Ir ao conteúdo
  • Cadastre-se

alexandreSaladrigas

Membros Juniores
  • Total de itens

    13
  • Registro em

  • Última visita

  • Qualificações

    N/D
  1. Zemana AntiMalware 2.74.2.150 (instalado) ------------------------------------------------------- Scan Result : Concluído Scan Date : 2018/10/29 Operating System : Windows 10 64-bit Processor : 2X Intel(R) Pentium(R) CPU G620 @ 2.60GHz BIOS Mode : UEFI CUID : 12A1AAF7B9F26F39F40C7F Scan Type : Análise do Sistema Duration : 15m 50s Scanned Objects : 132372 Detected Objects : 5 Excluded Objects : 0 Read Level : SCSI Auto Upload : Activado Detect All Extensions : Desactivado Scan Documents : Desactivado Domain Info : WORKGROUP,0,2 Detected Objects ------------------------------------------------------- Fake Chrome Shortcut Status : Analisados Object : %appdata%\microsoft\windows\start menu\programs\chromium.lnk MD5 : 3F4DE8FC8AE828DB8D45BBC7A2D0DE26 Publisher : - Size : 2319 Version : - Detection : Configuração do navegador suspeito Cleaning Action : Reparar Related Objects : Configuração do navegador - Fake Chrome Shortcut Arquivo - %appdata%\microsoft\windows\start menu\programs\chromium.lnk Fake Chrome Shortcut Status : Analisados Object : %appdata%\microsoft\internet explorer\quick launch\chromium.lnk MD5 : 3CFC444B15C5D96B64C14D0AEC0A6203 Publisher : - Size : 2313 Version : - Detection : Configuração do navegador suspeito Cleaning Action : Reparar Related Objects : Configuração do navegador - Fake Chrome Shortcut Arquivo - %appdata%\microsoft\internet explorer\quick launch\chromium.lnk Fake Chrome Shortcut Status : Analisados Object : %userprofile%\desktop\chromium.lnk MD5 : 4DB1053C098F714B637821B52CB164FA Publisher : - Size : 2311 Version : - Detection : Configuração do navegador suspeito Cleaning Action : Reparar Related Objects : Configuração do navegador - Fake Chrome Shortcut Arquivo - %userprofile%\desktop\chromium.lnk Chrome Homepage Status : Analisados Object : file:///C:/Users/Ale/Downloads MD5 : - Publisher : - Size : - Version : - Detection : Configuração do navegador suspeito Cleaning Action : Reparar Related Objects : Configuração do navegador - Chrome Homepage setupautoscreenrecorderfree_3.1.115.exe Status : Analisados Object : %userprofile%\downloads\setupautoscreenrecorderfree_3.1.115.exe MD5 : 68C55BE20EE1CA0C9473DC430DB7B6E8 Publisher : - Size : 4898854 Version : 3.1.0.0 Detection : Adware:Win32/Tamaca!Late Cleaning Action : Quarentena Related Objects : Arquivo - %userprofile%\downloads\setupautoscreenrecorderfree_3.1.115.exe Cleaning Result ------------------------------------------------------- Cleaned : 5 Reported as safe : 0 Failed : 0
  2. RogueKiller V12.13.5.0 (x64) [Oct 15 2018] (Free) por Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Site : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Sistema Operacional : Windows 10 (10.0.17134) 64 bits version Iniciou : Modo normal Usuário : Hp [Administrador] Started from : C:\Users\Hp\Desktop\RogueKillerX64.exe Modo : Deletar -- Data : 10/25/2018 14:59:17 (Duration : 01:10:07) ¤¤¤ Processos : 0 ¤¤¤ ¤¤¤ Registro : 0 ¤¤¤ ¤¤¤ Tarefas : 0 ¤¤¤ ¤¤¤ Arquivos : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Arquivos de hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤ ¤¤¤ Navegadores : 2 ¤¤¤ [PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [file:///C:/Users/Ale/Downloads] -> Deletado [PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http://www.uol.com.br/] -> Deletado ¤¤¤ Verificação da MBR : ¤¤¤ +++++ PhysicalDrive0: ST1000DM010-2EP102 +++++ --- User --- [MBR] 72d802927eba00916c896a4d2a5b29a4 [BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code Partition table: 0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 499 MB 1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1024000 | Size: 99 MB 2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1226752 | Size: 16 MB 3 - Basic data partition | Offset (sectors): 1259520 | Size: 953254 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Multiple Card Reader USB Device +++++ Error reading User MBR! ([15] O dispositivo não está pronto. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] Não há suporte para o pedido. )
  3. RogueKiller V12.13.5.0 (x64) [Oct 15 2018] (Free) por Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Site : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Sistema Operacional : Windows 10 (10.0.17134) 64 bits version Iniciou : Modo normal Usuário : Hp [Administrador] Started from : C:\Users\Hp\Desktop\RogueKillerX64.exe Modo : Escanear -- Data : 10/21/2018 12:56:57 (Duration : 00:51:45) ¤¤¤ Processos : 0 ¤¤¤ ¤¤¤ Registro : 0 ¤¤¤ ¤¤¤ Tarefas : 2 ¤¤¤ [PUP.HackTool] \AutoPico Daily Restart -- "C:\Program Files (x86)\KMSpico\AutoPico.exe" (/silent) -> Encontrado [Suspicious.Path] \Rerun Warsaw's CoreFixer -- C:\WINDOWS\TEMP\is-K029A.tmp\corefixer.exe (/norerun) -> Encontrado ¤¤¤ Arquivos : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Arquivos de hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤ ¤¤¤ Navegadores : 2 ¤¤¤ [PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [file:///C:/Users/Ale/Downloads] -> Encontrado [PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http://www.uol.com.br/] -> Encontrado ¤¤¤ Verificação da MBR : ¤¤¤ +++++ PhysicalDrive0: ST1000DM010-2EP102 +++++ --- User --- [MBR] 72d802927eba00916c896a4d2a5b29a4 [BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code Partition table: 0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 499 MB 1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1024000 | Size: 99 MB 2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1226752 | Size: 16 MB 3 - Basic data partition | Offset (sectors): 1259520 | Size: 953254 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Multiple Card Reader USB Device +++++ Error reading User MBR! ([15] O dispositivo não está pronto. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] Não há suporte para o pedido. )
  4. Segue, Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 18/10/2018 Hora da análise: 14:53 Arquivo de registro: a711fdf6-d2fe-11e8-aa7e-e840f282d37c.json -Informação do software- Versão: 3.6.1.2711 Versão de componentes: 1.0.463 Versão do pacote de definições: 1.0.7419 Licença: Versão de Avaliação -Informação do sistema- Sistema operacional: Windows 10 (Build 17134.345) CPU: x64 Sistema de arquivos: NTFS Usuário: DESKTOP-T07FIGA\Hp -Resumo da análise- Tipo de análise: Análise Customizada Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 562950 Ameaças detectadas: 15 Ameaças em quarentena: 15 Tempo decorrido: 5 hr, 58 min, 26 seg -Opções da análise- Memória: Desabilitado Inicialização: Desabilitado Sistema de arquivos: Habilitado Arquivos compactados: Desabilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 6 Adware.FileTour.BatBitRst, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DE274147-588D-4F83-3875-38738366856D}, Excluir ao reiniciar, [418], [-1],0.0.0 Adware.FileTour.BatBitRst, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3EED96E-BF39-4022-AEE5-04C62623CB69}, Excluir ao reiniciar, [418], [-1],0.0.0 Adware.FileTour.BatBitRst, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B3EED96E-BF39-4022-AEE5-04C62623CB69}, Excluir ao reiniciar, [418], [-1],0.0.0 Adware.FileTour.BatBitRst, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E8BB3E86-EA2F-670C-5A84-1CF3534013C8}, Excluir ao reiniciar, [418], [-1],0.0.0 Adware.FileTour.BatBitRst, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B46FF35C-C9E3-48BC-82D6-56680257C056}, Excluir ao reiniciar, [418], [-1],0.0.0 Adware.FileTour.BatBitRst, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B46FF35C-C9E3-48BC-82D6-56680257C056}, Excluir ao reiniciar, [418], [-1],0.0.0 Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 9 Generic.Malware/Suspicious, C:\USERS\HP\APPDATA\ROAMING\ZHP\QUARANTINE\ZHPCLEANER\SECOH-QAD.EXE, Excluir ao reiniciar, [0], [392686],1.0.7419 Generic.Malware/Suspicious, C:\USERS\HP\DESKTOP\ZOEK.EXE, Excluir ao reiniciar, [0], [392686],1.0.7419 Generic.Malware/Suspicious, C:\USERS\HP\DESKTOP\ZA-SCAN.EXE, Excluir ao reiniciar, [0], [392686],1.0.7419 Generic.Malware/Suspicious, C:\USERS\HP\DOWNLOADS\AT O2016 BY BAIXAR SEGURO\AT O2016.EXE, Excluir ao reiniciar, [0], [392686],1.0.7419 PUP.Optional.InstallCore.Generic, C:\USERS\HP\DOWNLOADS\BAIXAKI_FOOBAR2000_3396465533.EXE, Excluir ao reiniciar, [6159], [512143],1.0.7419 PUP.Optional.InstallCore.Generic, C:\USERS\HP\DOWNLOADS\BAIXAKI_VIRTUAL-ROUTER_2673894905.EXE, Excluir ao reiniciar, [6159], [512143],1.0.7419 PUP.Optional.InstallCore.Generic, C:\USERS\HP\DOWNLOADS\BAIXAKI_VIRTUAL-ROUTER_1394614321.EXE, Excluir ao reiniciar, [6159], [512143],1.0.7419 PUP.Optional.InstallCore.Generic, C:\USERS\HP\DOWNLOADS\BAIXAKI_FOXIT-READER_1539656752.EXE, Excluir ao reiniciar, [6159], [512143],1.0.7419 Adware.FileTour.BatBitRst, C:\WINDOWS\{F3C70089-653A-40EE-A681-9499F3097E6A}\26888\NARET.RU, Excluir ao reiniciar, [418], [569223],1.0.7419 Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) Malwarebytes AdwCleaner 7.2.4.0 # ------------------------------- # Build: 09-25-2018 # Database: 2018-10-12.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 10-18-2018 # Duration: 00:00:14 # OS: Windows 10 Home # Cleaned: 0 # Failed: 1 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** Not Deleted Ask Brasil ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1242 octets] - [20/05/2018 11:21:25] AdwCleaner[S01].txt - [1320 octets] - [18/10/2018 20:58:40] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ########## ZHPCleaner v2018.10.14.184 by Nicolas Coolman (2018/10/14) ~ Run by Hp (Administrator) (18/10/2018 21:25:28) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version KO ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\Hp\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Hp\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 17134) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (21) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (3) MOVED folder: C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei =>Hijacker.Browser MOVED folder: C:\Program Files (x86)\KMSpico =>HackTool.KMSpico MOVED folder: C:\Program Files\KMSpico =>HackTool.KMSpico ---\\ Registry ( Key, Value, Data) (3) DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_E5454B0F210C91DC4A1A940FBE3362BC ["C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5] =>PUP.Optional.MyBrowser DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\GoogleChromeAutoLaunch_E5454B0F210C91DC4A1A940FBE3362BC [0x020000000000000000000000] =>Heuristic.Suspect DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\GoogleChromeAutoLaunch_127FD455CDB6EBA53E6722281DCEE8B9 [0x03000000E84814856AE8D301] =>Heuristic.Suspect ---\\ Summary of the elements found (4) https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico https://nicolascoolman.eu/2017/11/01/adware-mybrowser/ =>PUP.Optional.MyBrowser https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect ---\\ Other deletions. (9) ~ Registry Keys Tracing deleted (7) ~ Remove the old reports ZHPCleaner. (2) ---\\ Result of repair ~ Repair carried out successfully ~ Browser not found (Mozilla Firefox) ---\\ Statistics ~ Items scanned : 556 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 0/7 ~ Space saving (bytes) : 0 ~ End of clean in 00h00mn22s ---\\ Reports (2) ZHPCleaner--18102018-21_23_10.txt ZHPCleaner-[R]-18102018-21_25_50.txt
  5. Elias , não estou conseguindo rodar o Malwarebites , ele já está abrindo não respondendo, desativei o Avira pra ver se era esse o problema mas não deu resultado.... como fazer então ? O Adwcleaner também não consigo rodar... fui ver no gerenciador de tarefas tanto esse quanto o Malwarebites aparece como status suspenso...
  6. Bom dia, gostaria que me ajudassem o Avira mandou para quarentena alguns arquivos com virus gostaria de excluir podem me ajudar.. e no Chrome toda hora fica abrindo páginas que o McAffe expirou sendo que nem tenho esse antivirus.. me ajudem grato, ZA-Scan.txt
  7. Fiz o processo e o micro está reiniciando e desligando normalmente parece que está tudo ok sim , obrigado .
  8. RogueKiller V12.12.17.0 (x64) [May 14 2018] (Free) por Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Site : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Sistema Operacional : Windows 10 (10.0.16299) 64 bits version Iniciou : Modo normal Usuário : Hp [Administrador] Started from : C:\Users\Hp\Desktop\RogueKiller_portable64.exe Modo : Deletar -- Data : 05/16/2018 13:17:59 (Duration : 00:42:33) ¤¤¤ Processos : 0 ¤¤¤ ¤¤¤ Registro : 0 ¤¤¤ ¤¤¤ Tarefas : 2 ¤¤¤ [Suspicious.Path] %WINDIR%\Tasks\{54830FB6-E8CA-D155-BC3A-6164234C1F29}.job -- C:\Users\Hp\AppData\Roaming\Cilobogo\PRODUC~1.EXE (/Check) -> Deletado [PUP.HackTool] \AutoPico Daily Restart -- "C:\Program Files\KMSpico\AutoPico.exe" (/silent) -> Deletado ¤¤¤ Arquivos : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Arquivos de hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤ ¤¤¤ Navegadores : 2 ¤¤¤ [PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [file:///C:/Users/Ale/Downloads] -> Deletado [PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http://www.uol.com.br/] -> Deletado ¤¤¤ Verificação da MBR : ¤¤¤ +++++ PhysicalDrive0: ST1000DM010-2EP102 +++++ --- User --- [MBR] 72d802927eba00916c896a4d2a5b29a4 [BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code Partition table: 0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 499 MB 1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1024000 | Size: 99 MB 2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1226752 | Size: 16 MB 3 - Basic data partition | Offset (sectors): 1259520 | Size: 953254 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Multiple Card Reader USB Device +++++ Error reading User MBR! ([15] O dispositivo não está pronto. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] Não há suporte para o pedido. )
  9. RogueKiller V12.12.17.0 (x64) [May 14 2018] (Free) por Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Site : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Sistema Operacional : Windows 10 (10.0.16299) 64 bits version Iniciou : Modo normal Usuário : Hp [Administrador] Started from : C:\Users\Hp\Desktop\RogueKiller_portable64.exe Modo : Escanear -- Data : 05/15/2018 23:10:33 (Duration : 00:34:21) ¤¤¤ Processos : 0 ¤¤¤ ¤¤¤ Registro : 0 ¤¤¤ ¤¤¤ Tarefas : 2 ¤¤¤ [Suspicious.Path] %WINDIR%\Tasks\{54830FB6-E8CA-D155-BC3A-6164234C1F29}.job -- C:\Users\Hp\AppData\Roaming\Cilobogo\PRODUC~1.EXE (/Check) -> Encontrado [PUP.HackTool] \AutoPico Daily Restart -- "C:\Program Files\KMSpico\AutoPico.exe" (/silent) -> Encontrado ¤¤¤ Arquivos : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Arquivos de hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤ ¤¤¤ Navegadores : 2 ¤¤¤ [PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [file:///C:/Users/Ale/Downloads] -> Encontrado [PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http://www.uol.com.br/] -> Encontrado ¤¤¤ Verificação da MBR : ¤¤¤ +++++ PhysicalDrive0: ST1000DM010-2EP102 +++++ --- User --- [MBR] 72d802927eba00916c896a4d2a5b29a4 [BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code Partition table: 0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 499 MB 1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1024000 | Size: 99 MB 2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1226752 | Size: 16 MB 3 - Basic data partition | Offset (sectors): 1259520 | Size: 953254 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Multiple Card Reader USB Device +++++ Error reading User MBR! ([15] O dispositivo não está pronto. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] Não há suporte para o pedido. )
  10. Etapa 1 Concluida Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 14/05/18 Hora da análise: 11:54 Arquivo de registro: b1facc82-5786-11e8-bba6-e840f282d37c.json Administrador: Sim -Informação do software- Versão: 3.5.1.2522 Versão de componentes: 1.0.365 Versão do pacote de definições: 1.0.5102 Licença: Versão de Avaliação -Informação do sistema- Sistema operacional: Windows 10 (Build 16299.431) CPU: x64 Sistema de arquivos: NTFS Usuário: DESKTOP-T07FIGA\Hp -Resumo da análise- Tipo de análise: Análise Customizada Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 838008 Ameaças detectadas: 7 Ameaças em quarentena: 7 Tempo decorrido: 7 hr, 46 min, 42 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 1 PUP.Optional.SpyHunter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SpyHunter, Quarentena, [5254], [433139],1.0.5102 Valor de registro: 1 PUP.Optional.NotChromeRun, HKU\S-1-5-21-915331956-3911727046-2968233687-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GOOGLECHROMEAUTOLAUNCH_127FD455CDB6EBA53E6722281DCEE8B9, Quarentena, [6990], [241243],1.0.5102 Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 5 PUP.Optional.SpyHunter, C:\PROGRAM FILES\ENIGMA SOFTWARE GROUP\SPYHUNTER\SPYHUNTER4.EXE, Quarentena, [5254], [433122],1.0.5102 PUP.Optional.SpyHunter, C:\PROGRAMDATA\ENIGMA SOFTWARE GROUP\SH_INSTALLER.EXE, Quarentena, [5254], [433139],1.0.5102 PUP.Optional.InstallCore.Generic, C:\USERS\HP\DOWNLOADS\BAIXAKI_CCLEANER_2788398250.EXE, Quarentena, [6223], [512143],1.0.5102 PUP.Optional.InstallCore.Generic, C:\USERS\HP\DOWNLOADS\BAIXAKI_CCLEANER_0316925300.EXE, Quarentena, [6223], [512143],1.0.5102 PUP.Optional.SpyHunter, C:\USERS\HP\DOWNLOADS\SPYHUNTER-INSTALLER.EXE, Quarentena, [5254], [433139],1.0.5102 Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) adicionado 11 minutos depois # ------------------------------- # Malwarebytes AdwCleaner 7.1.1.0 # ------------------------------- # Build: 04-27-2018 # Database: 2018-05-14.1 # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 05-14-2018 # Duration: 00:00:05 # OS: Windows 10 Home # Cleaned: 20 # Failed: 0 ***** [ Services ] ***** Deleted SpyHunter 4 Service ***** [ Folders ] ***** Deleted C:\Program Files\ByteFence Deleted C:\Users\Hp\Start Menu\Programs\SpyHunter Deleted C:\sh4ldr Deleted C:\ProgramData\Enigma Software Group Deleted C:\Program Files\Enigma Software Group ***** [ Files ] ***** Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Facebook.lnk Deleted C:\Users\Hp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Facebook.lnk Deleted C:\Users\Public\Desktop\Facebook.lnk Deleted C:\Users\Hp\Desktop\SpyHunter.lnk Deleted C:\Windows\System32\drivers\EsgScanner.sys ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted C:\Windows\System32\Tasks\SpyHunter4Startup ***** [ Registry ] ***** Deleted HKLM\Software\Wow6432Node\ByteFence Deleted HKLM\Software\ByteFence Deleted HKCU\Software\PRODUCTSETUP Deleted HKLM\Software\EnigmaSoftwareGroup Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAD0942A-B85D-41DD-A938-D08BF7B236B0} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** Deleted Softonic ES ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ########## adicionado 30 minutos depois Etapa 3 ~ ZHPCleaner v2018.5.14.108 by Nicolas Coolman (2018/05/14) ~ Run by Hp (Administrator) (14/05/2018 20:21:59) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version KO ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\Hp\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Hp\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 16299) ---\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. (ADS) ---\ Services (0) ---\ Browser internet (0) ~ No malicious or unnecessary items found. (Browser) ---\ Hosts file (1) ~ The hosts file is legitimate (21) ---\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. (Task) ---\ Explorer ( File, Folder) (6) MOVED file: C:\Windows\Prefetch\KMSPICO_SETUP.TMP-F2D6CB2F.pf =>HackTool.KMSpico MOVED file: C:\Windows\SECOH-QAD.dll =>HackTool.KMSpico MOVED file: C:\Windows\SECOH-QAD.exe =>HackTool.KMSpico MOVED folder: C:\Users\Hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei =>Hijacker.Browser MOVED folder: C:\Program Files\KMSpico =>HackTool.KMSpico MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico ---\ Registry ( Key, Value, Data) (4) DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI [C:\Program Files\KMSpico\Service_KMS.exe (Not File)] =>HackTool.KMSpico DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\BITCOMET_HELPER_SERVICE [] =>.SUP.Elex DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 [KMSpico] =>HackTool.KMSpico DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_E5454B0F210C91DC4A1A940FBE3362BC ['C:\Program Files (x86)\Google\Chrome\Application\chrome.exe' --no-startup-window /prefetch:5] =>PUP.Optional.MyBrowser ---\ Summary of the elements found (4) https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser https://nicolascoolman.eu/2017/03/28/superfluous-elex/ =>.SUP.Elex https://nicolascoolman.eu/2017/11/01/adware-mybrowser/ =>PUP.Optional.MyBrowser ---\ Other deletions. (7) ~ Registry Keys Tracing deleted (7) ~ Remove the old reports ZHPCleaner. (0) ---\ Result of repair ~ Repair carried out successfully ~ Browser not found (Mozilla Firefox) ---\ Statistics ~ Items scanned : 493 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 0/7 ~ Space saving (bytes) : 0 ~ End of clean in 00h00mn14s ---\ Reports (2) ZHPCleaner--14052018-20_20_05.txt ZHPCleaner-[R]-14052018-20_22_13.txt
  11. Consegui fazer o download a página voltou ao normal porém ao executar o ZA-Scan ocorreram vários erros inclusive no modo de segurança,, O aplicativo não pode ser inicializado corretamente (0xc0000142) . Clique em OK para fechar o aplicativo . Deu esse erro com o arquivo cdm.exe , findstr.exe
  12. Bom dia , estou com problema no Win 10. Malwarebytes detectou o malware adware.elex.shrtcln, mandei pra quarentena do Avast , ontem resolvi trocar de antivirus do Avast pro Avira , não estava contente com o Avast, não se pode ter algo a ver mas depois q desinstalei o antivirus quando reinicio o PC ou desligo só consigo forçando o chamado "dedoff" fica a tela informando desligando ou reiniciando infinitamente e não avança. Poderia por gentileza verificar se ainda tem algum virus ou me ajudar a corrigir esse problema .. Entrei na página de download do ZA Scan mas esta fora do ar... erro 404 - Not Found Grato , no aguardo

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×