Ir ao conteúdo
  • Cadastre-se

celosvas

Membro Júnior
 Perfil  Explorar Conteúdo

  • Posts

    9

  • Cadastrado em

  • Última visita

Reputação

0
  1. celosvas
    celosvas alterou sua foto pessoal
  2. celosvas
    @Elias Pereira Muitíssimo obrigado pela ajuda. Eu uso o Windows 7 por conta dos jogos, mas já vou voltar pro 10, justamente por segurança. Valeu mesmo, cara!
  3. celosvas
    @Elias Pereira Tudo certinho, nenhum problema.
  4. celosvas
    @Elias Pereira Eu tinha removido o WarSaw ontem, vou colar o report de ontem também, ok? RogueKiller Anti-Malware V14.8.6.0 (x64) [Mar 24 2021] (Free) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits Started in : Normal mode User : ari [Administrator] Started from : C:\Program Files\RogueKiller\RogueKiller64.exe Signatures : 20210426_080854, Driver : Loaded Mode : Standard Scan, Delete -- Date : 2021/04/29 00:25:46 (Duration : 00:11:01) Switches : -minimize ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [Suspicious.Path (Potentially Malicious)] \Rerun Warsaw's CoreFixer -- C:\Windows\TEMP\is-6BH2A.tmp\corefixer.exe (/norerun) -> Deleted RogueKiller Anti-Malware V14.8.6.0 (x64) [Mar 24 2021] (Free) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits Started in : Normal mode User : ari [Administrator] Started from : C:\Program Files\RogueKiller\RogueKiller64.exe Signatures : 20210426_080854, Driver : Loaded Mode : Standard Scan, Delete -- Date : 2021/04/29 11:20:11 (Duration : 00:10:34) Switches : -minimize ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run|USB Gamepad -- [%SystemRoot%\USB] -> Deleted
  5. celosvas
    @Elias Pereira RogueKiller Anti-Malware V14.8.6.0 (x64) [Mar 24 2021] (Free) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits Started in : Normal mode User : ari [Administrator] Started from : C:\Program Files\RogueKiller\RogueKiller64.exe Signatures : 20210426_080854, Driver : Loaded Mode : Standard Scan, Scan -- Date : 2021/04/29 00:10:09 (Duration : 00:11:01) Switches : -minimize ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [Suspicious.Path (Potentially Malicious)] \Rerun Warsaw's CoreFixer -- C:\Windows\TEMP\is-6BH2A.tmp\corefixer.exe [/norerun] -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ >>>>>> O4 - Run [Suspicious.Path (Potentially Malicious)] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run|USB Gamepad -- C:\Windows\USB Vibration\dr100&110\USB Gamepad.exe -boot (missing) -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
  6. celosvas
    Oi Elias boa noite. Muito obrigado pela resposta e me desculpe pela demora pra responder, fiz uma viagem curta no domingo, mas já estou de volta e comecei o processo de remoção que você citou. Vou colar abaixo o LOG do AdwCleaner: # ------------------------------- # Malwarebytes AdwCleaner 8.2.0.0 # ------------------------------- # Build: 03-22-2021 # Database: 2021-04-20.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 04-27-2021 # Duration: 00:00:01 # OS: Windows 7 Ultimate # Cleaned: 0 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete IFEO [+] Delete Prefetch [+] Delete Tracing Keys [+] Reset BITS [+] Reset Windows Firewall [+] Reset Hosts File [+] Reset IPSec [+] Reset Chromium Policies [+] Reset Proxy Settings [+] Reset TCP/IP [+] Reset Winsock ************************* AdwCleaner[C01].txt - [1732 octets] - [25/04/2021 12:36:31] AdwCleaner[S00].txt - [1470 octets] - [27/04/2021 19:09:34] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## LOG do ZHPCleaner: ~ ZHPCleaner v2021.4.24.292 by Nicolas Coolman (2021/04/24) ~ Run by ari (Administrator) (27/04/2021 20:57:02) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : ~ Type : Repair ~ Report : C:\Users\ari\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\ari\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ System Restore Point : ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (40) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (4) MOVED file: C:\Users\ari\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium MOVED folder: C:\Users\ari\AppData\Local\Google\Chrome\User Data\Default\File System\000 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\ari\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome MOVED folder: C:\Users\ari\AppData\Local\Google\Chrome\User Data\Default\File System\002 =>.SUP.Temporary.Chrome ---\\ Registry ( Key, Value, Data) (6) DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{979A70FF-2430-4CDA-84C0-3773E07FDAA0}\\DhcpNameServer [Bad : 181.213.132.2 181.213.132.3] =>Hijacker.Browser DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 181.213.132.2 181.213.132.3] =>Hijacker.Browser DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\program files (x86)\cyber hunter\bin\client.exe [client.exe] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\program files (x86)\cyber hunter\bin\ccmini\ccmini.exe [CC直播内置语音] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\program files (x86)\steam\steam.exe [Steam] =>.SUP.Orphan.MUICache DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe [Smite] =>.SUP.Orphan.MUICache ---\\ Summary of the elements found (4) https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Temporary.Chrome https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser https://nicolascoolman.eu/forum/Topic/orphan-muicache-logiciel-potentiellement-superflu-lps/ =>.SUP.Orphan.MUICache ---\\ Other deletions. (2) ~ Registry Keys Tracing deleted (0) ~ Remove the old reports ZHPCleaner. (2) ---\\ Result of repair ~ Repair carried out successfully ~ Google Chrome OK ~ Internet Explorer OK ---\\ Statistics ~ Items scanned : 1028 ~ Items found : 0 ~ Items cancelled : 0 ~ Space saving (bytes) : 0 ~ Items options : 16/17 ---\\ OPTIONS NOT ACTIVES ~ Start browsers with extensions removed ~ End of clean in 00h00mn11s ---\\ Reports (4) ZHPCleaner-[R]-25042021-13_58_45.txt ZHPCleaner-[S]-25042021-13_58_12.txt ZHPCleaner-[S]-27042021-20_56_19.txt ZHPCleaner-[R]-27042021-20_57_13.txt
  7. celosvas
    @GabrielLV Abri um tópico lá. Muito obrigado!
  8. celosvas
    Fui infectado por esses vírus: Virus Seabrook.exe e haleng.exe e agora após remove-lo notei que minha conta no instagram está publicando posts automaticamente. Troquei todas as minhas senhas e reativei o login em 2 fatores, mas ainda não me sinto seguro. Podem me ajudar na remoção? zoek-results.log
  9. celosvas
    Já sim. As pastas e arquivos ocultos estão à mostra, mas os arquivos não são localizados. Mesmo assim, toda vez que ligo o PC, as entradas de inicialização no sistema voltam estar habilitadas. Eu exclui as chaves no Editor de Registro, mas tenho medo desses arquivos ainda estarem no computador.
  10. celosvas
    Pessoal, estou com esses dois programas desconhecidos sendo iniciados com o windows. Não conheço os programas e não os instalei e eles tão não aparecem no Desinstalar Programas nem são detectados pelos antivirus. Eu tentei o MalwareBytes e apesar dele ter achado vários arquivos de vírus e removido todos esses programas não saem do iniciar. Podem me ajudar a remove-los? Uso windows 7. Estou anexando um relatório do MalwareBytes, parece que alguns arquivos não puderam ser removidos e pelo que entendi o Google Chrome também estava infectado, pois tive que reinstala-lo. Abaixo uma foto do MSCONFIG Agradeço desde já. relatório malwarebytes.txt

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas comunidades sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

Mais

×
×
  • Criar novo...

Ebook grátis: Aprenda a ler resistores e capacitores!

EBOOK GRÁTIS!

CLIQUE AQUI E BAIXE AGORA MESMO!