×
Ir ao conteúdo
  • Cadastre-se

Zilit

Membro Júnior
  • Posts

    11
  • Cadastrado em

  • Última visita

  • Qualificações

    0%
  1. @Elias Pereira Tudo certo. Estou agradecido demais por sua atenção.
  2. @Elias Pereira Desculpa pela demora. Sobre a última instrução, tudo ok, não ocorreu nenhum problema.
  3. @Elias Pereira Program : RogueKiller Anti-Malware Version : 15.1.0.0 x64 : Yes Program Date : Sep 2 2021 Location : C:\Program Files\RogueKiller\RogueKiller64.exe Premium : No Company : Adlice Software Website : https://www.adlice.com/ Contact : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 10 (10.0.19043) 64-bit 64-bit OS : Yes Startup : 0 WindowsPE : No User : Guizzle User is Admin : Yes Date : 2021/09/24 17:31:03 Type : Removal Aborted : No Scan Mode : Standard Duration : 1375 Found items : 9 Total scanned : 69775 Signatures Version : 20210924_061243 Truesight Driver : Yes ************************* Warnings ************************* ************************* Removal ************************* [PUP.HackTool (Potentially Malicious)] Service KMSELDI -- %ProgramFiles%\KMSpico\Service_KMS.exe -> Stopped [+] scan_what : 0 [+] vendors : PUP.HackTool [+] Name : Service KMSELDI [+] value : %ProgramFiles%\KMSpico\Service_KMS.exe [+] Type : Service [+] file_vtscore : -1 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 0 [+] status : 3 [+] status_str : Stopped [+] removed : Yes [+] status_choice : 2 [+] malpe_score : -1 [PUP.HackTool (Potentially Malicious)] \AutoPico Daily Restart -- "C:\Program Files\KMSpico\AutoPico.exe" (/silent) -> Deleted [+] scan_what : 0 [+] vendors : PUP.HackTool [+] Name : \AutoPico Daily Restart [+] value : "C:\Program Files\KMSpico\AutoPico.exe" (/silent) [+] Type : Task [+] file_vtscore : -1 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 1 [+] status : 3 [+] status_str : Deleted [+] removed : Yes [+] status_choice : 2 [+] malpe_score : -1 [PUP.HackTool (Potentially Malicious)] \KMSpico Automatic Update Scheduler -- "C:\Program Files\KMSpico\KMSUPD.exe" -> Deleted [+] scan_what : 0 [+] vendors : PUP.HackTool [+] Name : \KMSpico Automatic Update Scheduler [+] value : "C:\Program Files\KMSpico\KMSUPD.exe" [+] Type : Task [+] file_vtscore : -1 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 2 [+] status : 3 [+] status_str : Deleted [+] removed : Yes [+] status_choice : 2 [+] malpe_score : -1 [PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-1525340926-1912069763-4131825724-1001\Software\Tencent -- -> Deleted [+] scan_what : 2 [+] vendors : PUP.Gen1 [+] Name : HKEY_USERS\S-1-5-21-1525340926-1912069763-4131825724-1001\Software\Tencent [+] Type : Registry [+] file_vtscore : -1 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 3 [+] status : 3 [+] status_str : Deleted [+] removed : Yes [+] status_choice : 2 [+] malpe_score : -1 [PUP.HackTool (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Service KMSELDI -- [%ProgramFiles%\KMSpico\Service_KMS.exe] -> Deleted [+] scan_what : 2 [+] vendors : PUP.HackTool [+] Name : HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Service KMSELDI [+] value : [%ProgramFiles%\KMSpico\Service_KMS.exe] [+] Type : Registry [+] file_vtscore : -1 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 3 [+] id : 4 [+] status : 3 [+] status_str : Deleted [+] removed : Yes [+] status_choice : 2 [+] malpe_score : -1 [PUM.Proxy (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings|AutoConfigURL -- -> Deleted [+] scan_what : 1 [+] vendors : PUM.Proxy [+] Name : HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings|AutoConfigURL [+] Type : Registry [+] file_vtscore : -1 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 4 [+] id : 5 [+] status : 3 [+] status_str : Deleted [+] removed : Yes [+] status_choice : 2 [+] malpe_score : -1 [PUM.Proxy (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings|AutoConfigURL -- -> Deleted [+] scan_what : 1 [+] vendors : PUM.Proxy [+] Name : HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings|AutoConfigURL [+] Type : Registry [+] file_vtscore : -1 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 4 [+] id : 6 [+] status : 3 [+] status_str : Deleted [+] removed : Yes [+] status_choice : 2 [+] malpe_score : -1 [PUM.SearchEngine (Potentially Malicious)] browser.search.defaultenginename -- Default Search Engine -> Deleted [+] scan_what : 2 [+] vendors : PUM.SearchEngine [+] Name : browser.search.defaultenginename [+] value : Default Search Engine [+] Type : Browser [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 4 [+] id : 7 [+] status : 3 [+] status_str : Deleted [+] removed : Yes [+] status_choice : 2 [+] malpe_score : -1 [PUM.SearchEngine (Potentially Malicious)] browser.search.selectedEngine -- Default Search Engine -> Deleted [+] scan_what : 2 [+] vendors : PUM.SearchEngine [+] Name : browser.search.selectedEngine [+] value : Default Search Engine [+] Type : Browser [+] file_vtscore : 0 [+] file_vttotal : 0 [+] is_malicious : Yes [+] detection_level : 4 [+] id : 8 [+] status : 3 [+] status_str : Deleted [+] removed : Yes [+] status_choice : 2 [+] malpe_score : -1
  4. Sobre o problema nos navegadores, foi isso mesmo que você disse, agora voltou ao normal. Muito obrigado! Segue o report do RogueKiller: Program : RogueKiller Anti-Malware Version : 15.1.0.0 x64 : Yes Program Date : Sep 2 2021 Location : C:\Program Files\RogueKiller\RogueKiller64.exe Premium : No Company : Adlice Software Website : https://www.adlice.com/ Contact : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 10 (10.0.19043) 64-bit 64-bit OS : Yes Startup : 0 WindowsPE : No User : Guizzle User is Admin : Yes Date : 2021/09/24 01:02:57 Type : Scan Aborted : No Scan Mode : Standard Duration : 1493 Found items : 9 Total scanned : 69380 Signatures Version : 20210917_090901 Truesight Driver : Yes Arguments : -minimize ************************* Warnings ************************* ************************* Processes ************************* ************************* Modules ************************* ************************* Services ************************* [PUP.HackTool (Potentially Malicious)] Service KMSELDI (0) -- C:\Program Files\KMSpico\Service_KMS.exe -> Found ************************* Scheduled Tasks ************************* [PUP.HackTool (Potentially Malicious)] \AutoPico Daily Restart -- "C:\Program Files\KMSpico\AutoPico.exe" [/silent] -> Found [PUP.HackTool (Potentially Malicious)] \KMSpico Automatic Update Scheduler -- "C:\Program Files\KMSpico\KMSUPD.exe" -> Found ************************* Registry ************************* >>>>>> XX - Software └── [PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-1525340926-1912069763-4131825724-1001\Software\Tencent -- N/A -> Found >>>>>> O23 - Services └── [PUP.HackTool (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Service KMSELDI -- (missing) -> Found >>>>>> R5 - Proxy ├── [PUM.Proxy (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings|AutoConfigURL -- http://127.0.0.1:86/ -> Found └── [PUM.Proxy (Potentially Malicious)] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings|AutoConfigURL -- http://127.0.0.1:86/ -> Found ************************* WMI ************************* ************************* Hosts File ************************* is_too_big : No hosts_file_path : C:\Windows\System32\drivers\etc\hosts ************************* Filesystem ************************* ************************* Web Browsers ************************* >>>>>> Firefox Config ├── [PUM.SearchEngine (Potentially Malicious)] browser.search.defaultenginename (C:\Users\Guizzle\AppData\Roaming\Mozilla\Firefox\Profiles\v0i3w7es.default-release\prefs.js) -- Default Search Engine -> Found └── [PUM.SearchEngine (Potentially Malicious)] browser.search.selectedEngine (C:\Users\Guizzle\AppData\Roaming\Mozilla\Firefox\Profiles\v0i3w7es.default-release\prefs.js) -- Default Search Engine -> Found ************************* Antirootkit *************************
  5. Muito obrigado pela atenção! Outra situação também começou a acontecer nos navegadores de internet, não consigo acessar o "google.com", vou anexar o print. Segue os logs: # ------------------------------- # Malwarebytes AdwCleaner 8.3.0.0 # ------------------------------- # Build: 06-29-2021 # Database: 2021-09-09.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 09-23-2021 # Duration: 00:00:08 # OS: Windows 10 Pro # Cleaned: 12 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Program Files (x86)\Tencent Deleted C:\Users\Guizzle\AppData\Local\Tencent Deleted C:\Users\Guizzle\AppData\Roaming\Tencent ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Lavasoft\Web Companion Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B} Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Wechat Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Wechat Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0153A848-39AE-4B04-9010-63C7C7641CEE} Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [3966 octets] - [23/09/2021 00:21:27] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## ~ ZHPCleaner v2021.9.21.329 by Nicolas Coolman (2021/09/21) ~ Run by Guizzle (Administrator) (23/09/2021 03:49:34) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Repair ~ Report : C:\Users\Guizzle\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\Guizzle\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ System Restore Point : OK ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Pro, 64-bit (Build 19043) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (1) DELETED data: [X64] HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxySettingsPerUser [Bad : 0] =>.SUP.ProxyRestriction ---\\ Hosts file (1) ~ The hosts file is legitimate (21) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (15) MOVED file: C:\Users\Guizzle\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium MOVED file: C:\Users\Guizzle\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium MOVED file: C:\Windows\Temp\SECOH-QAD.exe =>Heuristic.Suspect MOVED file: C:\Windows\Prefetch\KMSPICO-SETUP.TMP-18F76AB9.pf =>HackTool.KMSpico MOVED file: C:\Windows\Prefetch\KMSPICO-SETUP.TMP-D6D20A61.pf =>HackTool.KMSpico MOVED file: C:\Windows\Prefetch\KMSPICO_SETUP.TMP-76DEC696.pf =>HackTool.KMSpico MOVED file: C:\Windows\Prefetch\KMSPICO_SETUP.TMP-B45DA915.pf =>HackTool.KMSpico MOVED file: C:\Windows\Prefetch\KMSPICO_SETUP.TMP-F35C79A4.pf =>HackTool.KMSpico MOVED file: C:\Windows\SECOH-QAD.dll =>HackTool.KMSpico MOVED file: C:\Windows\AutoKMS\AutoKMS.log =>HackTool.AutoKMS MOVED folder: C:\KMSpico Setup =>HackTool.KMSpico MOVED folder: C:\Program Files\KMSpico =>HackTool.KMSpico MOVED folder: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico MOVED folder: C:\WINDOWS\AutoKMS =>HackTool.AutoKMS ---\\ Registry ( Key, Value, Data) (2) DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 [KMSpico] =>HackTool.KMSpico DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMSpico Automatic Update Scheduler [] =>HackTool.KMSpico ---\\ Summary of the elements found (5) https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.ProxyRestriction https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS ---\\ Other deletions. (0) ~ Registry Keys Tracing deleted (0) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Google Chrome OK ~ Mozilla Firefox OK ~ Internet Explorer OK ~ The system has been restarted. ---\\ Statistics ~ Items scanned : 1838 ~ Items found : 0 ~ Items cancelled : 0 ~ Space saving (bytes) : 0 ~ Items options : 9/17 ---\\ OPTIONS NOT ACTIVES ~ Temporary file analysis ~ Temporary folder analysis ~ Empty Folder CLSID Analysis ~ Empty Other Folder Analysis ~ Empty LocalLow Folder Analysis ~ Empty Local Folder Analysis ~ Obsolete Installer File Analysis ~ Start browsers with extensions removed ~ End of clean in 00h01mn07s ---\\ Reports (2) ZHPCleaner-[S]-23092021-02_02_20.txt ZHPCleaner-[R]-23092021-03_50_41.txt
  6. Sistema com uma certa lentidão e que mesmo eu realizando as ações necessárias recomendadas, o "Microsoft Defender" não para de ficar mandando notificações. ZA-Scan.txt
  7. Vai fazer uma semana que o notebook não desliga sozinho mais. Muito obrigado pela atenção!
  8. RogueKiller Anti-Malware V13.0.4.0 (x64) [Oct 30 2018] (Free) by Adlice Software mail : https://adlice.com/contact/?utm_campaign=roguekiller&utm_source=soft&utm_medium=btn Website : https://adlice.com/download/roguekiller/?utm_campaign=roguekiller&utm_source=soft&utm_medium=btn Operating System : Windows 10 (10.0.17134) 64 bits Started in : Normal mode User : [Administrator] Started from : C:\Users\\Desktop\RogueKiller_portable64.exe Mode : Standard Scan, Delete -- Date : 2018/10/30 15:13:29 (Duration : 00:26:32) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [Suspicious.Path (Potentially Malicious)] \Rerun Warsaw's CoreFixer -- C:\WINDOWS\TEMP\is-AANPD.tmp\corefixer.exe (/norerun) -> Deleted
  9. RogueKiller V12.13.6.0 (x64) [Oct 22 2018] (Free) por Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Site : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Sistema Operacional : Windows 10 (10.0.17134) 64 bits version Iniciou : Modo normal Usuário : Guigsz [Administrador] Started from : C:\Users\\Desktop\RogueKiller_portable64.exe Modo : Escanear -- Data : 10/29/2018 11:29:25 (Duration : 00:41:16) ¤¤¤ Processos : 0 ¤¤¤ ¤¤¤ Registro : 10 ¤¤¤ [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-760759101-2059298554-4219282298-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://internetbanking.caixa.gov.br/sinbc/#!nb/login -> Encontrado [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-760759101-2059298554-4219282298-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://internetbanking.caixa.gov.br/sinbc/#!nb/login -> Encontrado [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-760759101-2059298554-4219282298-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10272018113701561\Software\Microsoft\Internet Explorer\Main | Start Page : https://internetbanking.caixa.gov.br/sinbc/#!nb/login -> Encontrado [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-760759101-2059298554-4219282298-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10272018113701561\Software\Microsoft\Internet Explorer\Main | Start Page : https://internetbanking.caixa.gov.br/sinbc/#!nb/login -> Encontrado [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 201.6.2.213 201.6.2.94 ([Brazil][-]) -> Encontrado [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3a866e31-4188-4fdb-a46d-85be5d3bde56} | DhcpNameServer : 201.6.2.213 201.6.2.94 ([Brazil][-]) -> Encontrado [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{5c0eb0cf-7cea-4780-ac98-316f1b1d919f} | DhcpNameServer : 201.6.2.213 201.6.2.94 ([Brazil][-]) -> Encontrado [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{632220d9-7cdd-4406-8ab5-3c89bd827ad0} | DhcpNameServer : 201.6.2.213 201.6.2.94 ([Brazil][-]) -> Encontrado [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ebe9f106-9339-455f-9da6-db8ca7cab26c} | DhcpNameServer : 201.6.2.213 201.6.2.94 ([Brazil][-]) -> Encontrado [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ff088b87-9d5c-4eb9-908b-47220bd62a09} | DhcpNameServer : 201.6.2.213 201.6.2.94 ([Brazil][-]) -> Encontrado ¤¤¤ Tarefas : 1 ¤¤¤ [Suspicious.Path] \Rerun Warsaw's CoreFixer -- C:\WINDOWS\TEMP\is-AANPD.tmp\corefixer.exe (/norerun) -> Encontrado ¤¤¤ Arquivos : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Arquivos de hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤ ¤¤¤ Navegadores : 0 ¤¤¤ ¤¤¤ Verificação da MBR : ¤¤¤ +++++ PhysicalDrive0: ST320LM001 HN-M320MBB +++++ --- User --- [MBR] 938d9a92ee0fd2b4ec031208c7fe924a [BSP] d8684e071be41b2d1f9108af0b50ee78 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 303913 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 623441920 | Size: 828 MB User = LL1 ... OK User = LL2 ... OK
  10. Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 25/10/2018 Hora da análise: 16:16 Arquivo de registro: 6c0c2cc2-d88a-11e8-83c4-000000000000.json -Informação do software- Versão: 3.6.1.2711 Versão de componentes: 1.0.463 Versão do pacote de definições: 1.0.7531 Licença: Versão de Avaliação -Informação do sistema- Sistema operacional: Windows 10 (Build 17134.345) CPU: x64 Sistema de arquivos: NTFS -Resumo da análise- Tipo de análise: Análise Customizada Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 324652 Ameaças detectadas: 0 Ameaças em quarentena: 0 Tempo decorrido: 5 hr, 17 min, 14 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 0 (Nenhum item malicioso detectado) Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) # ------------------------------- # Malwarebytes AdwCleaner 7.2.4.0 # ------------------------------- # Build: 09-25-2018 # Database: 2018-10-23.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 10-25-2018 # Duration: 00:00:10 # OS: Windows 10 Pro # Cleaned: 5 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\_acestream_cache_ Deleted C:\AppData\Roaming\.acestream ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{8EA5388C-415B-4C33-9398-12073072E292}C:\users\Guigsz\appdata\roaming\soda player\acestream\engine\ace_engine.exe Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{2A9EA8B5-AE70-4585-BA05-06AC14188ABC}C:\users\Guigsz\appdata\roaming\soda player\acestream\engine\ace_engine.exe ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** Deleted Ask Brasil ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1857 octets] - [25/10/2018 23:10:29] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## ~ ZHPCleaner v2018.10.19.185 by Nicolas Coolman (2018/10/19) ~ Run by (Administrator) (26/10/2018 00:28:15) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Deactivate ~ Boot Mode : Normal (Normal boot) Windows 10 Pro, 64-bit (Build 17134) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (24) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (4) MOVED file: C:\Windows\SECOH-QAD.dll =>HackTool.KMSpico MOVED file: C:\Windows\SECOH-QAD.exe =>HackTool.KMSpico MOVED folder: C:\Program Files\KMSpico =>HackTool.KMSpico MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico ---\\ Registry ( Key, Value, Data) (0) ~ No malicious or unnecessary items found. ---\\ Summary of the elements found (1) https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico ---\\ Other deletions. (5) ~ Registry Keys Tracing deleted (5) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ---\\ Statistics ~ Items scanned : 3228 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 0/7 ~ Space saving (bytes) : 0 ~ End of clean in 00h00mn15s ---\\ Reports (2) ZHPCleaner--25102018-23_42_23.txt ZHPCleaner-[R]-26102018-00_28_30.txt
  11. Meu Notebook Positivo está desligando sozinho de vez em quando, do nada, pelo menos uma vez a cada dois dias. Ele é totalmente dependente da fonte, já que a bateria não funciona há anos. ZA-Scan.txt

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas comunidades sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

Curso de Hacker Ético

LANÇAMENTO!

CLIQUE AQUI E CONFIRA!

* Este curso não é ministrado pela equipe do Clube do Hardware.