar rootkits;
  • Depois, no painel à esquerda, clique em Análise. Em seguida, clique no botão Iniciar Análise;
  • Começará então o exame. Aguarde, pois pode demorar. Ao terminar, uma janela irá se abrir próximo ao relógio;
  • Nela, clique em Ver Resultado. Deixe todas as entradas marcadas e clique no botão Colocar em Quarentena;
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo);
  • O log é automaticamente salvo pelo MBAM. Para exportá-lo, clique  na aba Relatórios -> Registro de aplicativos na janela principal do programa após a desinfecção ter sido realizada;
  • Clique duas vezes em cima do log mais atual e exporte em .TXT;
  • Selecione, copie e cole todo o conteúdo deste log em sua próxima resposta.


NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.
 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos durante a execução das ferramentas abaixo.


2 - Baixe o AdwCleaner e salve no desktop.

http://www.bleepingcomputer.com/download/adwcleaner/dl/125/

Dê um duplo-clique sobre o adwcleaner.exe.

Clique no botão Examinar e aguarde o exame finalizar.

Clique no botão Limpar.

Abrirá um bloco de notas com o resultado. Selecione, copie e cole o seu conteúdo na próxima resposta.
 
NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.


3 - Baixe o JRT e salve no desktop.

http://downloads.malwarebytes.org/file/jrt

Dê um duplo-clique para executar o Junkware Removal Tool (JRT).

A ferramenta comecará o exame do seu sistema. Tenha paciência pois pode demorar um pouco dependendo da quantidades de ítens a examinar.

Ao final, um log se abrirá. É salvo no desktop com o nome de JRT.txt.

Selecione, copie e cole o conteúdo deste log na sua próxima resposta.

 


 

 

xerl_roums_16.JPG

Compartilhar este post


Link para o post
Compartilhar em outros sites

×