Ir para conteúdo
View in the app

A better way to browse. Learn more.
EletrônicaBR.com

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Ajuda com remocao de virus

Por AG Eletronica
em Segurança, Vírus e Malwares

Featured Replies

Postado

Amigos, estou com um virus na minha rede que ele fica corrompendo meus arquivos de instalacao, como office, nero entre outros. Os icones dos programas ficam com resolução baixa, deformados. Alguem pode me ajudar remover? Segue log do hijackthis.

 

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\explorer.exe
C:\Windows\system32\taskeng.exe
c:\windows\system\explorer.exe
C:\Program Files\Hard Disk Sentinel\HDSentinel.exe
c:\windows\system\svchost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
E:\Downloads\HijackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Você não tem permissão para visualizar links. Faça login ou cadastre-se.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe, c:\windows\system\explorer.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Usuario\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office16\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Explorer] c:\windows\system\explorer.exe RU
O4 - HKLM\..\Run: [Svchost] c:\windows\system\svchost.exe RU
O4 - HKLM\..\RunOnce: [Explorer] c:\windows\system\explorer.exe RO
O4 - HKLM\..\RunOnce: [Svchost] c:\windows\system\svchost.exe RO
O4 - HKCU\..\Run: [FlashGet 3] "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" -minimize
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O8 - Extra context menu item: Download all links by FlashGet3 - C:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm
O8 - Extra context menu item: Download all videos by FlashGet3 - C:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgetallflvurl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm
O8 - Extra context menu item: Download current video by FlashGet3 - C:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgetflvurl.htm
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: EaseUS Agent Service (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe

--
End of file - 5607 bytes

  • Citar
    • Postado
    19 minutos atrás, AG Eletronica disse:

    Amigos, estou com um virus na minha rede que ele fica corrompendo meus arquivos de instalacao, como office, nero entre outros. Os icones dos programas ficam com resolução baixa, deformados. Alguem pode me ajudar remover? Segue log do hijackthis.

     

    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\explorer.exe
    C:\Windows\system32\taskeng.exe
    c:\windows\system\explorer.exe
    C:\Program Files\Hard Disk Sentinel\HDSentinel.exe
    c:\windows\system\svchost.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    E:\Downloads\HijackThis.exe
    C:\Windows\system32\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Você não tem permissão para visualizar links. Faça login ou cadastre-se.
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    F2 - REG:system.ini: Shell=C:\Windows\explorer.exe, c:\windows\system\explorer.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll
    O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Usuario\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office16\URLREDIR.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [Explorer] c:\windows\system\explorer.exe RU
    O4 - HKLM\..\Run: [Svchost] c:\windows\system\svchost.exe RU
    O4 - HKLM\..\RunOnce: [Explorer] c:\windows\system\explorer.exe RO
    O4 - HKLM\..\RunOnce: [Svchost] c:\windows\system\svchost.exe RO
    O4 - HKCU\..\Run: [FlashGet 3] "C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" -minimize
    O4 - HKCU\..\Run: [uTorrent] "C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
    O8 - Extra context menu item: Download all links by FlashGet3 - C:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm
    O8 - Extra context menu item: Download all videos by FlashGet3 - C:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgetallflvurl.htm
    O8 - Extra context menu item: Download by FlashGet3 - C:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm
    O8 - Extra context menu item: Download current video by FlashGet3 - C:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgetflvurl.htm
    O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
    O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL
    O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL
    O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
    O23 - Service: EaseUS Agent Service (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe

    --
    End of file - 5607 bytes

    instala o eset nele crackeado e limpa 

  • Citar
    • Postado

    Bom desconfiaria desse seu flash get Network. Aceleradores de download são vulneráveis. Difícil um diagnóstico sem acompanhar o histórico. Como se infecta? Ele ataca as pastas compartilhadas? Nesse caso seria mt importante aumentar a segurança na sua rede atribuindo permissões aos usuários. Verifique e limpe arquivos ocultos em User/appdata/local/temp e em user/appdata/roaming. Se estiver com um vírus 'conficker' que faz justamente isso, é bem fácil de c : e o d: se houver estarem infectados. Veja arquivos ocultos em ambos. Cuidado com os pendrives que conectou nesses computadores. E  um antivírus pago é muito útil, nada de crackea-los, isso mesmo, as empresas responsáveis pelas engines (vacinas) com certeza sabem quando o aplicativo que eles comercializam é 'pirateado'. O custo é baixo. Eu choro quando vejo alguém recomendar se instalar algo 'crackeado', não pode, precisamos mudar esse conceito e querer um pais melhor para todos. Boa sorte!

  • Citar
    • Joinha 3
    Postado
    19 horas atrás, Rods disse:

    E  um antivírus pago é muito útil, nada de crackea-los

    Concordo. j+ 

     

    Existem também diversas ferramentas gratuitas que podem ajudar.

    Exemplo: Você não tem permissão para visualizar links. Faça login ou cadastre-se.

  • Citar
    • Postado
    • Autor

    @Rods desinstalei o acelerador, o que esse virus faz eh "comer os setups dos programas de instalacao da empresa", em questao do antivirus pago seria uma boa sim. Vou esta olhando a possibilidade de adiquirir um.. obg.

  • Citar

    • Participe agora da conversa!

    Você pode postar agora e se cadastrar mais tarde. Se você tiver uma conta, faça login para postar com sua conta.

    Visitante
    Responder
    Voltar para a lista de tópicos

    Account

    Navigation

    Pesquisar

    Pesquisar

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.