Logo Hardware.com.br
PH
PH Cyber Highlander Registrado
61.6K Mensagens 10.7K Curtidas
#3 Por PH
07/03/2020 - 06:10
simeida disse:

Bom dia,

Seja bem-vindo ao fórum!

Para uma análise mais profunda, gere um log e poste aqui para análise e, faça esse log antes de passar quaisquer programas, pois os mesmos podem interferir no log.

Gere o log e poste aqui, depois pode passar os programas.

Para gerar o log, siga os procedimentos do link abaixo.

Problemas com vírus? Saiba como criar um tópico para análise.
Mas aquele que me negar diante dos homens, eu também o negarei diante do meu Pai que está nos céus.

Mateus 10:33
andremachado
andremachado Highlander Registrado
3.3K Mensagens 2K Curtidas
#4 Por andremachado
07/03/2020 - 06:34
Qual versão do seu sistema operacional? A princípio, Program Manager era o "menu iniciar" do Windows 3.x, um sistema lançado em 1992! Ele ainda existe em versões atuais, mas só por questões de compatibilidade.
56 6F 63 EA 20 E9 20 6D 75 69 74 6F 20 63 75 72 69 6F 73 6F 2E 2E 2E
----------------------------------------
Acer Aspire E5-471-30DG (Casa)
Samsung Book 550XDA-K07 (Trabalho)
simeida
simeida Novo Membro Registrado
4 Mensagens 1 Curtida
#5 Por simeida
08/03/2020 - 10:47
andremachado disse:

a versão é o windows 10.

Komm disse:

Komm disse: 

~ ZHPCleaner v2020.3.6.183 by Nicolas Coolman (2020/03/06)

~ Run by Silvio (Administrator) (08/03/2020 11:07:45)

~ Web: <a href="https://www.nicolascoolman.com">https://www.nicolascoolman.com</a>

~ Blog: <a href="https://nicolascoolman.eu/">https://nicolascoolman.eu/</a>

~ Facebook : <a href="https://www.facebook.com/nicolascoolman1">https://www.facebook.com/nicolascoolman1</a>

~ State version : Version OK

~ Certificate ZHPCleaner: Legal

~ Type : Repair

~ Report : C:\Users\Silvio\Desktop\ZHPCleaner (R).txt

~ Quarantine : C:\Users\Silvio\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt

~ UAC : Activate

~ Boot Mode : Normal (Normal boot)

Windows 10 Pro, 64-bit (Build 10586)



<strong>---\ Alternate Data Stream (ADS). (0)</strong>

~ No malicious or unnecessary items found. (ADS)



<strong>---\ Services (0)</strong>

~ No malicious or unnecessary items found. (Service)



<strong>---\ Browser internet (0)</strong>

~ No malicious or unnecessary items found. (Browser)



<strong>---\ Hosts file (1)</strong>

~ The hosts file is legitimate (21)



<strong>---\ Scheduled automatic tasks. (0)</strong>

~ No malicious or unnecessary items found. (Task)



<strong>---\ Explorer ( File, Folder) (3)</strong>

MOVED file: C:\Users\Silvio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk [Bad : C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe](.AB Team.) =>.SUP.ABTeam

MOVED file: C:\Users\Silvio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [Bad : C:\Users\Silvio\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..) =>BitTorrent (P2P)

MOVED folder: C:\Program Files (x86)\Webteh =>.SUP.ABTeam



<strong>---\ Registry ( Key, Value, Data) (3)</strong>

DELETED key*: HKCU\Software\undefined [AdditionalScan 148] =>.SUP.Downloader

DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.] =>BitTorrent (P2P)

DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Webteh [] =>.SUP.ABTeam



<strong>---\ Summary of the elements found (3)</strong>

<a href="https://nicolascoolman.eu/2017/01/20/logiciels-superflus/">https://nicolascoolman.eu/2017/01/20/logiciels-superflus/</a> =>.SUP.ABTeam

<a href="https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/">https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/</a> =>BitTorrent (P2P)

<a href="https://nicolascoolman.eu/2017/12/22/sup-downloader/">https://nicolascoolman.eu/2017/12/22/sup-downloader/</a> =>.SUP.Downloader



<strong>---\ Other deletions. (2)</strong>

~ Registry Keys Tracing deleted (2)

~ Remove the old reports ZHPCleaner. (0)



<strong>---\ Result of repair</strong>

~ Repair carried out successfully

~ Google Chrome OK

~ Internet Explorer OK



<strong>---\ Statistics</strong>

~ Items scanned : 957

~ Items found : 0

~ Items cancelled : 0

~ Space saving (bytes) : 0

~ Items options : 9/16



<strong>---\ OPTIONS NOT ACTIVES</strong>

~ Temporary file analysis

~ Temporary folder analysis

~ Empty Folder CLSID Analysis

~ Empty Other Folder Analysis

~ Empty LocalLow Folder Analysis

~ Empty Local Folder Analysis

~ Obsolete Installer File Analysis



~ End of clean in 00h00mn20s



<strong>---\ Reports (2)</strong>

ZHPCleaner-[S]-08032020-11_01_50.txt

ZHPCleaner-[R]-08032020-11_08_05.txt


# -------------------------------

# Malwarebytes AdwCleaner 8.0.3.0

# -------------------------------

# Build:    03-03-2020

# Database: 2020-03-02.1 (Cloud)

# Support:  <a href="https://www.malwarebytes.com/support">https://www.malwarebytes.com/support</a>

#

# -------------------------------

# Mode: Clean

# -------------------------------

# Start:    03-08-2020

# Duration: 00:00:02

# OS:       Windows 10 Pro

# Cleaned:  3

# Failed:   0





***** [ Services ] *****



No malicious services cleaned.



***** [ Folders ] *****



No malicious folders cleaned.



***** [ Files ] *****



No malicious files cleaned.



***** [ DLL ] *****



No malicious DLLs cleaned.



***** [ WMI ] *****



No malicious WMI cleaned.



***** [ Shortcuts ] *****



No malicious shortcuts cleaned.



***** [ Tasks ] *****



No malicious tasks cleaned.



***** [ Registry ] *****



Deleted       HKCU\Software\Conduit

Deleted       HKCU\Software\drpsu

Deleted       HKLM\Software\Wow6432Node\Conduit



***** [ Chromium (and derivatives) ] *****



No malicious Chromium entries cleaned.



***** [ Chromium URLs ] *****



No malicious Chromium URLs cleaned.



***** [ Firefox (and derivatives) ] *****



No malicious Firefox entries cleaned.



***** [ Firefox URLs ] *****



No malicious Firefox URLs cleaned.



***** [ Hosts File Entries ] *****



No malicious hosts file entries cleaned.



***** [ Preinstalled Software ] *****



No Preinstalled Software cleaned.





*************************



[+] Delete Tracing Keys

[+] Reset Winsock



*************************



AdwCleaner[S00].txt - [1542 octets] - [08/03/2020 10:48:50]



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########[/S]


https://www.cjoint.com/c/JCioCYuJN2q

https://www.cjoint.com/c/JCioH5A1umq

fiz a varreção com os programas recomendados :AdwCleaner e o ZHPCleaner.
Mandei os relatórios de remoção. E enviei os logs do Farbar Recovery Scan Tool.
Komm
Komm Cyber Highlander Registrado
12.8K Mensagens 2.7K Curtidas
#6 Por Komm
09/03/2020 - 22:24
Em relação a malware, os logs da FRST me pareceram limpos. Não encontrei referência a "program manager" ou "Ddce server" neles.
Duvido que os poucos malwares removidos pelo ZHPCleaner e AdwCleaner causariam o efeito colateral do tópico.

Vi que tem o Kaspersky Internet Security instalado. É uma excelente suíte de proteção.
A memória do seu computador estava 33% usada no momento da feitura dos logs da FRST. Espaço de sobra.

Vamos para mais um antimalware. Use o Malwarebytes.
https://br.malwarebytes.com/mwb-download/

Abro o precedente de que o problema possa não ser causado por malware, então sugiro que verifique os arquivos do sistema.
- Abra um cmd em modo administrador
sfc.exe /scannow

Passe pra gente os resultados do escaneamento do Malwarebytes e do sfc.

[]s.
Legal mesmo é a cara do cachorro quando a bicicleta para! mostrando_dentes.png
© 1999-2024 Hardware.com.br. Todos os direitos reservados.
Imagem do Modal