Jump to content

Sustagen

Members
  • Posts

    2
  • Joined

  • Last visited

Everything posted by Sustagen

  1. Hello Aura! Thanks for taking the time to awnser me the txt that you asked for (some pieces of it are in brazilian portuguese, if thats an issue just let me know and ill install the FRST in english): Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 24.10.2018 Executado por W1nd0w5-10 (04-11-2018 15:37:40) Run:3 Executando a partir de C:\Users\W1nd0w5-10\Downloads Perfis Carregados: W1nd0w5-10 (Perfis Disponíveis: W1nd0w5-10) Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** CloseProcesses: CreateRestorePoint: ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Nenhum Arquivo Task: {12F32881-F431-4303-AECA-EB65529F4A9B} - System32\Tasks\jGwbavU => C:\WINDOWS\zZinCwClPd.bat Task: {1AF676CD-9E35-4EB6-A06E-CED007129418} - System32\Tasks\ADGIuYa => C:\Users\W1nd0w5-10\LMnEYYneVae.exe [2017-09-29] (Microsoft Corporation) Task: {8711FF49-90EB-416B-AE69-9772C1829561} - System32\Tasks\wiuLcv => C:\Users\W1nd0w5-10\AppData\Local\CEToId.bat [2017-09-29] () Task: {CA174373-5D04-418A-9827-1C4A3477D0A7} - \Microsoft\Windows\UNP\RunCampaignManager -> Nenhum Arquivo <==== ATENÇÃO FirewallRules: [{F51ECEFC-2D95-4245-AD62-0DEECEBE6E49}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{F2051AE3-29A0-416F-B08F-1577567CF444}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{02B4412B-6D19-4BE8-B14D-059C27D954F2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe C:\Program Files (x86)\jyeAYU C:\Program Files (x86)\jyeAYU.bat C:\Users\W1nd0w5-10\ntuser.pol C:\Users\W1nd0w5-10\LMnEYYneVae.exe C:\Users\W1nd0w5-10\AppData\Local\CEToId C:\Users\W1nd0w5-10\AppData\Local\CEToId.bat EmptyTemp: ***************** Processos fechados com sucesso. Erro: (0) Falha ao criar um ponto de restauração. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removido (a) com sucesso. HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => não encontrado (a) "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12F32881-F431-4303-AECA-EB65529F4A9B}" => removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12F32881-F431-4303-AECA-EB65529F4A9B}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\jGwbavU => movido com sucesso "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\jGwbavU" => removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1AF676CD-9E35-4EB6-A06E-CED007129418}" => removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AF676CD-9E35-4EB6-A06E-CED007129418}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\ADGIuYa => movido com sucesso "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ADGIuYa" => removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8711FF49-90EB-416B-AE69-9772C1829561}" => removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8711FF49-90EB-416B-AE69-9772C1829561}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\wiuLcv => movido com sucesso "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\wiuLcv" => removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA174373-5D04-418A-9827-1C4A3477D0A7}" => removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA174373-5D04-418A-9827-1C4A3477D0A7}" => removido (a) com sucesso. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => não encontrado (a) "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F51ECEFC-2D95-4245-AD62-0DEECEBE6E49}" => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F2051AE3-29A0-416F-B08F-1577567CF444}" => removido (a) com sucesso. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{02B4412B-6D19-4BE8-B14D-059C27D954F2}" => removido (a) com sucesso. C:\Program Files (x86)\jyeAYU => movido com sucesso C:\Program Files (x86)\jyeAYU.bat => movido com sucesso C:\Users\W1nd0w5-10\ntuser.pol => movido com sucesso C:\Users\W1nd0w5-10\LMnEYYneVae.exe => movido com sucesso C:\Users\W1nd0w5-10\AppData\Local\CEToId => movido com sucesso C:\Users\W1nd0w5-10\AppData\Local\CEToId.bat => movido com sucesso =========== EmptyTemp: ========== BITS transfer queue => 11296768 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12817309 B Java, Flash, Steam htmlcache => 92553565 B Windows/system/drivers => 3605438 B Edge => 0 B Chrome => 254219986 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B LocalService => 0 B NetworkService => 2452 B NetworkService => 0 B W1nd0w5-10 => 16574714 B RecycleBin => 0 B EmptyTemp: => 373 MB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado. ==== Fim de Fixlog 15:37:50 ====
  2. Hello, I've contracted a virus from an unknown source, i tried to use several different anti-virus tools and removed what seemed to be most of the malware issues, although the command prompt keeps popping up and trying to download what i assume are new viruses. None of the scans that i ran seemed to be able to identify the issue, but i've seem some similar threads being resolved (altough probably its not the exact same issue as i tried to use some of the fixlogs from other threads and the issue keeps happening). Could someone give me a hand? Thanks for the attention FRST.txt Addition.txt Malwarebytes Threat Scan log.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.