Ir ao conteúdo
  • Cadastre-se

Rodrigo Piccolotto

Membros Juniores
  • Total de itens

    7
  • Registro em

  • Última visita

  • Qualificações

    N/D
  1. O computador teve uma melhora expressiva! Estou bastante satisfeito!!! Parabéns pelo trabalho!! Equipe Clube do Hardware nota 10!!! O que devo fazer com os programas que foram instalados durante todo este procedimento? Deixo no computador ou desinstalo eles? Muito obrigado por tudo até o momento!!!
  2. Segue o Log gerado pelo Zemana: Zemana AntiMalware 2.74.2.150 (instalado) ------------------------------------------------------- Scan Result : Concluído Scan Date : 2018/10/30 Operating System : Windows 7 64-bit Processor : 4X Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz BIOS Mode : Legacy CUID : 1287DDDF68A05F18645FDB Scan Type : Análise do Sistema Duration : 29m 4s Scanned Objects : 134124 Detected Objects : 2 Excluded Objects : 0 Read Level : SCSI Auto Upload : Activado Detect All Extensions : Desactivado Scan Documents : Desactivado Domain Info : WORKGROUP,0,2 Detected Objects ------------------------------------------------------- Chrome Cleaner Pro Status : Analisados Object : %localappdata%\google\chrome\user data\default\extensions\ccjleegmemocfpghkhpjmiccjcacackp MD5 : - Publisher : - Size : - Version : - Detection : PUA.ChromeExt!Gr Cleaning Action : Reparar Related Objects : Extensão do navegador - Chrome Cleaner Pro Adobe Flash Player-2015.exe Status : Analisados Object : %userprofile%\downloads\perdidos\adobe flash player-2015.exe MD5 : C70A657922BB9359F63EFEF43C75175D Publisher : - Size : 1158144 Version : - Detection : Downloader:Win32/Banload.Variant Cleaning Action : Quarentena Related Objects : Arquivo - %userprofile%\downloads\perdidos\adobe flash player-2015.exe Cleaning Result ------------------------------------------------------- Cleaned : 2 Reported as safe : 0 Failed : 0
  3. Segue o Log gerado: RogueKiller V12.13.6.0 (x64) [Oct 22 2018] (Free) por Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Site : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Iniciou : Modo normal Usuário : Rodrigo [Administrador] Started from : C:\Users\Rodrigo\Desktop\RogueKiller_portable64.exe Modo : Deletar -- Data : 10/25/2018 15:43:00 (Duration : 06:11:34) ¤¤¤ Processos : 0 ¤¤¤ ¤¤¤ Registro : 2 ¤¤¤ [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\KMSEmulator ("C:\ProgramData\KMSAuto\bin\KMSSS.exe" -Port 1688 -PWin RandomKMSPID -PO14 RandomKMSPID -PO15 RandomKMSPID -AI 43200 -RI 43200 KillProcessOnPort -Log -IP) -> Deletado [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\KMSEmulator ("C:\ProgramData\KMSAuto\bin\KMSSS.exe" -Port 1688 -PWin RandomKMSPID -PO14 RandomKMSPID -PO15 RandomKMSPID -AI 43200 -RI 43200 KillProcessOnPort -Log -IP) -> Deletado ¤¤¤ Tarefas : 1 ¤¤¤ [PUP.HackTool] \AutoKMS -- C:\Windows\AutoKMS\AutoKMS.exe -> Deletado ¤¤¤ Arquivos : 2 ¤¤¤ [PUP.uTorrentAds][Arquivo] C:\Users\Rodrigo\AppData\Roaming\uTorrent\updates\3.5.3_44358\utorrentie.exe -> Deletado [PUP.uTorrentAds][Arquivo] C:\Users\Rodrigo\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe -> Deletado ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Arquivos de hosts : 0 [Too big!] ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤ ¤¤¤ Navegadores : 0 ¤¤¤ ¤¤¤ Verificação da MBR : ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MQ01ABD075 SCSI Disk Device +++++ --- User --- [MBR] d9be19118a4452c69ebfe8a96bda7737 [BSP] 50237b2cd756fc42ec6736b18a9dc44f : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 715303 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK
  4. Boa noite! Agora consegui! Só fiquei com uma dúvida: devo eliminar as ameaças encontradas ou não faço nada? segue o conteúdo gerado: RogueKiller V12.13.6.0 (x64) [Oct 22 2018] (Free) por Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Site : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Iniciou : Modo normal Usuário : Rodrigo [Administrador] Started from : C:\Users\Rodrigo\Desktop\RogueKiller_portable64.exe Modo : Escanear -- Data : 10/25/2018 15:43:00 (Duration : 06:11:34) ¤¤¤ Processos : 0 ¤¤¤ ¤¤¤ Registro : 2 ¤¤¤ [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\KMSEmulator ("C:\ProgramData\KMSAuto\bin\KMSSS.exe" -Port 1688 -PWin RandomKMSPID -PO14 RandomKMSPID -PO15 RandomKMSPID -AI 43200 -RI 43200 KillProcessOnPort -Log -IP) -> Encontrado [PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\KMSEmulator ("C:\ProgramData\KMSAuto\bin\KMSSS.exe" -Port 1688 -PWin RandomKMSPID -PO14 RandomKMSPID -PO15 RandomKMSPID -AI 43200 -RI 43200 KillProcessOnPort -Log -IP) -> Encontrado ¤¤¤ Tarefas : 1 ¤¤¤ [PUP.HackTool] \AutoKMS -- C:\Windows\AutoKMS\AutoKMS.exe -> Encontrado ¤¤¤ Arquivos : 2 ¤¤¤ [PUP.uTorrentAds][Arquivo] C:\Users\Rodrigo\AppData\Roaming\uTorrent\updates\3.5.3_44358\utorrentie.exe -> Encontrado [PUP.uTorrentAds][Arquivo] C:\Users\Rodrigo\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe -> Encontrado ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Arquivos de hosts : 0 [Too big!] ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤ ¤¤¤ Navegadores : 0 ¤¤¤ ¤¤¤ Verificação da MBR : ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MQ01ABD075 SCSI Disk Device +++++ --- User --- [MBR] d9be19118a4452c69ebfe8a96bda7737 [BSP] 50237b2cd756fc42ec6736b18a9dc44f : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 715303 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK
  5. Bom dia. Abri o link para fazer o download do RogueKiller, porém o arquivo aparenta não estar mais disponível para download. A única coisa que baixou foi o arquivo "txt" que estou colocando em anexo. Devo fazer uma busca em outro site para tentar baixar o RogueKiller, ou vocês têm algum outro link que indicam? Obrigado file-not-found.txt
  6. Boa noite, Elias Pereira. Desde já, muito obrigado pela atenção. Seguem os logs gerados nas três etapas: Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 17/10/2018 Hora da análise: 09:11 Arquivo de registro: c688cbaa-d205-11e8-8392-201a066b6655.json -Informação do software- Versão: 3.6.1.2711 Versão de componentes: 1.0.463 Versão do pacote de definições: 1.0.7399 Licença: Gratuita -Informação do sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x64 Sistema de arquivos: NTFS Usuário: Rodrigo-NB\Rodrigo -Resumo da análise- Tipo de análise: Análise Customizada Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 490217 Ameaças detectadas: 5 Ameaças em quarentena: 5 Tempo decorrido: 13 hr, 30 min, 12 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 5 RiskWare.KG, C:\PROGRAM FILES (X86)\ESET\MINODLOGIN\LAUNCHER.EXE, Quarentena, [12063], [74364],1.0.7399 RiskWare.KG, C:\PROGRAM FILES (X86)\ESET\MINODLOGIN\UNINST.EXE, Quarentena, [12063], [74363],1.0.7399 Generic.Malware/Suspicious, C:\USERS\RODRIGO\DESKTOP\ZAGA\HOMER\HOMER V1.0B1\RESOURCES\CMDOW.EXE, Quarentena, [0], [392686],1.0.7399 Generic.Malware/Suspicious, C:\USERS\RODRIGO\DESKTOP\ZA-SCAN.EXE, Quarentena, [0], [392686],1.0.7399 Generic.Malware/Suspicious, C:\USERS\RODRIGO\DESKTOP\ZOEK.EXE, Quarentena, [0], [392686],1.0.7399 Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) # ------------------------------- # Malwarebytes AdwCleaner 7.2.4.0 # ------------------------------- # Build: 09-25-2018 # Database: 2018-10-12.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 10-17-2018 # Duration: 00:00:02 # OS: Windows 7 Ultimate # Cleaned: 22 # Failed: 0 ***** [ Services ] ***** Deleted Update service ***** [ Folders ] ***** Deleted C:\ProgramData\apn ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5C4EAB8E-DC9E-461C-A4B2-7436490C27C3} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{AD6DB978-8111-49DD-9245-C3CB26F05D3E} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0A659BF6-6EFC-4D01-AC58-52B9CB436506} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E69371AF-72C4-4445-BDB1-20375F201FCC} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A5F5E8C6-DEC2-4462-A669-569FFB5BEA15} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2A82EFD2-83AD-4987-A45A-212F889CF238} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{27523611-F5C8-4D45-833B-65D2CDE7EF1C} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{357C71DD-3CB9-4651-BB01-C47757F83C85} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A3EDE772-5750-450A-BF53-CA05DC2CCD2E} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E4524E45-D30A-4E71-B8FB-F2783C5A0D2C} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5D5E4F5F-BC31-4D95-9749-23632D4384AA} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{03081EA3-E19C-4E33-BD3B-B6C89BE3637A} Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{DBC44480-6E0C-405E-9ECB-B20A26508D78}C:\users\rodrigo\appdata\local\popcorn time\nw.exe Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{F4340E7F-1D78-4684-A274-DD5AC6A0E55C}C:\users\rodrigo\appdata\local\popcorn time\nw.exe Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{0459AEC6-6041-4DE0-BE37-030495E430BD}C:\users\rodrigo\appdata\local\popcorn time\node-webkit\popcorn time.exe Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{6390D597-9645-44AE-B79D-57F6B3121843}C:\users\rodrigo\appdata\local\popcorn time\node-webkit\popcorn time.exe Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{24DFEB01-3A1D-4AB1-8F4E-8CE77083EEA7}C:\users\rodrigo\appdata\local\popcorn time\node-webkit\popcorn time.exe Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{2918775D-7AB5-418E-91EB-EFA9F3ACF5AA}C:\users\rodrigo\appdata\local\popcorn time\node-webkit\popcorn time.exe ***** [ Chromium (and derivatives) ] ***** Deleted Chrome Cleaner Pro ***** [ Chromium URLs ] ***** Deleted Ask Brasil ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [4704 octets] - [17/10/2018 23:32:01] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## ~ ZHPCleaner v2018.10.14.184 by Nicolas Coolman (2018/10/14) ~ Run by Rodrigo (Administrator) (17/10/2018 23:54:50) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\Rodrigo\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Rodrigo\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (15516) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (18) MOVED file: C:\Windows\Prefetch\AUTOKMS.EXE-7CC2D49E.pf =>HackTool.AutoKMS MOVED file: C:\ProgramData\KMSAuto\KMSAuto Net.exe [MSFree Inc. - KMSAuto Net] =>HackTool.WinActivator MOVED file: C:\ProgramData\KMSAuto\bin\KMSSS.exe [MDL Forum, mod by Ratiborus - KMS Server Emulator Service (XP)] =>HackTool.AutoKMS MOVED file: C:\Users\Rodrigo\Downloads\perdidos\Popcorn-Time-0.3.7.2-Setup (1).exe [Popcorn Official - Popcorn Time v0.3.7-2 Installer] =>.SUP.PopcornTime MOVED file: C:\Users\Rodrigo\Downloads\perdidos\Popcorn-Time-0.3.7.2-Setup.exe [Popcorn Official - Popcorn Time v0.3.7-2 Installer] =>.SUP.PopcornTime MOVED file: C:\Users\Rodrigo\Downloads\perdidos\PopcornTime-latest (2).exe [Popcorn Time - Popcorn Time Setup] =>.SUP.PopcornTime MOVED file: C:\Users\Rodrigo\Downloads\perdidos\PopcornTime-latest.exe [Popcorn Time - Popcorn Time Setup] =>.SUP.PopcornTime MOVED file: C:\Users\Rodrigo\Downloads\perdidos\uTorrent.exe [BitTorrent Inc. - µTorrent] =>BitTorrent (P2P) MOVED file: C:\Windows\AutoKMS\AutoKMS.exe [CODYQX4 - AutoKMS] =>HackTool.AutoKMS MOVED file: C:\Windows\AutoKMS\AutoKMS.log =>HackTool.AutoKMS MOVED folder: C:\Program Files (x86)\Popcorn Time =>.SUP.PopcornTime MOVED folder: C:\ProgramData\KMSAuto =>HackTool.WinActivator MOVED folder: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time =>.SUP.PopcornTime MOVED folder: C:\Windows\AutoKMS =>HackTool.AutoKMS MOVED folder: C:\Users\Rodrigo\Downloads\PopcornTime =>.SUP.PopcornTime MOVED folder: C:\Users\Rodrigo\AppData\Local\MSfree Inc =>HackTool.WinActivator MOVED folder: C:\Users\Rodrigo\AppData\Local\PopcornTimeDesktop =>.SUP.PopcornTime ---\\ Registry ( Key, Value, Data) (2) DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.] =>BitTorrent (P2P) DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Popcorn Time_is1 [Popcorn Time] =>.SUP.PopcornTime ---\\ Summary of the elements found (4) https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/ =>HackTool.WinActivator https://nicolascoolman.eu/2017/02/26/superfluous-popcorntime/ =>.SUP.PopcornTime https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P) ---\\ Other deletions. (2) ~ Registry Keys Tracing deleted (2) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Browser not found (Mozilla Firefox) ~ Browser not found (Opera Software) ---\\ Statistics ~ Items scanned : 31634 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 0/7 ~ Space saving (bytes) : 0 ~ End of clean in 00h00mn54s ---\\ Reports (2) ZHPCleaner--17102018-23_50_44.txt ZHPCleaner-[R]-17102018-23_55_44.txt
  7. Tenho tido um problema com lentidão do notebook e eventuais travamentos. O desempenho geral do notebook está bem abaixo do que o normal. Sou leigo no assunto, mas acredito que o motivo do problema possa ser a presença de malwares. Se conseguirem me ajudar, ficarei extremamente grato! ZA-Scan.txt

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×