Ir ao conteúdo
  • Cadastre-se

A.Araujo

Membros Juniores
  • Total de itens

    10
  • Registro em

  • Última visita

  • Qualificações

    N/D
  1. Boa noite, segue o log: ZA-Scan V1.0.0.6 Updated 03-May-2018(Online Version) Tool run by Alberan on 22/11/2018 at 21:14:54,07. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Alberan\Desktop\ZA-Scan.exe Script used: C:\Users\Alberan\Desktop\zascript.txt ==== System Restore Info ====================== 22/11/2018 21:23:25 Zoek.exe System Restore Point Created Successfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-488378517-3138424244-635305971-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFCB3198-32F3-4E8B-9539-4324694ED664} deleted successfully HKEY_USERS\S-1-5-21-488378517-3138424244-635305971-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FFCB3198-32F3-4E8B-9539-4324694ED664} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FFCB3198-32F3-4E8B-9539-4324694ED664} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-488378517-3138424244-635305971-1000\Software\Mozilla\Firefox\Extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C} deleted successfully HKEY_USERS\S-1-5-21-488378517-3138424244-635305971-1000\Software\Mozilla\Firefox\Extensions\{87F8774F-B485-47E2-A755-A40A8A5E886D} deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.1.7601.23505 (win7sp1_ldr.160722-0600)\ComponentFamilies\amd64_microsoft-windows-e..ngconsole.resources_31bf3856ad364e35_pt-pt_4e35468977efafdf\f256werconcpl.dll.mui] [-HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.1.7601.23505 (win7sp1_ldr.160722-0600)\ComponentFamilies\amd64_microsoft-windows-errorreportingconsole_31bf3856ad364e35_none_5577f52d0439c6dd\f256werconcpl.dll] "LocalizedString"=- "IconReference"=- "LocalizedString"=- "IconReference"=- @=- @=- @=- "ResourceFileName"=- "MessageFileName"=- ==== Batch Command(s) Run By Tool====================== Configura‡Æo de IP do Windows Libera‡Æo do Cache do DNS Resolver bem-sucedida. ==== shortcuts on Users Desktops ====================== C:\Users\Alberan\Desktop\Format Factory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe C:\Users\Alberan\Desktop\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Alberan\Desktop\LGMobile Support Tool.lnk - C:\ProgramData\LGMOBILEAX\LGMLauncher.exe C:\Users\Alberan\Desktop\Naviextras Toolbox.lnk - C:\Program Files (x86)\Naviextras\Toolbox\toolbox.exe C:\Users\Alberan\Desktop\RecentPlaces.lnk - C:\Users\Alberan\Desktop\ZHPCleaner.lnk - C:\Users\Alberan\AppData\Roaming\ZHP\ZHPCleaner.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Ashampoo Burning Studio FREE.lnk - C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio FREE\burningstudio.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\CPUID CPU-Z.lnk - C:\Program Files (x86)\CPUID\CPU-Z\cpuz.exe C:\Users\Public\Desktop\Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\IRPF2017 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk - C:\Users\Public\Desktop\IRPF2018 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk - C:\Users\Public\Desktop\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe C:\Users\Public\Desktop\McAfee All Access – Total Protection.lnk - C:\Users\Public\Desktop\TeamViewer 13.lnk - C:\Program Files (x86)\TeamViewer\TeamViewer.exe C:\Users\Public\Desktop\Zemana AntiMalware.lnk - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk - C:\Program Files (x86)\TeamViewer\TeamViewer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe /LOG C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware\Zemana AntiMalware.lnk - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe ==== shortcuts in Quick Launch ====================== C:\Users\Alberan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Alberan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Alberan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Alberan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Alberan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Alberan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Uninstall Programs.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe C:\Users\Alberan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Driver Booster 4.lnk - C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe C:\Users\Alberan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Alberan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Alberan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Alberan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty Temp Folders ====================== C:\Users\Alberan\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\USURIO~1\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Alberan\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Alberan\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\M957XNCV\home.mcafee.com" not found ==== EOF on 22/11/2018 at 21:40:58,70 ======================
  2. Boa noite, segue o log: SystemLook 30.07.11 by jpshortstuff Log created at 20:22 on 20/11/2018 by Alberan Administrator - Elevation successful ========== filefind ========== Searching for "werconcpl.dll" SystemLook 30.07.11 by jpshortstuff Log created at 20:32 on 20/11/2018 by Alberan Administrator - Elevation successful ========== filefind ========== Searching for "werconcpl.dll" C:\Windows\System32\werconcpl.dll --a---- 1281024 bytes [04:13 07/02/2011] [07:27 20/11/2010] F9959237F106F2B2609E61A290C0652E C:\Windows\winsxs\amd64_microsoft-windows-errorreportingconsole_31bf3856ad364e35_6.1.7601.17514_none_b43336e6398511dc\werconcpl.dll --a---- 1281024 bytes [04:13 07/02/2011] [07:27 20/11/2010] F9959237F106F2B2609E61A290C0652E ========== regfind ========== Searching for "werconcpl.dll" [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.1.7601.23505 (win7sp1_ldr.160722-0600)\ComponentFamilies\amd64_microsoft-windows-e..ngconsole.resources_31bf3856ad364e35_pt-pt_4e35468977efafdf\f256!werconcpl.dll.mui] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.1.7601.23505 (win7sp1_ldr.160722-0600)\ComponentFamilies\amd64_microsoft-windows-errorreportingconsole_31bf3856ad364e35_none_5577f52d0439c6dd\f256!werconcpl.dll] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01D0A625-782D-4777-8D4E-547E6457FAD5}] "LocalizedString"="@%systemroot%\system32\werconcpl.dll,-351" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01D0A625-782D-4777-8D4E-547E6457FAD5}\Elevation] "IconReference"="@%systemroot%\system32\werconcpl.dll,-6" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}] "LocalizedString"="@%systemroot%\system32\werconcpl.dll,-350" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}\Elevation] "IconReference"="@%systemroot%\system32\werconcpl.dll,-6" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3A43F75-FE02-47d8-B3EE-0B568C0C5043}\InProcServer32] @="%SystemRoot%\System32\werconcpl.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA236752-2E77-4386-B63B-0E34774A413D}\InProcServer32] @="%SystemRoot%\System32\werconcpl.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CACA7238-3C7E-4a25-AD73-DE1A4F8C7214}\InProcServer32] @="%SystemRoot%\System32\werconcpl.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{017247f2-7e96-11dc-8314-0800200c9a66}] "ResourceFileName"="%SystemRoot%\System32\werconcpl.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Publishers\{017247f2-7e96-11dc-8314-0800200c9a66}] "MessageFileName"="%SystemRoot%\System32\werconcpl.dll" -= EOF =-
  3. Bom dia Elias, Fiz novamente o procedimento acima e a msg RUNDLL continua: Windows\system32\werconcpl.dll não é um aplicativo win32 válido.
  4. Bom dia Elias, passei o Adwcleaner, não apareceu mais o PUP.OPTIONAL.LEGACY. Apenas aquela mensagem de RUNDLL, dizendo que o windows\system32\werconcpl.dll não é um aplicativo win32 válido, ainda continua. Segue o log abaixo: # ------------------------------- # Malwarebytes AdwCleaner 7.2.4.0 # ------------------------------- # Build: 09-25-2018 # Database: 2018-10-12.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 10-15-2018 # Duration: 00:00:19 # OS: Windows 7 Ultimate # Cleaned: 6 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\ProgramData\IObit\Advanced SystemCare V7 Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare V7 Deleted C:\Users\All Users\IObit\Advanced SystemCare V7 Deleted C:\Users\Todos os Usuários\IObit\Advanced SystemCare V7 Deleted C:\Users\Alberan\AppData\LocalLow\IObit\Advanced SystemCare V7 Deleted C:\Users\Alberan\AppData\Roaming\IObit\Advanced SystemCare V7 ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [14289 octets] - [12/08/2018 14:44:56] AdwCleaner[C00].txt - [9682 octets] - [12/08/2018 14:48:03] AdwCleaner[S01].txt - [4612 octets] - [13/08/2018 22:46:03] AdwCleaner[C01].txt - [1628 octets] - [13/08/2018 22:46:31] AdwCleaner[S02].txt - [11145 octets] - [16/08/2018 21:38:59] AdwCleaner[C02].txt - [9356 octets] - [16/08/2018 21:39:46] AdwCleaner[S03].txt - [9150 octets] - [17/08/2018 14:29:37] AdwCleaner[C03].txt - [7864 octets] - [17/08/2018 14:30:11] AdwCleaner[S04].txt - [1760 octets] - [17/08/2018 16:50:14] AdwCleaner[C04].txt - [1926 octets] - [17/08/2018 16:54:59] AdwCleaner[S05].txt - [1882 octets] - [17/08/2018 17:02:31] AdwCleaner[C05].txt - [2048 octets] - [17/08/2018 17:04:17] AdwCleaner[S06].txt - [2004 octets] - [23/08/2018 19:57:48] AdwCleaner[C06].txt - [2170 octets] - [23/08/2018 20:10:19] AdwCleaner[S07].txt - [2126 octets] - [23/08/2018 20:53:12] AdwCleaner[C07].txt - [2292 octets] - [23/08/2018 20:53:37] AdwCleaner[S08].txt - [2248 octets] - [26/08/2018 21:57:19] AdwCleaner[C08].txt - [2414 octets] - [26/08/2018 21:58:20] AdwCleaner[S09].txt - [2370 octets] - [26/08/2018 22:15:10] AdwCleaner[C09].txt - [2536 octets] - [26/08/2018 22:16:35] AdwCleaner[S10].txt - [2492 octets] - [27/08/2018 19:23:06] AdwCleaner[C10].txt - [2658 octets] - [27/08/2018 19:24:24] AdwCleaner[S11].txt - [2614 octets] - [27/08/2018 19:31:01] AdwCleaner[C11].txt - [2780 octets] - [27/08/2018 19:31:14] AdwCleaner[S12].txt - [2974 octets] - [02/09/2018 15:03:08] AdwCleaner[C12].txt - [3102 octets] - [02/09/2018 15:04:33] AdwCleaner[S13].txt - [2854 octets] - [20/09/2018 16:28:32] AdwCleaner[S14].txt - [3430 octets] - [15/10/2018 08:13:21] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C14].txt ##########
  5. Boa tarde Elias, segue o log: Zemana AntiMalware 2.74.2.150 (instalado) ------------------------------------------------------- Scan Result : Concluído Scan Date : 2018/10/4 Operating System : Windows 7 64-bit Processor : 4X Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz BIOS Mode : Legacy CUID : 12782856A4E169778A166B Scan Type : Análise do Sistema Duration : 57m 7s Scanned Objects : 87493 Detected Objects : 4 Excluded Objects : 0 Read Level : Normal Auto Upload : Activado Detect All Extensions : Desactivado Scan Documents : Desactivado Domain Info : WORKGROUP,0,2 Detected Objects ------------------------------------------------------- Fake Internet Explorer Shortcut Status : Analisados Object : %userprofile%\desktop\internet explorer.lnk MD5 : 0676D5843124CF6DCCCBC6FDFB0CE071 Publisher : - Size : 1553 Version : - Detection : Configuração do navegador suspeito Cleaning Action : Reparar Related Objects : Configuração do navegador - Fake Internet Explorer Shortcut Arquivo - %userprofile%\desktop\internet explorer.lnk Firefox Search Status : Analisados Object : findit - http://feed.sonic-search.com MD5 : - Publisher : - Size : - Version : - Detection : Configuração do navegador suspeito Cleaning Action : Reparar Related Objects : Configuração do navegador - Firefox Search Firefox Search Status : Analisados Object : MercadoLivre - http://mercadolivre.com.br MD5 : - Publisher : - Size : - Version : - Detection : Configuração do navegador suspeito Cleaning Action : Reparar Related Objects : Configuração do navegador - Firefox Search Firefox Search Status : Analisados Object : BuscaPé - http://busca.buscape.com.br MD5 : - Publisher : - Size : - Version : - Detection : Configuração do navegador suspeito Cleaning Action : Reparar Related Objects : Configuração do navegador - Firefox Search Cleaning Result ------------------------------------------------------- Cleaned : 4 Reported as safe : 0 Failed : 0
  6. Realizei...a princípio pareceu ter resolvido, mas, ai apareceu de novo o problema. O Adwcleaner não conseguiu remover.
  7. O malware que não consegui remover: PUP.OPTIONAL.LEGACY e a mesma janelinha que fica abrindo também com uma mensagem de RUNDLL, dizendo que tipo o windows\system32\werconcpl.dll não é um aplicativo win32 válido
  8. Boa noite Elias, segue o log: RogueKiller V12.13.0.0 (x64) [Sep 10 2018] (Free) por Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Site : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Iniciou : Modo normal Usuário : Alberan [Administrador] Started from : C:\Users\Alberan\Desktop\RogueKiller_portable64.exe Modo : Escanear -- Data : 09/10/2018 19:17:18 (Duration : 01:07:44) ¤¤¤ Processos : 0 ¤¤¤ ¤¤¤ Registro : 0 ¤¤¤ ¤¤¤ Tarefas : 0 ¤¤¤ ¤¤¤ Arquivos : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Arquivos de hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤ ¤¤¤ Navegadores : 0 ¤¤¤ ¤¤¤ Verificação da MBR : ¤¤¤ +++++ PhysicalDrive0: WDC WD5000BPVT-22HXZT3 +++++ --- User --- [MBR] 3ec2828eb8a9998e9b7fe4843c9491de [BSP] 0f40d4bc8a67b9ccd6f8e906090e4d5f : Windows Vista/7/8 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14336 MB 1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 29362176 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 29566976 | Size: 462502 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: SDHC Card +++++ --- User --- [MBR] 8a4a3f84a9eda68451f8bdccda84c484 [BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code Partition table: 0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 8192 | Size: 7576 MB User = LL1 ... OK Error reading LL2 MBR! ([32] Não há suporte para o pedido. )
  9. Boa tarde Elias, agradeço por sua ajuda. Seguem os Logs solicitados: Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 02/09/2018 Hora da análise: 14:15 Arquivo de registro: c85baf39-aed3-11e8-bafe-e89a8fd6dad2.json -Informação do software- Versão: 3.5.1.2522 Versão de componentes: 1.0.441 Versão do pacote de definições: 1.0.6595 Licença: Gratuita -Informação do sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x64 Sistema de arquivos: NTFS Usuário: System -Resumo da análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Agendamento Resultado: Concluído Objetos verificados: 271259 Ameaças detectadas: 1 Ameaças em quarentena: 1 Tempo decorrido: 37 min, 58 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Avisar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 1 Generic.Malware/Suspicious, C:\USERS\ALBERAN\DOWNLOADS\ZOEK.ZIP, Quarentena, [0], [392686],1.0.6595 Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) # ------------------------------- # Malwarebytes AdwCleaner 7.2.3.0 # ------------------------------- # Build: 08-30-2018 # Database: 2018-09-01.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 09-02-2018 # Duration: 00:00:10 # OS: Windows 7 Ultimate # Cleaned: 2 # Failed: 1 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\qwertysearch123.biz Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\quertysearch123.biz ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** Not Deleted suggestqueries.google.com ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [14289 octets] - [12/08/2018 14:44:56] AdwCleaner[C00].txt - [9682 octets] - [12/08/2018 14:48:03] AdwCleaner[S01].txt - [4612 octets] - [13/08/2018 22:46:03] AdwCleaner[C01].txt - [1628 octets] - [13/08/2018 22:46:31] AdwCleaner[S02].txt - [11145 octets] - [16/08/2018 21:38:59] AdwCleaner[C02].txt - [9356 octets] - [16/08/2018 21:39:46] AdwCleaner[S03].txt - [9150 octets] - [17/08/2018 14:29:37] AdwCleaner[C03].txt - [7864 octets] - [17/08/2018 14:30:11] AdwCleaner[S04].txt - [1760 octets] - [17/08/2018 16:50:14] AdwCleaner[C04].txt - [1926 octets] - [17/08/2018 16:54:59] AdwCleaner[S05].txt - [1882 octets] - [17/08/2018 17:02:31] AdwCleaner[C05].txt - [2048 octets] - [17/08/2018 17:04:17] AdwCleaner[S06].txt - [2004 octets] - [23/08/2018 19:57:48] AdwCleaner[C06].txt - [2170 octets] - [23/08/2018 20:10:19] AdwCleaner[S07].txt - [2126 octets] - [23/08/2018 20:53:12] AdwCleaner[C07].txt - [2292 octets] - [23/08/2018 20:53:37] AdwCleaner[S08].txt - [2248 octets] - [26/08/2018 21:57:19] AdwCleaner[C08].txt - [2414 octets] - [26/08/2018 21:58:20] AdwCleaner[S09].txt - [2370 octets] - [26/08/2018 22:15:10] AdwCleaner[C09].txt - [2536 octets] - [26/08/2018 22:16:35] AdwCleaner[S10].txt - [2492 octets] - [27/08/2018 19:23:06] AdwCleaner[C10].txt - [2658 octets] - [27/08/2018 19:24:24] AdwCleaner[S11].txt - [2614 octets] - [27/08/2018 19:31:01] AdwCleaner[C11].txt - [2780 octets] - [27/08/2018 19:31:14] AdwCleaner[S12].txt - [2974 octets] - [02/09/2018 15:03:08] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C12].txt ########## ~ ZHPCleaner v2018.8.20.163 by Nicolas Coolman (2018/08/20) ~ Run by Alberan (Administrator) (02/09/2018 15:23:38) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version KO ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\Alberan\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Alberan\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (1) REPLACED Google Chrome Preferences: "https://ddm4tzmgfpg80.cloudfront.net/" =>.SUP.CloudfrontNet ---\\ Hosts file (1) ~ The hosts file is legitimate (1) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (2) MOVED file: C:\Windows\Temp\mpam-4c6285df.exe =>Heuristic.Suspect MOVED file: C:\Windows\Temp\mpam-b04a7dfd.exe =>Heuristic.Suspect ---\\ Registry ( Key, Value, Data) (0) ~ No malicious or unnecessary items found. ---\\ Summary of the elements found (2) https://nicolascoolman.eu/2017/02/02/superfluous-cloudfrontnet/ =>.SUP.CloudfrontNet https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect ---\\ Other deletions. (12) ~ Registry Keys Tracing deleted (9) ~ Remove the old reports ZHPCleaner. (3) ---\\ Result of repair ~ Repair carried out successfully ~ Browser not found (Opera Software) ---\\ Statistics ~ Items scanned : 721 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 0/7 ~ Space saving (bytes) : 0 ~ End of clean in 00h00mn26s ---\\ Reports (4) ZHPCleaner--02092018-15_20_59.txt ZHPCleaner--27082018-16_51_33.txt ZHPCleaner--27082018-17_46_18.txt ZHPCleaner-[R]-02092018-15_24_04.txt
  10. Boa noite, gostaria da ajuda de vocês, pois, estava a procura de um serial com crack e acho que acabei me infectando. Tentei remover com alguns programas, mas, tem uma msg. e um malware que não consegui remover: o PUP.OPTIONAL.LEGACY e tem uma janelinha que fica abrindo tambem com uma mensagem de RUNDLL, dizendo que tipo o windows\system32\werconcpl.dll não é um aplicativo win32 válido. ZA-Scan.txt

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×