Ir ao conteúdo
  • Cadastre-se

viniciusjf

Membros Plenos
  • Total de itens

    178
  • Registro em

  • Última visita

  • Qualificações

    0%

Reputação

6

Sobre viniciusjf

  • Data de Nascimento 02-11-1981 (36 anos)

Informações gerais

  • Cidade e Estado
    Minas Gerais
  1. Bom dia. O problema parece estar resolvido. Desativei o Panda USB Vaccine e copiei arquivos para o pendrive, e nada aconteceu. Muitíssimo obrigado, pessoal.
  2. Zemana AntiMalware 2.74.2.150 (instalado) ------------------------------------------------------- Scan Result : Concluído Scan Date : 2018/8/22 Operating System : Windows 7 64-bit Processor : 4X AMD Athlon(tm) II X4 630 Processor BIOS Mode : Legacy CUID : 12FA4A1331E7386F1CFA1D Scan Type : Análise do Sistema Duration : 2m 8s Scanned Objects : 56014 Detected Objects : 0 Excluded Objects : 0 Read Level : SCSI Auto Upload : Activado Detect All Extensions : Desactivado Scan Documents : Desactivado Domain Info : WORKGROUP,0,2 Detected Objects ------------------------------------------------------- Não foram detectadas ameaças
  3. RogueKiller V12.12.31.0 (x64) [Aug 10 2018] (Free) por Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Site : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Iniciou : Modo normal Usuário : Vinicius [Administrador] Started from : F:\Users\Vinicius\Desktop\RogueKiller_portable64.exe Modo : Deletar -- Data : 08/21/2018 16:53:26 (Duration : 00:19:40) ¤¤¤ Processos : 0 ¤¤¤ ¤¤¤ Registro : 16 ¤¤¤ [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{A4AFB4E6-AAE9-4A9C-BE4B-2DEC943A99A7}C:\programdata\oracle\java\javapath_target_17256814\javaw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_17256814\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Deletado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{3B416D44-8743-4A51-920D-EBD5A34E3545}C:\programdata\oracle\java\javapath_target_17256814\javaw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_17256814\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Deletado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{793B0ACE-A953-4B64-A63E-C3EDC047F83C}C:\programdata\oracle\java\javapath_target_17256814\java.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_17256814\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Deletado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{3A54BE34-D4DF-4FC0-BB34-9A7C4CA0D2B5}C:\programdata\oracle\java\javapath_target_17256814\java.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_17256814\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Deletado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{A4FC704C-CA9E-4739-81D3-C3FFBBD1E293}C:\programdata\oracle\java\javapath_target_2414614\javaw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\programdata\oracle\java\javapath_target_2414614\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Deletado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{D33C5565-44C6-4F6E-A7C1-311847401A9C}C:\programdata\oracle\java\javapath_target_2414614\javaw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\programdata\oracle\java\javapath_target_2414614\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Deletado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{4DE113F4-7F11-43AF-B435-D0763DD1FF33}C:\programdata\oracle\java\javapath_target_2414614\java.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_2414614\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Deletado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{EB7436D3-99EB-4D54-9627-EE316C67AB98}C:\programdata\oracle\java\javapath_target_2414614\java.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_2414614\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Deletado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{A4AFB4E6-AAE9-4A9C-BE4B-2DEC943A99A7}C:\programdata\oracle\java\javapath_target_17256814\javaw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_17256814\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Deletado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{3B416D44-8743-4A51-920D-EBD5A34E3545}C:\programdata\oracle\java\javapath_target_17256814\javaw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_17256814\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Deletado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{793B0ACE-A953-4B64-A63E-C3EDC047F83C}C:\programdata\oracle\java\javapath_target_17256814\java.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_17256814\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Deletado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{3A54BE34-D4DF-4FC0-BB34-9A7C4CA0D2B5}C:\programdata\oracle\java\javapath_target_17256814\java.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_17256814\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Deletado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{A4FC704C-CA9E-4739-81D3-C3FFBBD1E293}C:\programdata\oracle\java\javapath_target_2414614\javaw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\programdata\oracle\java\javapath_target_2414614\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Deletado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{D33C5565-44C6-4F6E-A7C1-311847401A9C}C:\programdata\oracle\java\javapath_target_2414614\javaw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\programdata\oracle\java\javapath_target_2414614\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Deletado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{4DE113F4-7F11-43AF-B435-D0763DD1FF33}C:\programdata\oracle\java\javapath_target_2414614\java.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_2414614\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Deletado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{EB7436D3-99EB-4D54-9627-EE316C67AB98}C:\programdata\oracle\java\javapath_target_2414614\java.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_2414614\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Deletado ¤¤¤ Tarefas : 1 ¤¤¤ [Suspicious.Path] \Rerun Warsaw's CoreFixer -- C:\Windows\TEMP\is-SF89S.tmp\corefixer.exe (/norerun) -> Deletado ¤¤¤ Arquivos : 1 ¤¤¤ [Suspicious.Startup][Arquivo] C:\Users\Vinicius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3380822_hmaster.vbs -> Deletado ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Arquivos de hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤ ¤¤¤ Navegadores : 1 ¤¤¤ [PUM.SearchPage][Chrome:Config] Default [SecurePrefs] : default_search_provider_data.template_url_data.keyword [google.com.br] -> Deletado ¤¤¤ Verificação da MBR : ¤¤¤ +++++ PhysicalDrive0: ST3500418AS ATA Device +++++ --- User --- [MBR] 4f25d0119ec213686569ef2e6666c9ca [BSP] e28d7c4ee6710da9183f0b093ddcb911 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476937 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: KINGSTON SA400S37120G ATA Device +++++ --- User --- [MBR] 072647ff643c0f18e7f95f6a8a721ec2 [BSP] e4605fa1a478b8f112191e836c8e9d59 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 113971 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive2: SanDisk Cruzer Blade USB Device +++++ --- User --- [MBR] 3696c7d0d9f8ca414288af69d8c10269 [BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 2048 | Size: 7628 MB User = LL1 ... OK Error reading LL2 MBR! ([32] Não há suporte para o pedido. )
  4. Essa porcaria de hmaster que não sai de jeito nenhum! RogueKiller V12.12.31.0 (x64) [Aug 10 2018] (Free) por Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Site : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Iniciou : Modo normal Usuário : Vinicius [Administrador] Started from : F:\Users\Vinicius\Desktop\RogueKiller_portable64.exe Modo : Escanear -- Data : 08/19/2018 11:38:08 (Duration : 00:21:11) ¤¤¤ Processos : 0 ¤¤¤ ¤¤¤ Registro : 16 ¤¤¤ [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{A4AFB4E6-AAE9-4A9C-BE4B-2DEC943A99A7}C:\programdata\oracle\java\javapath_target_17256814\javaw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_17256814\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{3B416D44-8743-4A51-920D-EBD5A34E3545}C:\programdata\oracle\java\javapath_target_17256814\javaw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_17256814\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{793B0ACE-A953-4B64-A63E-C3EDC047F83C}C:\programdata\oracle\java\javapath_target_17256814\java.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_17256814\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{3A54BE34-D4DF-4FC0-BB34-9A7C4CA0D2B5}C:\programdata\oracle\java\javapath_target_17256814\java.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_17256814\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{A4FC704C-CA9E-4739-81D3-C3FFBBD1E293}C:\programdata\oracle\java\javapath_target_2414614\javaw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\programdata\oracle\java\javapath_target_2414614\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{D33C5565-44C6-4F6E-A7C1-311847401A9C}C:\programdata\oracle\java\javapath_target_2414614\javaw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\programdata\oracle\java\javapath_target_2414614\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{4DE113F4-7F11-43AF-B435-D0763DD1FF33}C:\programdata\oracle\java\javapath_target_2414614\java.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_2414614\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{EB7436D3-99EB-4D54-9627-EE316C67AB98}C:\programdata\oracle\java\javapath_target_2414614\java.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_2414614\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{A4AFB4E6-AAE9-4A9C-BE4B-2DEC943A99A7}C:\programdata\oracle\java\javapath_target_17256814\javaw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_17256814\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{3B416D44-8743-4A51-920D-EBD5A34E3545}C:\programdata\oracle\java\javapath_target_17256814\javaw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_17256814\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{793B0ACE-A953-4B64-A63E-C3EDC047F83C}C:\programdata\oracle\java\javapath_target_17256814\java.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_17256814\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{3A54BE34-D4DF-4FC0-BB34-9A7C4CA0D2B5}C:\programdata\oracle\java\javapath_target_17256814\java.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_17256814\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{A4FC704C-CA9E-4739-81D3-C3FFBBD1E293}C:\programdata\oracle\java\javapath_target_2414614\javaw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\programdata\oracle\java\javapath_target_2414614\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{D33C5565-44C6-4F6E-A7C1-311847401A9C}C:\programdata\oracle\java\javapath_target_2414614\javaw.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\programdata\oracle\java\javapath_target_2414614\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{4DE113F4-7F11-43AF-B435-D0763DD1FF33}C:\programdata\oracle\java\javapath_target_2414614\java.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_2414614\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Encontrado [Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{EB7436D3-99EB-4D54-9627-EE316C67AB98}C:\programdata\oracle\java\javapath_target_2414614\java.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\programdata\oracle\java\javapath_target_2414614\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| [x] -> Encontrado ¤¤¤ Tarefas : 1 ¤¤¤ [Suspicious.Path] \Rerun Warsaw's CoreFixer -- C:\Windows\TEMP\is-SF89S.tmp\corefixer.exe (/norerun) -> Encontrado ¤¤¤ Arquivos : 1 ¤¤¤ [Suspicious.Startup][Arquivo] C:\Users\Vinicius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3380822_hmaster.vbs -> Encontrado ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Arquivos de hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤ ¤¤¤ Navegadores : 1 ¤¤¤ [PUM.SearchPage][Chrome:Config] Default [SecurePrefs] : default_search_provider_data.template_url_data.keyword [google.com.br] -> Encontrado ¤¤¤ Verificação da MBR : ¤¤¤ +++++ PhysicalDrive0: ST3500418AS ATA Device +++++ --- User --- [MBR] 4f25d0119ec213686569ef2e6666c9ca [BSP] e28d7c4ee6710da9183f0b093ddcb911 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476937 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: KINGSTON SA400S37120G ATA Device +++++ --- User --- [MBR] 072647ff643c0f18e7f95f6a8a721ec2 [BSP] e4605fa1a478b8f112191e836c8e9d59 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 113971 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive2: SanDisk Cruzer Blade USB Device +++++ --- User --- [MBR] 3696c7d0d9f8ca414288af69d8c10269 [BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 2048 | Size: 7628 MB User = LL1 ... OK Error reading LL2 MBR! ([32] Não há suporte para o pedido. )
  5. Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 15/08/2018 Hora da análise: 23:53 Arquivo de registro: 81588034-a0ff-11e8-acf9-002511719483.json -Informação do software- Versão: 3.5.1.2522 Versão de componentes: 1.0.421 Versão do pacote de definições: 1.0.6363 Licença: Versão de Avaliação -Informação do sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x64 Sistema de arquivos: NTFS Usuário: Vinicius-PC\Vinicius -Resumo da análise- Tipo de análise: Análise Customizada Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 277292 Ameaças detectadas: 4 Ameaças em quarentena: 2 Tempo decorrido: 2 hr, 5 min, 6 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 1 PUP.Optional.DefaultSearch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nladljmabboanhihfkjacnnkgjhnokhj, Quarentena, [274], [550469],1.0.6363 Valor de registro: 1 Trojan.Agent.Generic, HKU\S-1-5-21-2139675637-1673083731-3996435045-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|3380822_HMASTER, Falha ao remover, [3708], [521269],1.0.6363 Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 2 Trojan.Agent.Generic, C:\USERS\VINICIUS\APPDATA\LOCAL\TEMP\3380822_HMASTER.VBS, Falha ao remover, [3708], [521269],1.0.6363 PUP.Optional.DefaultSearch, C:\USERS\VINICIUS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Substituído, [274], [550469],1.0.6363 Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) # ------------------------------- # Malwarebytes AdwCleaner 7.2.2.0 # ------------------------------- # Build: 07-17-2018 # Database: 2018-08-16.1 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 08-16-2018 # Duration: 00:00:01 # OS: Windows 7 Ultimate # Cleaned: 8 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Users\Vinicius\AppData\Roaming\DRPSu ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion Deleted HKCU\Software\Lavasoft\Web Companion Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** Deleted Ask Brasil ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1859 octets] - [16/08/2018 14:19:48] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.4 (07.09.2017) Operating System: Windows 7 Ultimate x64 Ran by Vinicius (Administrator) on 16/08/2018 at 14:34:45,61 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 16/08/2018 at 14:42:55,17 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  6. Boa noite. Uma dúvida: em alguma dessas novas etapas, o pendrive que deu problema tem que estar plugado no PC?
  7. Segue novo log resultante. C:\Users\Vinicius\AppData\Local\Temp\3380822_hmaster.vbs VBS/Kryptik.AU trojan cleaned by deleting (after the next restart) C:\Users\Vinicius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3380822_hmaster.vbs VBS/Kryptik.AU trojan cleaned by deleting E:\3380822_hmaster.vbs VBS/Kryptik.AU trojan cleaned by deleting
  8. Boa noite. Segue a lista. Desde já obrigado. Edit: reparei que depois de rodar o programa, ficou aparente um autorun.inf no meu pendrive, que eu não conseguia deletar, e depois que o formatei para exfat, o problema voltou a ocorrer (arquivos transformados em atalhos), neste caso gostaria de acrescentar uma dúvida: o Panda USB Vaccine só funciona com o dispositivo em Fat32? C:\Users\Vinicius\AppData\Local\Temp\3380822_hmaster.vbs VBS/Kryptik.AU trojan cleaned by deleting (after the next restart) C:\Users\Vinicius\AppData\Local\Temp\HYD205D.tmp.1533849449\HTA\install.1533849449.zip Win32/OpenCandy.J potentially unsafe application deleted C:\Users\Vinicius\AppData\Local\Temp\HYD205D.tmp.1533849449\HTA\scripts\install.js Win32/OpenCandy.J potentially unsafe application cleaned by deleting C:\Users\Vinicius\AppData\Local\Temp\HYD205D.tmp.1533849449\HTA\scripts\uninstall.js Win32/OpenCandy.J potentially unsafe application cleaned by deleting C:\Users\Vinicius\AppData\Local\Temp\HYD205D.tmp.1533849449\HTA\shell_scripts\shell_install_offer.js Win32/OpenCandy.J potentially unsafe application cleaned by deleting C:\Users\Vinicius\AppData\Local\Temp\HYD96B4.tmp.1533523763\HTA\install.1533523763.zip Win32/OpenCandy.J potentially unsafe application deleted C:\Users\Vinicius\AppData\Local\Temp\HYD96B4.tmp.1533523763\HTA\scripts\install.js Win32/OpenCandy.J potentially unsafe application cleaned by deleting C:\Users\Vinicius\AppData\Local\Temp\HYD96B4.tmp.1533523763\HTA\scripts\uninstall.js Win32/OpenCandy.J potentially unsafe application cleaned by deleting C:\Users\Vinicius\AppData\Local\Temp\HYD96B4.tmp.1533523763\HTA\shell_scripts\shell_install_offer.js Win32/OpenCandy.J potentially unsafe application cleaned by deleting C:\Users\Vinicius\AppData\Local\Temp\HYDC014.tmp.1533524167\HTA\install.1533524167.zip Win32/OpenCandy.J potentially unsafe application deleted C:\Users\Vinicius\AppData\Local\Temp\HYDC014.tmp.1533524167\HTA\scripts\install.js Win32/OpenCandy.J potentially unsafe application cleaned by deleting C:\Users\Vinicius\AppData\Local\Temp\HYDC014.tmp.1533524167\HTA\scripts\uninstall.js Win32/OpenCandy.J potentially unsafe application cleaned by deleting C:\Users\Vinicius\AppData\Local\Temp\HYDC014.tmp.1533524167\HTA\shell_scripts\shell_install_offer.js Win32/OpenCandy.J potentially unsafe application cleaned by deleting C:\Users\Vinicius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3380822_hmaster.vbs VBS/Kryptik.AU trojan cleaned by deleting E:\3380822_hmaster.vbs VBS/Kryptik.AU trojan cleaned by deleting F:\Vinícius\Downloads\DTLite4461-0328.exe Win32/WebDevAZ.C potentially unwanted application cleaned by deleting F:\Vinícius\Downloads\uTorrent.exe a variant of Win32/Bunndle potentially unsafe application cleaned by deleting F:\Vinícius\Downloads\Downloads\001-game-creator-1-010-009-32-bits [1].exe Win32/InstallMonetizer.AN potentially unwanted application cleaned by deleting F:\Vinícius\Downloads\Downloads\106-ccsetup412.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting F:\Vinícius\Jogos\Armello-CODEX\codex-armello.iso a variant of Win32/HackTool.Crack.ES potentially unsafe application deleted
  9. Boa tarde. Senhores, peço desculpas de antemão por criar o tópico sem uma das instruções básicas do fórum para isto, mas tive um problema e ao tentar executar o ZA-Scan (zoek), nada aconteceu. Não uso antivírus e desativei o firewall, mas mesmo assim o programa aparentemente não foi executado e nenhum log ou pasta foi gerado (fiz a busca no sistema). Meu problema é aquele vírus que transforma as pastas e arquivos do pendrive em atalhos, mesmo não usando antivírus nunca tinha pegado aquilo, até usar o pendrive no notebook de um professor... Formatei o pendrive, mas não adiantou, então suponho que o vírus esteja na minha máquina. Outra dúvida: se eu utilizar este pendrive na minha TV, posso prejudicar o aparelho de alguma forma? Diante do problema, peço a ajuda de vocês. Desde já obrigado.
  10. Fiz o teste e aparentemente não mudou muita coisa. As telas azuis deram uma parada, mas o travamentos e bugs ainda gráficos são constantes.
  11. Mas se desinstalar o flash player, não para de abrir vídeos e imagens nos sites?
  12. Uso Windows 7 32 bits. Baixei o drive da AMD hoje recomendado pelo programa de detecção do site, mas parece que continua a mesma coisa, às vezes até pior. Se eu vou carregar uma foto no facebook ou whatsapp web por exemplo, trava um pouco e dá um monte de bug na tela, fica meio preto, essas coisas. Eu desconfio que seja algo relacionado ao plugin de vídeo, essa porcaria de Adobe Flash Player, porque vive dando aviso de erro e bloqueio. Já tentei inúmeras alternativas quanto a isso e também não resolveu.
  13. Boa noite. Possuo a seguinte configuração atual: CONFIGURAÇÃO: Processador: AMD Athlon II X4 630 Black Series placa-mãe: A790GXM-AD3 Black Series Memória: Memória Kingston 8gb Ddr3 1333mhz Pc3-10600 - Desktop FONTE: Corsair CX Series 430 Watts Placa de Vídeo: Radeon R7 260X. Há alguns meses que percebo que meu pc vem apresentando muitos problemas de desempenho gráfico, sobretudo quando utilizo navegadores (em todos eles, já tentei trocar). Agarra na hora de rolar a página, imagens não carregam ou carregam bugadas, Firefox e Chrome não raramente travam e também rola tela azul com relativa frequência (tenho foto da tela se for relevante), sempre ao abrir páginas de internet ou alternar entre abas, quase nunca em jogos. A memória e a placa de vídeo que estão na configuração são novas, adquiri nos últimos 3 ou 4 meses, mas antes não estava muito diferente. Tenho receio que seja algo relacionado a drivers de vídeo, mesmo tendo instalado corretamente, mas sou leigo e não sei como averiguar o problema. Peço a ajuda de vocês para solucionar o problema. Desde já obrigado.

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×