joram
Highlander
Registrado
5.4K Mensagens
2.5K Curtidas
TRONNER
Cyber Highlander
Registrado
32.2K Mensagens
7.3K Curtidas
Antes de sugerir qualquer solução, você está enfrentando algum problema no computador ?!
joram
Highlander
Registrado
5.4K Mensagens
2.5K Curtidas
/!\ Boa Noite! Nickolas1993 /!\
> Desinstale: <7>
>> Registry Doctor (Shareware Version) (HKLM-x32\...\Registry Doctor (Shareware Version)_is1) (Version: 1.00 - © Optimize Your PC)
>> SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.9.15.197 - EnigmaSoft Limited)
>> Malware Eraser versão 1.2 (HKLM-x32\...\{D382E642-7EA5-4754-8DEB-1F9E931FF85F}_is1) (Version: 1.2 - TCPmonitor.altervista.org)
>> Mz 7 Optimizer (HKLM\...\Mz7Optimizer_is1) (Version: 1.1.0 - Mz 7 Optimizer)
>> Network Mechanic (HKLM-x32\...\Network Mechanic) (Version: 3.1 - Benutec Software, INC)
>> Throttle (HKLM-x32\...\Throttle_is1) (Version: 8.7.13.2020 - PGWARE LLC)
>> WinLib Toolbar Cleaner (HKLM-x32\...\WinLib Toolbar Cleaner_is1) (Version: - WinLib LLC)
>
>
> Copie estas informações que estão no Spoiler,para o Bloco de Notas.
> Salve-as com o nome fixlist. << Texto ou Unicode,caso solicite!
> Salve-as ao desktop! ( Área de trabalho ... )
> Mova a FRST ao desktop! (Executando a partir de C:\Users\HP\Downloads) << Diretório incorreto!
"fixlist"
start::
CloseProcesses:
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Secure Hunter LLC -> SecureHunter LLC) [Arquivo não assinado] C:\Program Files (x86)\SecureHunter\AntiMalwarePro\bin\shrtsrv.exe
Tcpip\..\Interfaces\{31BCF75D-3188-4041-ACD8-2F43FA8245E5}: [NameServer] 4.2.2.1,4.2.2.2
Tcpip\..\Interfaces\{F7250A6F-4E0E-498A-9BAE-A4829A3F41C8}: [NameServer] 4.2.2.1,4.2.2.2
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [12419128 2020-07-30] (EnigmaSoft Limited -> EnigmaSoft Limited)
S2 luminati_net_updater_win_megacubo_tv; C:\Users\HP\AppData\Roaming\Megacubo\305B\net_updater64.exe [2700624 2020-07-29] (Luminati Networks -> Luminati Networks Ltd.)
R2 Secure Hunter Service; C:\Program Files (x86)\SecureHunter\AntiMalwarePro\bin\shrtsrv.exe [47872 2016-11-22] (Secure Hunter LLC -> SecureHunter LLC) [Arquivo não assinado]
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [526904 2020-07-30] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
2020-07-31 23:17 - 2020-07-31 23:17 - 000028376 _____ C:\ComboFix.txt
2020-07-31 23:08 - 2011-06-26 03:45 - 000256000 _____ C:\Windows\PEV.exe
2020-07-31 23:08 - 2010-11-07 14:20 - 000208896 _____ C:\Windows\MBR.exe
2020-07-31 23:08 - 2009-04-20 01:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2020-07-31 23:08 - 2000-08-30 21:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2020-07-31 23:08 - 2000-08-30 21:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2020-07-31 23:08 - 2000-08-30 21:00 - 000098816 _____ C:\Windows\sed.exe
2020-07-31 23:08 - 2000-08-30 21:00 - 000080412 _____ C:\Windows\grep.exe
2020-07-31 23:08 - 2000-08-30 21:00 - 000068096 _____ C:\Windows\zip.exe
2020-07-31 23:07 - 2020-07-31 23:17 - 000000000 ____D C:\Qoobox
2020-07-31 23:07 - 2020-07-31 23:15 - 000000000 ____D C:\Windows\erdnt
2020-07-31 23:06 - 2020-07-31 23:07 - 005659583 ____R (Swearware) C:\Users\HP\Downloads\ComboFix.exe
2020-07-30 19:35 - 2020-08-01 12:47 - 000076744 _____ (EnigmaSoft Limited) C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys
2020-07-30 19:35 - 2020-07-30 19:35 - 000001014 _____ C:\Users\Todos os Usuários\Desktop\SpyHunter5.lnk
2020-07-30 19:35 - 2020-07-30 19:35 - 000001014 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2020-07-30 19:35 - 2020-07-30 19:35 - 000001014 _____ C:\ProgramData\Desktop\SpyHunter5.lnk
2020-07-30 19:35 - 2020-07-30 19:35 - 000000000 ____D C:\Users\Todos os Usuários\EnigmaSoft Limited
2020-07-30 19:35 - 2020-07-30 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2020-07-30 19:35 - 2020-07-30 19:35 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2020-07-30 19:34 - 2020-07-30 19:35 - 000000000 ____D C:\sh5ldr
2020-07-30 19:28 - 2020-07-30 19:28 - 000000000 ____D C:\Program Files\EnigmaSoft
2020-07-30 19:27 - 2020-07-30 19:28 - 006455520 _____ (EnigmaSoft Limited) C:\Users\HP\Downloads\SpyHunter-Installer.exe
2020-07-30 18:11 - 2020-07-30 18:11 - 000000000 ____D C:\Program Files\Trojan Killer
2020-07-30 18:10 - 2020-07-30 18:10 - 000001010 _____ C:\Users\Todos os Usuários\Desktop\Trojan Killer.lnk
2020-07-30 18:10 - 2020-07-30 18:10 - 000001010 _____ C:\Users\Public\Desktop\Trojan Killer.lnk
2020-07-30 18:10 - 2020-07-30 18:10 - 000001010 _____ C:\ProgramData\Desktop\Trojan Killer.lnk
2020-07-30 18:09 - 2020-07-30 18:23 - 000000000 ____D C:\Program Files (x86)\Trojan Killer
2020-07-30 17:57 - 2020-07-30 18:53 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware
2020-07-30 17:57 - 2020-07-30 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2020-07-30 17:57 - 2020-07-30 17:57 - 000000000 ____D C:\Users\Todos os Usuários\GridinSoft
2020-07-30 17:57 - 2020-07-30 17:57 - 000000000 ____D C:\ProgramData\GridinSoft
2020-07-30 17:56 - 2020-01-17 16:24 - 000000509 _____ C:\Users\HP\Desktop\readme.txt
2020-07-30 17:48 - 2020-07-30 17:59 - 080169795 _____ C:\Users\HP\Downloads\Trojan Killer [Portable Edition] 2.1.30 [MrSzzS].zip
2020-07-30 17:45 - 2020-07-30 17:56 - 090289118 _____ C:\Users\HP\Downloads\GridinSoft Anti-Malware 4.1.45.4945 [MrSzzS].zip
2020-07-29 20:49 - 2020-07-30 22:09 - 000000000 ____D C:\Users\HP\AppData\Local\megacubo
2020-07-28 00:27 - 2020-07-28 00:27 - 000001134 _____ C:\Users\Todos os Usuários\Desktop\Megacubo.lnk
2020-07-28 00:27 - 2020-07-28 00:27 - 000001134 _____ C:\Users\Public\Desktop\Megacubo.lnk
2020-07-28 00:27 - 2020-07-28 00:27 - 000001134 _____ C:\ProgramData\Desktop\Megacubo.lnk
2020-07-28 00:27 - 2020-07-28 00:27 - 000000000 ____D C:\Users\HP\AppData\Roaming\Megacubo
2020-07-28 00:27 - 2020-07-28 00:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Megacubo
2020-07-27 08:03 - 2020-07-27 08:04 - 000000000 ____D C:\Program Files (x86)\Malware Scan
2020-07-27 07:53 - 2020-07-27 18:26 - 000000000 ____D C:\Users\Todos os Usuários\Documents\Wise Anit Malware
2020-07-27 07:53 - 2020-07-27 18:26 - 000000000 ____D C:\Users\Public\Documents\Wise Anit Malware
2020-07-27 07:53 - 2020-07-27 18:26 - 000000000 ____D C:\ProgramData\Documents\Wise Anit Malware
2020-07-27 07:52 - 2020-07-27 07:52 - 000000000 ____D C:\Program Files\Wise
2020-07-27 07:48 - 2020-07-27 07:51 - 077049444 _____ C:\Users\HP\Downloads\Wise.Anti.Malware.PRO.2.1.8.106.zip
2020-07-27 07:40 - 2020-07-30 18:23 - 000000000 ____D C:\Users\HP\Desktop\PCHunter_free
2020-07-27 06:51 - 2020-07-27 06:51 - 000000000 ____D C:\Program Files (x86)\SecureHunter
2020-07-27 06:50 - 2020-07-27 06:51 - 022610038 _____ C:\Users\HP\Downloads\SecureHunterProSetup.zip
2020-07-27 06:45 - 2020-07-27 06:55 - 000000000 ____D C:\Users\HP\AppData\Local\Xvirus
2020-07-27 06:45 - 2020-07-27 06:45 - 000000000 ____D C:\Users\HP\AppData\Roaming\xvirusam
2020-07-27 06:44 - 2020-07-27 06:55 - 000000000 ____D C:\Program Files (x86)\Xvirus Anti-Malware
2020-07-27 06:44 - 2020-07-27 06:44 - 002984960 _____ (Xvirus) C:\Users\HP\Downloads\xvirus-setup.exe
2020-07-27 06:34 - 2020-07-27 06:34 - 000840422 _____ (WinLib LLC ) C:\Users\HP\Downloads\WinLib_ToolbarCleaner_Trial.exe
2020-07-27 06:34 - 2020-07-27 06:34 - 000000000 ____D C:\Program Files (x86)\WinLib LLC
2020-07-27 06:27 - 2020-07-27 06:28 - 000000785 _____ C:\rapport.txt
2020-07-27 06:27 - 2020-07-27 06:28 - 000000000 _____ C:\Windows\SysWOW64\tmp.txt
2020-07-27 06:26 - 2020-07-27 06:26 - 000000724 _____ C:\abtext.txt
2020-07-27 06:25 - 2020-07-27 06:28 - 000000000 ____D C:\Users\HP\Downloads\SmitfraudFix
2020-07-27 06:23 - 2020-07-27 06:37 - 000003136 _____ C:\Windows\system32\Tasks\GridinSoft Anti-Ransomware
2020-07-27 06:22 - 2020-07-27 06:22 - 003668968 _____ (GridinSoft, LLC. ) C:\Users\HP\Downloads\anti-ransomware.exe
2020-07-27 06:14 - 2020-07-27 06:14 - 002105973 _____ C:\Users\HP\Downloads\SpyDLLRemover(3).zip
2020-07-27 06:14 - 2020-07-27 06:14 - 002105973 _____ C:\Users\HP\Downloads\SpyDLLRemover(2).zip
2020-07-27 05:56 - 2020-07-31 23:22 - 000000000 ____D C:\AdwCleaner
2020-07-27 05:55 - 2020-07-27 05:56 - 008414384 _____ (Malwarebytes) C:\Users\HP\Downloads\adwcleaner_8.0.7.exe
2020-07-27 05:52 - 2020-07-27 05:52 - 000000000 ____D C:\Program Files (x86)\TeaTimer (Spybot - Search & Destroy)
2020-07-27 05:52 - 2020-07-27 05:52 - 000000000 ____D C:\Program Files (x86)\SDHelper (Spybot - Search & Destroy)
2020-07-27 05:52 - 2020-07-27 05:52 - 000000000 ____D C:\Program Files (x86)\Misc. Support Library (Spybot - Search & Destroy)
2020-07-27 05:52 - 2020-07-27 05:52 - 000000000 ____D C:\Program Files (x86)\File Scanner Library (Spybot - Search & Destroy)
2020-07-27 05:49 - 2020-07-27 05:57 - 000000000 ____D C:\Users\Todos os Usuários\Spybot - Search & Destroy
2020-07-27 05:49 - 2020-07-27 05:57 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2020-07-27 05:49 - 2020-07-27 05:57 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2020-07-27 05:49 - 2020-07-27 05:49 - 004354084 _____ (Safer Networking Limited ) C:\Users\HP\Downloads\spybotsd13.exe
020-07-27 05:21 - 2020-07-27 05:21 - 000532480 _____ (Trend Micro Incorporated) C:\Users\HP\Downloads\cwshredder.exe
2020-07-27 05:20 - 2020-07-27 05:21 - 000000259 _____ C:\Users\HP\Downloads\noadware.zip
2020-07-27 05:04 - 2020-07-27 05:06 - 000000000 ____D C:\Users\HP\AppData\Local\Remove Toolbar Buddy
2020-07-27 05:04 - 2020-07-27 05:04 - 000000000 ____D C:\Program Files (x86)\Scorpio Software
2020-07-27 05:03 - 2020-07-27 05:03 - 004860728 _____ (Scorpio Software ) C:\Users\HP\Downloads\RemoveToolbarBuddy6.1.exe
2020-07-27 04:50 - 2020-07-27 04:51 - 015262304 _____ (Sorentio Systems Ltd. ) C:\Users\HP\Downloads\S4BToolbarCleaner.exe
2020-07-27 03:56 - 2011-02-26 05:41 - 000000452 _____ C:\Users\HP\Desktop\Readme.html
2020-07-27 03:55 - 2020-07-27 03:55 - 002105973 _____ C:\Users\HP\Downloads\SpyDLLRemover(1).zip
2020-07-27 03:54 - 2020-07-27 03:55 - 002105973 _____ C:\Users\HP\Downloads\SpyDLLRemover.zip
2020-07-27 01:38 - 2020-07-27 01:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Doctor
2020-07-27 01:37 - 2020-07-27 01:38 - 002050065 _____ C:\Users\HP\Downloads\rdsetup.exe
2020-07-27 01:31 - 2020-07-30 18:23 - 000000000 ____D C:\Users\Todos os Usuários\MacPaw Inc
2020-07-27 01:31 - 2020-07-30 18:23 - 000000000 ____D C:\ProgramData\MacPaw Inc
2020-07-27 01:30 - 2020-07-27 01:31 - 028945224 _____ (MacPaw, Inc. ) C:\Users\HP\Downloads\CleanMyPC.exe
2020-07-27 01:16 - 2020-07-27 01:17 - 003980210 _____ (Rad Corporation) C:\Users\HP\Downloads\rad-kk.exe
2020-07-27 01:16 - 2020-07-27 01:17 - 000000000 ____D C:\Program Files (x86)\Malware Eraser
2020-07-27 01:16 - 2020-07-27 01:16 - 001214902 _____ (TCPmonitor.altervista.org ) C:\Users\HP\Downloads\Malware_Eraser_Setup1.2.exe
2020-07-27 01:16 - 2020-07-27 01:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malware Eraser
2020-07-27 01:14 - 2020-07-27 01:14 - 002801055 _____ C:\Users\HP\Downloads\pcttFixTool.zip
2020-07-27 01:14 - 2020-07-27 01:14 - 000000000 ____D C:\Users\HP\AppData\Roaming\PCTools
2020-07-27 01:12 - 2020-07-27 01:12 - 000000000 ____D C:\Users\Todos os Usuários\ESET
2020-07-27 01:12 - 2020-07-27 01:12 - 000000000 ____D C:\ProgramData\ESET
2020-07-27 01:11 - 2020-07-27 01:11 - 000000000 ____D C:\Users\HP\AppData\Local\VirCleaner
2020-07-27 01:10 - 2020-07-27 01:10 - 003238369 _____ C:\Users\HP\Downloads\VirCleaner.zip
2020-07-27 01:10 - 2020-07-27 01:10 - 002991832 _____ (ESET) C:\Users\HP\Downloads\ERARemover_x64.exe
2020-07-27 01:09 - 2020-07-27 01:09 - 000008888 _____ C:\Users\HP\Downloads\MalWareSpy.zip
2020-07-27 01:07 - 2020-07-27 01:07 - 000237056 _____ (SC BitDefender , Romania) C:\Users\HP\Downloads\ZbotRemovalTool.exe
2020-07-27 01:06 - 2020-07-27 01:06 - 000000000 ____D C:\Program Files (x86)\NoVirusThanks
2020-07-27 01:05 - 2020-07-27 01:05 - 001699163 _____ (NoVirusThanks Company Srl ) C:\Users\HP\Downloads\NVTArk_Free_Setup.exe
2020-07-27 00:54 - 2020-07-27 00:55 - 002698691 _____ C:\Users\HP\Downloads\RunPEDetectorV2.zip
2020-07-27 00:48 - 2020-07-27 00:48 - 000061440 _____ (Sergiwa Software - www.sergiwa.com) C:\Users\HP\Downloads\PRT.exe
2020-07-27 00:46 - 2020-07-27 00:46 - 001927226 _____ C:\Users\HP\Downloads\Baixaki_MV Antivirus and Internet Security 2013.msi
2020-07-27 00:42 - 2020-07-27 00:42 - 003140040 _____ (Software ) C:\Users\HP\Downloads\Baixaki_MV Antivirus and Internet Security 2013_1504909455.exe
2020-07-27 00:42 - 2020-07-27 00:42 - 001811993 _____ (Lunarsoft ) C:\Users\HP\Downloads\Anti-Malware_Toolkit_Setup.exe
2020-07-27 00:42 - 2020-07-27 00:42 - 000000000 ____D C:\Users\HP\AppData\Local\Lunarsoft
2020-07-27 00:00 - 2020-07-27 00:00 - 000249856 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2020-07-27 00:00 - 2020-07-27 00:00 - 000073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2020-07-27 00:00 - 2020-07-27 00:00 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TCSpeedBooster
2020-07-27 00:00 - 2020-07-27 00:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TCSpeedBooster
2020-07-27 00:00 - 2020-07-27 00:00 - 000000000 ____D C:\Program Files (x86)\TCSpeedBooster
2020-07-26 23:59 - 2020-07-27 00:00 - 002758395 _____ C:\Users\HP\Downloads\TCSpeedBooster.zip
2020-07-26 18:40 - 2020-07-26 18:40 - 002676208 _____ C:\Users\HP\Downloads\nettweakpro.exe
2020-07-26 18:40 - 2020-07-26 18:40 - 001065505 _____ C:\Users\HP\Downloads\MemBoost_1959(1).zip
2020-07-26 18:39 - 2020-07-26 18:40 - 001065505 _____ C:\Users\HP\Downloads\MemBoost_1959.zip
2020-07-26 18:31 - 2020-07-26 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M Internet Optimizer
2020-07-26 18:31 - 2020-07-26 18:31 - 000000000 ____D C:\Windows\M Internet Optimizer
2020-07-26 18:30 - 2020-07-26 18:31 - 003768793 _____ C:\Users\HP\Downloads\MInternetOptimizer2.0.rar
2020-07-26 18:29 - 2020-07-26 18:30 - 003832958 _____ (PGWARE LLC ) C:\Users\HP\Downloads\throttle.exe
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
FirewallRules: [{81440807-D47C-4D2A-B8B2-1D42DC009201}] => (Allow) C:\Users\HP\AppData\Roaming\Megacubo\305B\megacubo.exe (The NW.js Community) [Arquivo não assinado]
FirewallRules: [{F4E1D587-B5C0-4E5E-9DD0-FE272A612BE7}] => (Allow) C:\Users\HP\AppData\Roaming\Megacubo\305B\megacubo.exe (The NW.js Community) [Arquivo não assinado]
C:\Program Files (x86)\SecureHunter\AntiMalwarePro\bin\shrtsrv.exe
C:\Program Files (x86)\SecureHunter\AntiMalwarePro
C:\Program Files (x86)\SecureHunter
CMD: ipconfig /flushdns
CreateRestorePoint:
RemoveProxy:
EmptyTemp:
Reboot:
Hosts:
end::
> Execute FRST/FRST64 >> Clique "Corrigir" << Aguarde!
> Poste o relatório "Resultado da Correção pela Farbar Recovery Scan Tool". (Fixlog.txt)
> Este e outros relatórios,podem ser encontrados na pasta: Disco Local (C) > FRST > Logs
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! >
[]s
joram
Highlander
Registrado
5.4K Mensagens
2.5K Curtidas
/!\ Boa Noite! Nickolas1993 /!\
> Pode ter havido corrupção do ficheiro (dnsapi.dll),pois o mesmo é legítimo.
NB: This software is no longer maintained !
> Estou editando este Post,para incluir algumas informações sobre o "RepairDNS" de Nicolas Coolman. Onde ,devido ao fato de apresentar muitos falso positivo,foi a mesma descontinuada.
> A ferramenta ZHPCleaner,do mesmo autor,costuma apontar configurações legítimas de rede,
[MD5.9B86DF86D1EFF32893BC3FB49BFAA993] - 08/06/2018 - (.Microsoft Corporation - DLL da API de cliente DNS.) -- C:\Windows\System32\dnsapi.dll [357888] [Unsigned] =>.Microsoft Corporation
[MD5.4A35D7B172AFF9C6B362D7297568836A] - 08/06/2018 - (.Microsoft Corporation - DLL da API de cliente DNS.) -- C:\Windows\Syswow64\dnsapi.dll [269824] [Unsigned] =>.Microsoft Corporation
> Ps: Estas são as corretas assinaturas do ficheiro,quando são instalados pela Microsoft.
> Baixe: < > < > ( ... de Nicolas Coolman )
https://nicolascoolman.eu/
> Ou daqui!
> Estando na página,clique: Télécharger
> Salve-a ao desktop! ( ZHPDiag3 )
> Feche o navegador!
> Execute ZHPDiag3.exe,como administrador,para instalar a ferramenta!
> Ao surgir esta tela,evite clicar em Atualização! Feche-a clicando no [X].
> Clique Scanner.
> Aguarde a conclusão! ( ...de 1% até 100% )
> À seguir,clique Relatório.
> O relatório estará disponibilizado em formato html.
file:///C:/Users/xxx.../AppData/Roaming/ZHP/ZHPDiag.html
file:///C:/Users/xxx.../AppData/Roaming/ZHP/ZHPDiag.txt
Este será seu relatório direto,obtido ao modificar na barra de endereços,de (.html) para (.txt).
Depois,basta selecionar (ctrl + A),copiar (ctrl + C) e colar ao seu Post ou Bloco de Notas. (ctrl + V)
> Copie-o a um Bloco de Notas.
> Poste-o em sua resposta! (~ Modo: Scanner)
> Ps: Como o log será extenso,hospede-o em Pjjoint.malekal.
> Ou acesse: < 1fichier.com >
> Ou acesse: < >
> Clique no botão Parcourir...
> Busque o relatório ao desktop.
> Clique no botão Abrir.
> Clique no botão "Créer le lien Cjoint".
> Copie o link que está ao lado de "Le lien a été créé" e poste-o em sua resposta.
> Ou clique "Copier le lien (*)" e cole o link ao seu Post. utilizando spoiler.
[]s
Nickolas1993
Novo Membro
Registrado
67 Mensagens
0 Curtidas
joram
Highlander
Registrado
5.4K Mensagens
2.5K Curtidas
/!\ Boa Noite! Nickolas1993 /!\
[MD5.9B86DF86D1EFF32893BC3FB49BFAA993] - 08/06/2018 - (.Microsoft Corporation - DLL da API de cliente DNS.) -- C:\Windows\System32\dnsapi.dll [357888] [Unsigned] =>.Microsoft Corporation
[MD5.4A35D7B172AFF9C6B362D7297568836A] - 08/06/2018 - (.Microsoft Corporation - DLL da API de cliente DNS.) -- C:\Windows\Syswow64\dnsapi.dll
> As assinaturas do ficheiro dnsapi.dll,em seu log,não diferem da que lhe passei!
> Portanto,falso positivo qualquer indicação do ficheiro ser um Trojan.DNSChanger.
> Baixe: < >
http://www.commentcamarche.net/download/telecharger-34102185-zhpfix
> Ou aqui!
> Estando na página,clique: "Télécharger"
> Salve-o ao desktop!
> Instale-o,clicando em: Suivant >> Suivant >>...>> Suivant >> Suivant >> Installer >> Terminer
Ps: Caso surja uma mensagem do Windows com a frase "Deseja permitir que o programa de um fornecedor desconhecido faça alterações neste computador?" Clique "Sim"
> Execute este script na ferramenta ZHPFix.
[spoiler]Script ZHPFix
EmptyPrefetch
EmptyClsid
EmptyFlash
EmptyTemp
FirewallRaz
ShortcutFix
Ifeofix
sysrestore
SR - Demand [00/00/0000] [ 0] efavdrv (efavdrv) . (...) - C:\Windows\system32\drivers\efavdrv.sys (.not file.) [Unsigned]
SR - Demand [00/00/0000] [ 0] EnigmaFileMonDriver Mini-Filter Driver (EnigmaFileMonDriver) . (...) - C:\Windows\System32\drivers\EnigmaFileMonDriver.sys (.not file.) [Unsigned]
SR - Demand [00/00/0000] [ 0] (VGPU) . (...) - C:\Windows\System32\drivers\rdvgkmd.sys (.not file.) [Unsigned]
O4 - GS\Quicklaunch [Administrador]: Megacubo.lnk . (...) C:\Users\HP\AppData\Roaming\Megacubo\305B\megacubo.exe --disable-crash-handler=true [Unsigned]
O4 - GS\Quicklaunch [Convidado]: Megacubo.lnk . (...) C:\Users\HP\AppData\Roaming\Megacubo\305B\megacubo.exe --disable-crash-handler=true [Unsigned]
O42 - Logiciel: SpyHunter 5 - (.EnigmaSoft Limited.) [HKLM][64Bits] -- SpyHunter5 [Unsigned] =>.EnigmaSoft Limited
HKLM\SOFTWARE\EnigmaSoft =>.Enigma Software Group, LLC
HKCU\SOFTWARE\Baixaki =>.Baixaki
HKLM\SOFTWARE\WOW6432Node\Swearware =>.Swearware
HKU\S-1-5-21-1462356998-1902129199-331163287-1000\SOFTWARE\Baixaki =>.Baixaki
O43 - CFD: 27/07/2020 - [0] SHD -- C:\Users\HP\AppData\Local\EmieSiteList =>.ATTENTION
O43 - CFD: 27/07/2020 - [0] SHD -- C:\Users\HP\AppData\Local\EmieUserList =>.ATTENTION
O61 - LFC: 2020/08/01 21:45:38 A . (.Gino.) -- C:\Users\HP\Downloads\RepairDNS_2283890330.exe [3783120] {5F91B23C61D7F7200B8CED3CB7679604}.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>.SUP.Orphan
HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
[5F91B23C61D7F7200B8CED3CB7679604] [01/08/2020] (.AfterDawn Oy.) - C:\Users\HP\Downloads\RepairDNS_2283890330.exe =>.Not verified
[6D1E78EF225B298534D84245D6ED9494] [01/08/2020] (.H&V Media Limited.) - C:\Users\HP\Downloads\ComIntRep_4058_Setup_1871928857.exe =>.Not verified
[54971FF238D2B866F27FC3FE6C9AD577] [27/07/2020] (.Avira Operations GmbH & Co. KG.) - C:\Users\HP\Downloads\AviraDNSRepairEN.exe =>.Avira Operations GmbH & Co. KG
[3AEA7D79BC1D84D2E1AB0FFC8BC35658] [16/08/2018] (.Avira Operations GmbH & Co. KG.) - C:\Windows\System32\DRIVERS\avkmgr.sys =>.Avira Operations GmbH & Co. KG
[08A2EC4E78A09E174B192E5535984B59] [01/08/2020] (.Malwarebytes Inc.) - C:\Users\HP\Downloads\adwcleaner_8.0.7.exe =>.Malwarebytes Inc
ServiceDemand:EnigmaFileMonDriver
ServiceDemand:efavdrv
ServiceDemand:VGPU[/spoiler]
> Selecione e copie estas informações que estão no Spoiler,para o Bloco de Notas.
> Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
> À seguir,minimize o Bloco de Notas.
> Abra a ferramenta ZHPFix.
> Clique IMPORTAÇÃO >> OK.
> Ao clicar "OK",verifique se o campo está limpo ,para que receba somente as informações do script.
> Não encontrando anormalidades,clique "GO".
> Ou,clique CONFIGURAR >> Personalizar.
> Cole as informações contidas no Bloco de Notas,ao campo da ferramenta.
> Clique "GO" >> Oui >> Oui
> Poste o relatório! (C:\Users\Usuário\AppData\Roaming\ZHP\ZHPFix[R1].txt)
< Peço aos visitantes que não utilizem este script em seus computadores,sob risco de danos aos mesmos! >
[]s
**Quando pensar ser um Golias, cuidado para não encontrar algum Davi**
Conheça os Poderosos e Gratuitos [ Iperius Backup ] e [ Iperius Remote ]
Faça valer a sua voz com o Mudamos+ { https://www.mudamos.org }
Fazer pergunta
