Ir ao conteúdo
  • Cadastre-se

BruninGott

Membros Juniores
  • Total de itens

    4
  • Registro em

  • Última visita

  • Qualificações

    N/D
  1. @Elias Pereira Boa tarde querido, segue novo log RogueKiller Anti-Malware V13.5.7.0 (x64) [Nov 20 2019] (Free) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 10 (10.0.18362) 64 bits Started in : Normal mode User : gottm [Administrator] Started from : C:\Users\gottm\Downloads\RogueKiller_portable64.exe Signatures : 20191203_134524, Driver : Loaded Mode : Standard Scan, Scan -- Date : 2019/12/04 13:19:19 (Duration : 00:19:27) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
  2. @Elias Pereira Segue log do RogueKiller: RogueKiller Anti-Malware V13.5.7.0 (x64) [Nov 20 2019] (Free) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 10 (10.0.18362) 64 bits Started in : Normal mode User : gottm [Administrator] Started from : C:\Users\gottm\Downloads\RogueKiller_portable64.exe Signatures : 20191203_134524, Driver : Loaded Mode : Standard Scan, Scan -- Date : 2019/12/03 18:45:45 (Duration : 00:18:06) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ >>>>>> O87 - Firewall [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{96595521-B6ED-4DF4-8C71-A8FFF6EBF8EB}C:\users\gottm\appdata\roaming\jwrapper-maptool\jwrapper-windows64jre-00053600256-complete\bin\java.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\gottm\appdata\roaming\jwrapper-maptool\jwrapper-windows64jre-00053600256-complete\bin\java.exe|Name=java.exe|Desc=java.exe|Defer=User| (C:\users\gottm\appdata\roaming\jwrapper-maptool\jwrapper-windows64jre-00053600256-complete\bin\java.exe) (missing) -> Found [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{D4CA48AA-C29F-4DB9-8207-7D9B799FAB58}C:\users\gottm\appdata\roaming\jwrapper-maptool\jwrapper-windows64jre-00053600256-complete\bin\java.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\gottm\appdata\roaming\jwrapper-maptool\jwrapper-windows64jre-00053600256-complete\bin\java.exe|Name=java.exe|Desc=java.exe|Defer=User| (C:\users\gottm\appdata\roaming\jwrapper-maptool\jwrapper-windows64jre-00053600256-complete\bin\java.exe) (missing) -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ >>>>>> Firefox Addon [PUP.AmazonAssistant (Potentially Malicious)] Amazon Assistant for Firefox (C:\Users\gottm\AppData\Roaming\Mozilla\Firefox\Profiles\x1hkqxq9.default\extensions\abb-acer@amazon.com) -- abb-acer@amazon.com -> Found
  3. @Elias Pereira Boa tarde, amigo! Seguie abaixo os logs dos resultados: *Mbam* Malwarebytes www.malwarebytes.com -Detalhes do Relatório- Data da análise: 02/12/2019 Hora da análise: 23:04 Arquivo de relatório: 4dcc5a96-1571-11ea-a231-fc4596f7a77a.json -Informações do Software- Versão: 4.0.4.49 Versão de componentes: 1.0.764 Versão do pacote de definições: 1.0.15658 Licença: Versão de Avaliação -Informações do Sistema- Sistema operacional: Windows 10 (Build 18362.476) CPU: x64 Sistema de arquivos: NTFS Usuário: LAPTOP-BLAU48OR\gottm -Resumo da Análise- Tipo de análise: Análise Customizada Análise Iniciada Por: Manual Resultado: Concluída Objetos verificados: 576197 Ameaças detectadas: 5 Ameaças em quarentena: 5 Tempo decorrido: 5 hr, 0 min, 13 seg -Opções da Análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado Programa Potencialmente Indesejado: Detetar PUM: Detetar -Detalhes da Análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 5 MachineLearning/Anomalous.100%, C:\ADWCLEANER\QUARANTINE\V1\20190604.183643\14\ONESYSTEMCARE\CLEANUPCONSOLE.EXE#B552BE0987FC8019, Quarentena, 0, 392687, 1.0.15658, , shuriken, Adware.Adposhel, C:\ADWCLEANER\QUARANTINE\V1\20190604.183643\14\ONESYSTEMCARE\AOTZE.DLL#A56E20E2ECDED1C1, Quarentena, 520, 689068, 1.0.15658, CB6A042242915E024917AF5D, dds, 00483812 Adware.Adposhel, C:\ADWCLEANER\QUARANTINE\V1\20190604.183643\14\ONESYSTEMCARE\ONESYSTEMCARE.EXE#68576A7A6447D1B5, Quarentena, 520, 689061, 1.0.15658, , ame, Trojan.Crypt, C:\ADWCLEANER\QUARANTINE\V1\20190604.183643\28\3560378944911365089\DESKTOP_MEDIA_SERVICE.EXE#F903FFD946D96B16, Quarentena, 4131, 676064, 1.0.15658, , ame, Adware.Adposhel, C:\ADWCLEANER\QUARANTINE\V1\20190604.183643\28\3560378944911365089\WATCHDOG.EXE#0738216E43C37EC8, Quarentena, 520, 676472, 1.0.15658, 49AC6C126C9539D1C208B0E7, dds, 00483812 Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) ADCleanner # ------------------------------- # Malwarebytes AdwCleaner 7.4.2.0 # ------------------------------- # Build: 10-21-2019 # Database: 2019-11-26.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 12-03-2019 # Duration: 00:00:49 # OS: Windows 10 Home Single Language # Cleaned: 22 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKLM\Software\Wow6432Node\Jetmedia ***** [ Chromium (and derivatives) ] ***** Deleted Amazon Assistant for Chrome ***** [ Chromium URLs ] ***** Deleted animeshouse.net ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Preinstalled Software ] ***** Deleted Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK Deleted Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B} Deleted Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B} Deleted Preinstalled.AcerConfigurationManager Folder C:\Program Files (x86)\ACER\AMUNDSEN\2.1.16258 Deleted Preinstalled.AcerConfigurationManager Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C485F27F-468A-480D-AE8D-074B346B9395} Deleted Preinstalled.AcerConfigurationManager Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcerCMUpdateTask2.1.16258 Deleted Preinstalled.AcerConfigurationManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{414D554E-4453-454E-0201-000000016258} Deleted Preinstalled.AcerConfigurationManager Task C:\Windows\System32\Tasks\ACERCMUPDATETASK2.1.16258 Deleted Preinstalled.AcerJumpstart Folder C:\Program Files (x86)\ACER\ACER JUMPSTART Deleted Preinstalled.AcerJumpstart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{8B441B85-0AFA-4EB3-A756-A47453481D2D} Deleted Preinstalled.AcerPortal Folder C:\ProgramData\ACER\ACER PORTAL Deleted Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E055E234-0FB7-4FBF-9E28-8C4767967675} Deleted Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCF8D3AE-0256-46A0-9311-C6573F03C203} Deleted Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcerCloud Deleted Preinstalled.AcerPortal Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MonitorAcerPortal Deleted Preinstalled.AcerPortal Task C:\Windows\System32\Tasks\ACERCLOUD Deleted Preinstalled.AcerPortal Task C:\Windows\System32\Tasks\MONITORACERPORTAL Deleted Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7} Deleted Preinstalled.AcerabBox Registry HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68} ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [5317 octets] - [04/06/2019 18:36:26] AdwCleaner[C00].txt - [4841 octets] - [04/06/2019 18:36:50] AdwCleaner[S01].txt - [1388 octets] - [04/06/2019 19:31:55] AdwCleaner[C01].txt - [1574 octets] - [04/06/2019 19:32:11] AdwCleaner_Debug.log - [27150 octets] - [03/12/2019 12:19:35] AdwCleaner[S02].txt - [3969 octets] - [03/12/2019 12:21:05] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ########## ZHPCleaner Report ~ ZHPCleaner v2019.12.2.161 by Nicolas Coolman (2019/12/02) ~ Run by gottm (Administrator) (03/12/2019 12:59:57) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\gottm\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\gottm\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home Single Language, 64-bit (Build 18362) ---\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. (ADS) ---\ Services (0) ~ No malicious or unnecessary items found. (Service) ---\ Browser internet (0) ~ No malicious or unnecessary items found. (Browser) ---\ Hosts file (1) ~ The hosts file is legitimate (21) ---\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. (Task) ---\ Explorer ( File, Folder) (3) MOVED file: C:\Users\gottm\Desktop\µTorrent.lnk [Bad : C:\Users\gottm\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P) MOVED file: C:\Users\gottm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [Bad : C:\Users\gottm\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P) MOVED file: C:\Users\gottm\Downloads\uTorrent.exe [BitTorrent Inc. - µTorrent] =>BitTorrent (P2P) ---\ Registry ( Key, Value, Data) (10) DELETED key*: HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5} [AdditionalScan 359] =>PUP.Optional.Legacy DELETED key**: HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5} [AdditionalScan 506] =>PUP.Optional.Legacy DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.] =>BitTorrent (P2P) DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474} [IMyOverlayIcon] =>PUP.Optional.Legacy DELETED key*: [X64] HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL [] =>PUP.Optional.BonanzaDeals DELETED key*: [X64] HKLM\SOFTWARE\Classes\Installer\Products\3B8D19A4F21751842BB96E0100C87440 [NativeDesktopMediaService] =>PUP.Optional.Jetmedia DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\307D253A70CB21E43A4374E451D0A397 [02:\Software\Jetmedia\NativeDesktopMediaService\Path (Not File)] =>PUP.Optional.Jetmedia DELETED key**: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\OverlayIcon.DLL [] =>PUP.Optional.BonanzaDeals DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474} [IMyOverlayIcon] =>PUP.Optional.Legacy DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A91D8B3-712F-4815-B29B-E610008C4704} [Jetmedia] =>PUP.Optional.Jetmedia ---\ Summary of the elements found (4) https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P) https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Legacy https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.BonanzaDeals https://nicolascoolman.eu/2019/05/22/pup-optional-jetmedia/ =>PUP.Optional.Jetmedia ---\ Other deletions. (7) ~ Registry Keys Tracing deleted (7) ~ Remove the old reports ZHPCleaner. (0) ---\ Result of repair ~ Repair carried out successfully ~ Google Chrome OK ~ Mozilla Firefox OK ~ Internet Explorer OK ~ Opera OK ---\ Statistics ~ Items scanned : 1381 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 6/13 ~ Space saving (bytes) : 0 ~ End of clean in 00h00mn20s ---\ Reports (2) ZHPCleaner--03122019-12_49_09.txt ZHPCleaner-[R]-03122019-13_00_17.txt ZHPCleaner report End Grato e espero ter feito tudo certo, conforme orientado acima.
  4. ZA-Scan.txt Boa tarde, Cada vez que utilizo o navegador ele não responde aos cliques direito. Sempre abre novas guias, no youtube eu não consigo assistir nada em tela cheia e fora do navegador tenho tido problemas com a resposta do computador. Ultima vez que fui desligar, o menu inicial estava com os nomes trocados e embaralhados.

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...