joram
Highlander
Registrado
5.4K Mensagens
2.5K Curtidas
/!\ Boa Tarde! felipe-ricardo /!\
< https://www.youtube.com/watch?v=EVOAahNgYgI >
> Já acessou esta dica?
> Desinstale: <3>
Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
Malwarebytes version 4.6.1.280 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.1.280 - Malwarebytes)
Norton Security Ultra <<
> Copie estas informações que estão na Quote,para o Bloco de Notas.
> Salve-as com o nome fixlist. << Texto ou Unicode,caso solicite!
> Salve-as ao desktop! ( Área de trabalho ... )
Ver Spoiler
Start::
Comment: All processes will be force closed
CloseProcesses:
Comment: System Protection will be enabled
SystemRestore: On
Comment: New Restore Point will be created
CreateRestorePoint:
Comment: All network proxies will be removed
RemoveProxy:
AV: Norton Security Ultra (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(explorer.exe ->) () [Arquivo não assinado] C:\Users\felip\Downloads\CKScanner.exe
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restrição <==== ATENÇÃO
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
Task: {D3B1DCA9-862B-44FB-A8A2-4A8F1DB24E03} - System32\Tasks\Oem\AcerJumpstartTask => "C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe" /default (Nenhum Arquivo)
Task: {DE9433EE-6EE7-491C-8036-54207CD7AAE8} - System32\Tasks\update-S-1-5-21-2214377964-700434260-603755962-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: )
Task: {E570CBD5-3FB6-4DC7-8E28-42259C5958B4} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: )
Task: C:\WINDOWS\Tasks\update-S-1-5-21-2214377964-700434260-603755962-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
S4 QALSvc; "C:\Program Files\Acer\Quick Access Service\QALSvc.exe" [X]
S4 QASvc; "C:\Program Files\Acer\Quick Access Service\QASvc.exe" [X]
S3 ss_conn_launcher_service; %SystemRoot%\System32\Samsung\EasySetup\ss_conn_launcher.exe [X]
S4 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe" [X]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222272 2023-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-09-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [199640 2023-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2023-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181984 2023-09-06] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-09-06] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-09-06] (Malwarebytes Inc. -> Malwarebytes)
2023-09-06 08:40 - 2023-09-06 08:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2023-09-06 08:40 - 2023-09-06 08:40 - 000000000 ____D C:\Program Files (x86)\Skillbrains
2023-09-06 08:36 - 2023-09-06 08:36 - 000181984 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-09-06 08:34 - 2023-09-06 08:35 - 000000000 ____D C:\AdwCleaner
2023-09-06 08:34 - 2023-09-06 08:34 - 008791352 _____ (Malwarebytes) C:\Users\felip\Downloads\adwcleaner.exe
2023-09-06 08:18 - 2023-09-06 08:37 - 000000000 ____D C:\Users\felip\AppData\Local\Malwarebytes
2023-09-06 08:18 - 2023-09-06 08:18 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-09-06 08:18 - 2023-09-06 08:18 - 000000000 ____D C:\Users\felip\AppData\Local\mbam
2023-09-06 08:18 - 2023-09-06 08:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-09-06 08:18 - 2023-09-06 08:18 - 000000000 ____D C:\Program Files\Malwarebytes
2023-09-06 08:16 - 2023-09-06 08:16 - 002606880 _____ (Malwarebytes) C:\Users\felip\Downloads\MBSetup.exe
2023-09-06 08:02 - 2023-09-06 08:02 - 002786328 _____ (Skillbrains ) C:\Users\felip\Downloads\setup-lightshot.exe
AlternateDataStreams: C:\ProgramData:chnpbmzkyg [754]
AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [7890]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aDXs4 [3506]
AlternateDataStreams: C:\Users\All Users:chnpbmzkyg [754]
AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [7890]
AlternateDataStreams: C:\Users\Todos os Usuários:chnpbmzkyg [754]
AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [7890]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:chnpbmzkyg [754]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [7890]
AlternateDataStreams: C:\Users\felip\Downloads\FRST64.exe:MBAM.Zone.Identifier [240]
HKU\S-1-5-21-2214377964-700434260-603755962-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-2214377964-700434260-603755962-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-2214377964-700434260-603755962-1001 -> DefaultScope {F28A8DAC-FF7E-4629-9547-5E47A8831FA7} URL =
SearchScopes: HKU\S-1-5-21-2214377964-700434260-603755962-1001 -> {0362B2A7-89BA-418F-9AA5-91DE6205A5EF} URL =
SearchScopes: HKU\S-1-5-21-2214377964-700434260-603755962-1001 -> {F28A8DAC-FF7E-4629-9547-5E47A8831FA7} URL =
FirewallRules: [{DC9C3D41-CCF8-4D1A-AEC6-35BCD8C61545}] => (Block) C:\users\felip\appdata\local\discord\app-1.0.9006\discord.exe => Nenhum Arquivo
FirewallRules: [{9EAC3277-BDD9-4D47-B8A0-C686CAFD5A54}] => (Block) C:\users\felip\appdata\local\discord\app-1.0.9006\discord.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{D8055CDF-7BA9-4201-8B0A-AEF6B5E1C00D}C:\users\felip\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\felip\appdata\local\discord\app-1.0.9006\discord.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{FCEC3A4C-7C59-467E-8165-6F3B621BD116}C:\users\felip\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\felip\appdata\local\discord\app-1.0.9006\discord.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{C7DBD180-8FE6-4CB9-9C09-37D60A1D6CF0}C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{CE208D1E-447D-4DDE-A954-E967E0C26607}C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe => Nenhum Arquivo
FirewallRules: [{08DB5592-7215-4781-A16F-F4130117E879}] => (Block) C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe => Nenhum Arquivo
FirewallRules: [{9009C964-04CC-4DAE-84AF-DEAA19FB3618}] => (Block) C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{CE660346-3B52-4DCD-8179-1F968C624F3D}C:\program files (x86)\pje-office\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\pje-office\jre\bin\javaw.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{28EAF82B-F84A-4B3C-BD92-F230E7F72766}C:\program files (x86)\pje-office\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\pje-office\jre\bin\javaw.exe => Nenhum Arquivo
FirewallRules: [{2B070C02-04E0-4443-A64B-F1B46BD92147}] => (Block) C:\program files (x86)\pje-office\jre\bin\javaw.exe => Nenhum Arquivo
FirewallRules: [{C04E50F8-50AC-44D4-ADE6-F9E351ABAC2E}] => (Block) C:\program files (x86)\pje-office\jre\bin\javaw.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{3F1D2F78-0E74-4822-A0EB-A9E7CFAFE4FD}C:\users\felip\onedrive\área de trabalho\risk of rain 2\risk of rain 2.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\risk of rain 2\risk of rain 2.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{C568781D-1C35-4E03-A29B-197FB9461A6C}C:\users\felip\onedrive\área de trabalho\risk of rain 2\risk of rain 2.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\risk of rain 2\risk of rain 2.exe => Nenhum Arquivo
FirewallRules: [{09C09D2B-1BD7-4D6F-B2A0-A19D204A6D19}] => (Block) C:\users\felip\onedrive\área de trabalho\risk of rain 2\risk of rain 2.exe => Nenhum Arquivo
FirewallRules: [{59165908-7C7D-4DDF-AB40-6557B1B9556E}] => (Block) C:\users\felip\onedrive\área de trabalho\risk of rain 2\risk of rain 2.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{E1D83E4D-A211-4B9E-A2DE-1BC518E322A7}D:\steamlibrary\steamapps\common\risk of rain 2\risk of rain 2.exe] => (Allow) D:\steamlibrary\steamapps\common\risk of rain 2\risk of rain 2.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{6F9F20F4-0088-4AE6-AB07-11DAEADD4F9C}D:\steamlibrary\steamapps\common\risk of rain 2\risk of rain 2.exe] => (Allow) D:\steamlibrary\steamapps\common\risk of rain 2\risk of rain 2.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{45B42F62-9A0C-41D7-A7F5-F6F051AAEE9B}C:\users\felip\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\felip\appdata\local\discord\app-1.0.9013\discord.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{D4C771E6-4428-4025-9EF2-2EB6B6271EAC}C:\users\felip\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\felip\appdata\local\discord\app-1.0.9013\discord.exe => Nenhum Arquivo
FirewallRules: [{79520247-1A41-419D-B242-632974C472DF}] => (Block) C:\users\felip\appdata\local\discord\app-1.0.9013\discord.exe => Nenhum Arquivo
FirewallRules: [{D37E99FB-976B-4EC9-B172-71EB24F14575}] => (Block) C:\users\felip\appdata\local\discord\app-1.0.9013\discord.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{6C5FC2B5-4B9C-45DF-A349-8B1222E2378A}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{954AA162-02AF-440B-8D11-432E6D0B798E}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => Nenhum Arquivo
FirewallRules: [{88CBD260-FD6A-4B8D-9FFB-F6B5B4A56974}] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => Nenhum Arquivo
FirewallRules: [{2D34E83B-B666-44C6-9DAA-E0C064B4CD86}] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => Nenhum Arquivo
cmd: DISM.exe /Online /Cleanup-image /Restorehealth
cmd: sfc /scannow
Comment: Use Farbar routine to delete temp files
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
Comment: The system will restart.
Reboot:
End::
[/spoiler]
> Execute FRST/FRST64 >> Clique "Corrigir" << Aguarde!
> Poste o relatório "Resultado da Correção pela Farbar Recovery Scan Tool". (Fixlog.txt)
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! >
felipe-ricar...
Zerinho
Registrado
2 Mensagens
0 Curtidas
/!\ Boa Tarde! felipe-ricardo /!\
< https://www.youtube.com/watch?v=EVOAahNgYgI >
> Já acessou esta dica?
> Desinstale: <3>
Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
Malwarebytes version 4.6.1.280 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.1.280 - Malwarebytes)
Norton Security Ultra <<
> Copie estas informações que estão na Quote,para o Bloco de Notas.
> Salve-as com o nome fixlist. << Texto ou Unicode,caso solicite!
> Salve-as ao desktop! ( Área de trabalho ... )
undefinedStart::
Comment: All processes will be force closed
CloseProcesses:
Comment: System Protection will be enabled
SystemRestore: On
Comment: New Restore Point will be created
CreateRestorePoint:
Comment: All network proxies will be removed
RemoveProxy:
AV: Norton Security Ultra (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
(C:\Program Files\Google\Chrome\Application\chrome.exe -> (Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(explorer.exe -> () C:\Users\felip\Downloads\CKScanner.exe
HKLM-x32\...\Run: => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe (Kilonova LLC -> )
HKLM\...\Policies\Explorer: hide:
HKLM\SOFTWARE\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restrição <==== ATENÇÃO
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
Task: {D3B1DCA9-862B-44FB-A8A2-4A8F1DB24E03} - System32\Tasks\Oem\AcerJumpstartTask => "C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe" /default (Nenhum Arquivo)
Task: {DE9433EE-6EE7-491C-8036-54207CD7AAE8} - System32\Tasks\update-S-1-5-21-2214377964-700434260-603755962-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (OOO Lightshot -> TODO: <Company name>
Task: {E570CBD5-3FB6-4DC7-8E28-42259C5958B4} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe (OOO Lightshot -> TODO: <Company name>
Task: C:\WINDOWS\Tasks\update-S-1-5-21-2214377964-700434260-603755962-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
S4 QALSvc; "C:\Program Files\Acer\Quick Access Service\QALSvc.exe"
S4 QASvc; "C:\Program Files\Acer\Quick Access Service\QASvc.exe"
S3 ss_conn_launcher_service; %SystemRoot%\System32\Samsung\EasySetup\ss_conn_launcher.exe
S4 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe"
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll (Malwarebytes Inc. -> Malwarebytes)
2023-09-06 08:40 - 2023-09-06 08:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2023-09-06 08:40 - 2023-09-06 08:40 - 000000000 ____D C:\Program Files (x86)\Skillbrains
2023-09-06 08:36 - 2023-09-06 08:36 - 000181984 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-09-06 08:34 - 2023-09-06 08:35 - 000000000 ____D C:\AdwCleaner
2023-09-06 08:34 - 2023-09-06 08:34 - 008791352 _____ (Malwarebytes) C:\Users\felip\Downloads\adwcleaner.exe
2023-09-06 08:18 - 2023-09-06 08:37 - 000000000 ____D C:\Users\felip\AppData\Local\Malwarebytes
2023-09-06 08:18 - 2023-09-06 08:18 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-09-06 08:18 - 2023-09-06 08:18 - 000000000 ____D C:\Users\felip\AppData\Local\mbam
2023-09-06 08:18 - 2023-09-06 08:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-09-06 08:18 - 2023-09-06 08:18 - 000000000 ____D C:\Program Files\Malwarebytes
2023-09-06 08:16 - 2023-09-06 08:16 - 002606880 _____ (Malwarebytes) C:\Users\felip\Downloads\MBSetup.exe
2023-09-06 08:02 - 2023-09-06 08:02 - 002786328 _____ (Skillbrains ) C:\Users\felip\Downloads\setup-lightshot.exe
AlternateDataStreams: C:\ProgramData:chnpbmzkyg
AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aDXs4
AlternateDataStreams: C:\Users\All Users:chnpbmzkyg
AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ
AlternateDataStreams: C:\Users\Todos os Usuários:chnpbmzkyg
AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:chnpbmzkyg
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ
AlternateDataStreams: C:\Users\felip\Downloads\FRST64.exe:MBAM.Zone.Identifier
HKU\S-1-5-21-2214377964-700434260-603755962-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-2214377964-700434260-603755962-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-2214377964-700434260-603755962-1001 -> DefaultScope {F28A8DAC-FF7E-4629-9547-5E47A8831FA7} URL =
SearchScopes: HKU\S-1-5-21-2214377964-700434260-603755962-1001 -> {0362B2A7-89BA-418F-9AA5-91DE6205A5EF} URL =
SearchScopes: HKU\S-1-5-21-2214377964-700434260-603755962-1001 -> {F28A8DAC-FF7E-4629-9547-5E47A8831FA7} URL =
FirewallRules: => (Block) C:\users\felip\appdata\local\discord\app-1.0.9006\discord.exe => Nenhum Arquivo
FirewallRules: => (Block) C:\users\felip\appdata\local\discord\app-1.0.9006\discord.exe => Nenhum Arquivo
FirewallRules: => (Allow) C:\users\felip\appdata\local\discord\app-1.0.9006\discord.exe => Nenhum Arquivo
FirewallRules: => (Allow) C:\users\felip\appdata\local\discord\app-1.0.9006\discord.exe => Nenhum Arquivo
FirewallRules: => (Allow) C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe => Nenhum Arquivo
FirewallRules: => (Allow) C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe => Nenhum Arquivo
FirewallRules: => (Block) C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe => Nenhum Arquivo
FirewallRules: => (Block) C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe => Nenhum Arquivo
FirewallRules: => (Allow) C:\program files (x86)\pje-office\jre\bin\javaw.exe => Nenhum Arquivo
FirewallRules: => (Allow) C:\program files (x86)\pje-office\jre\bin\javaw.exe => Nenhum Arquivo
FirewallRules: => (Block) C:\program files (x86)\pje-office\jre\bin\javaw.exe => Nenhum Arquivo
FirewallRules: => (Block) C:\program files (x86)\pje-office\jre\bin\javaw.exe => Nenhum Arquivo
FirewallRules: => (Allow) C:\users\felip\onedrive\área de trabalho\risk of rain 2\risk of rain 2.exe => Nenhum Arquivo
FirewallRules: => (Allow) C:\users\felip\onedrive\área de trabalho\risk of rain 2\risk of rain 2.exe => Nenhum Arquivo
FirewallRules: => (Block) C:\users\felip\onedrive\área de trabalho\risk of rain 2\risk of rain 2.exe => Nenhum Arquivo
FirewallRules: => (Block) C:\users\felip\onedrive\área de trabalho\risk of rain 2\risk of rain 2.exe => Nenhum Arquivo
FirewallRules: => (Allow) D:\steamlibrary\steamapps\common\risk of rain 2\risk of rain 2.exe => Nenhum Arquivo
FirewallRules: => (Allow) D:\steamlibrary\steamapps\common\risk of rain 2\risk of rain 2.exe => Nenhum Arquivo
FirewallRules: => (Allow) C:\users\felip\appdata\local\discord\app-1.0.9013\discord.exe => Nenhum Arquivo
FirewallRules: => (Allow) C:\users\felip\appdata\local\discord\app-1.0.9013\discord.exe => Nenhum Arquivo
FirewallRules: => (Block) C:\users\felip\appdata\local\discord\app-1.0.9013\discord.exe => Nenhum Arquivo
FirewallRules: => (Block) C:\users\felip\appdata\local\discord\app-1.0.9013\discord.exe => Nenhum Arquivo
FirewallRules: => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => Nenhum Arquivo
FirewallRules: => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => Nenhum Arquivo
FirewallRules: => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => Nenhum Arquivo
FirewallRules: => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => Nenhum Arquivo
cmd: DISM.exe /Online /Cleanup-image /Restorehealth
cmd: sfc /scannow
Comment: Use Farbar routine to delete temp files
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
Comment: The system will restart.
Reboot:
End::
> Execute FRST/FRST64 >> Clique "Corrigir" << Aguarde!
> Poste o relatório "Resultado da Correção pela Farbar Recovery Scan Tool". (Fixlog.txt)
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! >
<A+>
Irei fazer o procedimento, eu consigo instalar os programas normalmente, o que causa estranheza é o fato de sempre aparecer essa mensagem sendo que em outros computadores utilizando o mesmo instalador não aparece. Penso que deve ter algo errado com a Microsoft Store ou algo tentando explorar uma fragilidade do PC.
Atualização: 10/09/2023 07:42
Desinstalei o Malwarebites e Lightshot, não achei o Norton para desinstalar. A única coisa que eu tenho do Norton no PC é uma extensão do Chrome que é o Norton Safe Search.
A propósito qual o problema do Lightshot? Vi em outros tópicos que também pediram para desinstalar ele.
Rodei o fixlist e aqui está o fixlog.
https://www.cjoint.com/c/MIkkOoGToW5
joram
Highlander
Registrado
5.4K Mensagens
2.5K Curtidas
/!\ Bom Dia! felipe-ricardo /!\
< Sair do modo S > << Link!
Tente primeiramente o tutorial, depois...caso queira, vc pode utilizar o script fixlist.
< Capturas de tela e o golpe no Lightshot >
O Lightshot é um ponto de fragilidade ao Windows, segundo a Kaspersky.
Informe a situação de sua "máquina".
