×
Ir ao conteúdo
  • Cadastre-se

Paulo José Lima Gomes

Membro Júnior
  • Posts

    4
  • Cadastrado em

  • Última visita

  • Qualificações

    0%
  1. Elias, bom dia consegui seguir todos os passos de forma normal! Muito obrigado! uma ultima pergunta, os programas que baixei e executei, posso ou tenho que deletar? Eles provocam algum conflito com o antivirus? Obrigado novamente!
  2. [code] HitmanPro 3.8.23.318 www.hitmanpro.com Computer name . . . . : DESKTOP-3S8GVID Windows . . . . . . . : 10.0.0.19041.X64/12 User name . . . . . . : DESKTOP-3S8GVID\Paulo José UAC . . . . . . . . . : Enabled License . . . . . . . : Trial (32 days left) Scan date . . . . . . : 2021-07-20 21:25:39 Scan mode . . . . . . : Normal Scan duration . . . . : 6m 15s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : Yes Threats . . . . . . . : 0 Traces . . . . . . . : 3 Objects scanned . . . : 2.545.451 Files scanned . . . . : 107.162 Remnants scanned . . : 1.063.374 files / 1.374.915 keys Potential Unwanted Programs _________________________________________________ HKLM\SOFTWARE\Classes\WOW6432Node\CLSID\{11E7B631-8B1D-48e5-81B8-C2C15F39711A}\ (Simplitec) -> Deleted HKU\S-1-5-21-434320210-4153841087-3939950232-1003\SOFTWARE\Classes\WOW6432Node\CLSID\{11E7B631-8B1D-48e5-81B8-C2C15F39711A}\ (Simplitec) -> Deleted HKU\S-1-5-21-434320210-4153841087-3939950232-1003_Classes\WOW6432Node\CLSID\{11E7B631-8B1D-48e5-81B8-C2C15F39711A}\ (Simplitec) -> PendingDelete [/code]
  3. Olá Elias, obrigado pelo retorno, segue o conteudo solicitado: RogueKiller Anti-Malware V15.0.8.0 (x64) [Jul 13 2021] (Premium) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 10 (10.0.19041) 64-bit Started in : Normal mode User : Paulo José [Administrator] Started from : C:\Program Files\RogueKiller\RogueKiller64.exe Signatures : 20210717_162602, Driver : Loaded Mode : Standard Scan, Scan -- Date : 2021/07/20 15:00:04 (Duration : 00:03:58) Switches : -minimize ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [Suspicious.Path (Potentially Malicious)] \Rerun Warsaw's CoreFixer -- C:\Windows\TEMP\is-QLL3F.tmp\corefixer.exe [/norerun] -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
  4. Bom dia gente, ontem o Windows Defender detectou esses dois virus tiggre!rfn e occamy.c02. Procurei em postagens aqui e já segui alguns passos, mas gostaria de ter certeza se já foram removidos mesmo ou se ainda estou exposto. Vou colocar os resultados dos programas que rodei: MALWAREBYTES: -Detalhes do Relatório- Data da análise: 20/07/2021 Hora da análise: 02:11 Arquivo de relatório: e54a77fa-e918-11eb-97b6-54bf64118e77.json -Informações do Software- Versão: 4.4.3.125 Versão de componentes: 1.0.1387 Versão do pacote de definições: 1.0.43295 Licença: Versão de Avaliação -Informações do Sistema- Sistema operacional: Windows 10 (Build 19041.1110) Processador: x64 Sistema de arquivos: NTFS Usuário: System -Resumo da Análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Agendamento Resultado: Concluída Objetos verificados: 312170 Ameaças detectadas: 7 Ameaças em quarentena: 0 Tempo decorrido: 3 min, 20 seg -Opções da Análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Desabilitado Heurística: Habilitado Programa Potencialmente Indesejado: Detetar PUM (modificação potencialmente indesejada): Detetar -Detalhes da Análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 7 Trojan.BitCoinMiner, C:\Windows\SYSTEM\CHROME.EXE, Nenhuma ação pelo usuário, 595, 805507, 1.0.43295, 2A61ECB47E4A4158D704EA88, dds, 01340855, AAFB7AE8EF7BB245ADC62A4E503705B7, A3D6D887CDAFE6E5A7376E92DF9925EF7473246679E498365E1F82F0FE4BCCE7 Trojan.BitCoinMiner, C:\PROGRAM FILES\Windows NT\CHROME.EXE, Nenhuma ação pelo usuário, 595, 805507, 1.0.43295, 2A61ECB47E4A4158D704EA88, dds, 01340855, AAFB7AE8EF7BB245ADC62A4E503705B7, A3D6D887CDAFE6E5A7376E92DF9925EF7473246679E498365E1F82F0FE4BCCE7 Trojan.BitCoinMiner, C:\Windows\SYSTEM\CONFIG.JSON, Nenhuma ação pelo usuário, 595, 586609, 1.0.43295, , ame, , F649EC39090EB8D4A6F9FF4DC051FE19, 268F2C92076FDF332FA16CD32CF3CC2D5EC3CBA39126312D0C12B6816754EF99 Trojan.BitCoinMiner, C:\Windows\SYSTEM\INIT.EXE, Nenhuma ação pelo usuário, 595, 817458, 1.0.43295, 18FBC260C751C3F94BD8185A, dds, 01340855, 0D3E288F155EC31EFA2C3B598AC4066A, 7F56EDA165AE227303A8F4985129FFD4DA16CEB7C174C1029FD8C9F7008750E9 Malware.AI.4286530622, C:\Windows\SYSTEM\KMR.EXE, Nenhuma ação pelo usuário, 1000000, 0, 1.0.43295, 6506351881A98713FF7F443E, dds, 01340855, C63C5EAFC72033736C82D52F5384FC11, 024A9609A381E9981634AB4068338C425CF94FA90558797BFB8BDD7FC18CF345 Malware.AI.1306919357, C:\Windows\SYSTEM\KMSAUTO-X64.EXE, Nenhuma ação pelo usuário, 1000000, 0, 1.0.43295, 2AC1F9096D8E92034DE601BD, dds, 01340855, AAACBBC58A78FFCC674AFEEC04069D3D, 92F154A1E3FDBC25EB3FE28DB00BACB50021118FA3C324CF96A4E1DF19820974 Trojan.Agent.UPX.Generic, C:\Windows\SYSTEM\LOOP.EXE, Nenhuma ação pelo usuário, 12571, 591831, 1.0.43295, 8CBCCB94F698CDA5D9FB0855, dds, 01340855, EA0FC73F0BD3DF942FE9490161E3C964, 0EBE9744BE5BDA97E5B879DE1A545BE04D65BC5EA2F40E63B74E5FE561408DBA Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) ADWCLEANER: # ------------------------------- # Malwarebytes AdwCleaner 8.3.0.0 # ------------------------------- # Build: 06-29-2021 # Database: 2021-06-29.1 (Local) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 07-20-2021 # Duration: 00:00:02 # OS: Windows 10 Home # Cleaned: 17 # Awaiting reboot:4 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Users\Paulo José\AppData\Roaming\IObit\Advanced SystemCare ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER ***** [ Registry ] ***** Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A9370CC-B370-4A8E-9FC1-9CEBCA8ECB08} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474} ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AGENT Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8966C9C4-C23D-472A-B078-19C4981B6A14} Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8966C9C4-C23D-472A-B078-19C4981B6A14} Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate Deleted Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE Needs Reboot Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN Needs Reboot Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT Needs Reboot Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE Needs Reboot Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* ***** Reboot Required to Complete ***** ***** [ Folders ] ***** Cleaning failed C:\Program Files (x86)\DELL\UPDATESERVICE Cleaning failed C:\Program Files\DELL\SAREMEDIATION\PLUGIN Cleaning failed C:\Program Files\DELL\SUPPORTASSISTAGENT Cleaning failed C:\ProgramData\DELL\UPDATESERVICE ************************* AdwCleaner[S00].txt - [3183 octets] - [20/07/2021 07:18:03] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## ZHPCCLEANER: ~ ZHPCleaner v2021.7.19.312 by Nicolas Coolman (2021/07/19) ~ Run by Paulo José (Administrator) (20/07/2021 09:44:50) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Repair ~ Report : C:\Users\Paulo José\OneDrive\Área de Trabalho\ZHPCleaner (R).txt ~ Quarantine : C:\Users\Paulo José\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ System Restore Point : OK ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 19041) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (21) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (1) MOVED file: C:\Users\Paulo José\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium ---\\ Registry ( Key, Value, Data) (4) DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{90e838fb-0390-4ea0-95f5-d23e9f5eae24}\\DhcpNameServer [Bad : 181.213.132.2 181.213.132.3] =>Hijacker.Browser DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 181.213.132.2 181.213.132.3] =>Hijacker.Browser DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akamaihd.net [] =>.SUP.AkamaiHD DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pxlgnpgecom-a.akamaihd.net [42] =>.SUP.AkamaiHD ---\\ Summary of the elements found (3) https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser https://nicolascoolman.eu/2017/12/26/sup-akamaihd/ =>.SUP.AkamaiHD ---\\ Other deletions. (9) ~ Registry Keys Tracing deleted (9) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Mozilla Firefox OK ~ Internet Explorer OK ---\\ Statistics ~ Items scanned : 1672 ~ Items found : 0 ~ Items cancelled : 0 ~ Space saving (bytes) : 0 ~ Items options : 9/17 ---\\ OPTIONS NOT ACTIVES ~ Temporary file analysis ~ Temporary folder analysis ~ Empty Folder CLSID Analysis ~ Empty Other Folder Analysis ~ Empty LocalLow Folder Analysis ~ Empty Local Folder Analysis ~ Obsolete Installer File Analysis ~ Start browsers with extensions removed ~ End of clean in 00h00mn26s ---\\ Reports (2) ZHPCleaner-[S]-20072021-09_42_44.txt ZHPCleaner-[R]-20072021-09_45_16.txt

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas comunidades sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

Ebook grátis: Aprenda a ler resistores e capacitores!

EBOOK GRÁTIS!

CLIQUE AQUI E BAIXE AGORA MESMO!