TatianaBio21 Posted June 28, 2022 ID:1522437 Share Posted June 28, 2022 Hello! I need a little help ! MB found something on Windows system file. 😬 Should I worry ? Addition.txt FRST.txt Link to post Share on other sites More sharing options...
1PW Posted June 28, 2022 ID:1522439 Share Posted June 28, 2022 (edited) Hello @TatianaBio21 and welcome back: 1.) While you are waiting for the next qualified/approved malware removal expert helper to weigh in on your topic, please carefully follow the instructions within the following: View Reports and History in Malwarebytes for Windows 2.) Although some expert helpers are multilingual, only some may read/understand Brazilian Portuguese. If English is not the Windows 10 Pro system language, please right click on FRST64.exe and rename to FRST64English.exe. Then, run FRST64English.exe and attach its files with the above detection report. Remember, please be certain to attach (not Copy and Paste) the above produced three (3) files in your next reply to this topic. Thank you. Edited June 28, 2022 by 1PW Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 28, 2022 Root Admin ID:1522446 Share Posted June 28, 2022 Let me have you run a different scanner to double-check. I don't expect it to find anything, but no harm in checking. I would suggest a free scan with the ESET Online Scanner Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe It will start a download of "esetonlinescanner.exe" Save the file to your system, such as the Downloads folder, or else to the Desktop. Go to the saved file, and double click it to get it started. When presented with the initial ESET options, click on "Computer Scan". Next, when prompted by Windows, allow it to start by clicking Yes When prompted for scan type, Click on Full scan Look at & tick ( select ) the radio selection "Enable ESET to detect and quarantine potentially unwanted applications" and click on the Start scan button. Have patience. The entire process may take an hour or more. There is an initial update download. There is a progress window display. You should ignore all prompts to get the ESET antivirus software program. ( e.g. their standard program). You do not need to buy or get or install anything else. When the scan is completed, if something was found, it will show a screen with the number of detected items. If so, click the button marked “View detected results”. Click The blue “Save scan log” to save the log. If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files” ( in blue, at the bottom). Press Continue when all done. You should click to off the offer for “periodic scanning”. Note: If you do need to do a File Restore from ESET please follow the directions below [KB2915] Restore files quarantined by the ESET Online Scanner version 3 https://support.eset.com/en/kb2915-restore-files-quarantined-by-the-eset-online-scanner Deixe-me executar um scanner diferente para verificar novamente. Eu não espero que ele encontre nada, mas não há mal nenhum em verificar. Sugiro uma verificação gratuita com o ESET Online Scanner Acesse https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe Ele iniciará um download de "esetonlinescanner.exe" Salve o arquivo em seu sistema, como na pasta Downloads, ou então na área de trabalho. Vá para o arquivo salvo e clique duas vezes nele para iniciá-lo. Quando apresentado as opções iniciais da ESET, clique em "Computer Scan". Em seguida, quando solicitado pelo Windows, permita que ele inicie clicando em Sim Quando solicitado para o tipo de verificação, clique em Verificação completa Olhe e marque (selecione) a seleção de rádio "Ativar a ESET para detectar e colocar em quarentena aplicativos potencialmente indesejados" e clique no botão Iniciar verificação. Tenha paciência. Todo o processo pode levar uma hora ou mais. Há um download de atualização inicial. Há uma exibição da janela de progresso. Você deve ignorar todos os prompts para obter o programa de software antivírus ESET. (por exemplo, seu programa padrão). Você não precisa comprar ou obter ou instalar mais nada. Quando a verificação for concluída, se algo for encontrado, será exibida uma tela com o número de itens detectados. Em caso afirmativo, clique no botão marcado “Exibir resultados detectados”. Clique no azul “Salvar registro de verificação” para salvar o registro. Se algo foi removido e você sabe que é uma descoberta falsa, você pode clicar no azul ”Restaurar arquivos limpos” (em azul, na parte inferior). Pressione Continuar quando tudo estiver pronto. Você deve clicar para desativar a oferta de “varredura periódica”. Nota: Se você precisar fazer uma restauração de arquivo da ESET, siga as instruções abaixo [KB2915] Restaurar arquivos em quarentena pelo ESET Online Scanner versão 3 https://support.eset.com/en/kb2915-restore-files-quarantined-by-the-eset-online-scanner Link to post Share on other sites More sharing options...
TatianaBio21 Posted June 30, 2022 Author ID:1522770 Share Posted June 30, 2022 Im sorry about the language issue. Here I am with all the files requested 😉 Addition.txt esetscanlog.txt FRST.txt History.txt Report.txt Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted June 30, 2022 Root Admin ID:1522856 Share Posted June 30, 2022 You should be able to use either Google Translator or Microsoft Translator Você deve ser capaz de usar o Google Tradutor ou o Microsoft Translator https://translate.google.com/ https://www.bing.com/translator O arquivo: clrhost.dll Foi um Falso Positivo. Atualize o Malwarebytes e ele não deve mais ser detectado. The file: clrhost.dll Was a False Positive. Update Malwarebytes and it should no longer be detected. CHR Notifications: Default -> hxxps://darkside.blog.br; hxxps://meet.google.com; hxxps://noticiasconcursos.com.br; hxxps://web.mobills.com.br; hxxps://www.darksidebooks.com.br; hxxps://www.instagram.com Are you sure you want this enabled or allowed? Push Notifications on your browser appear to be enabled. Tem certeza de que deseja isso ativado ou permitido? As notificações push no seu navegador parecem estar ativadas. https://blog.malwarebytes.com/security-world/technology/2019/01/browser-push-notifications-feature-asking-abused/ Turn notifications on or off - Google Chrome Web Push notifications in Firefox Link to post Share on other sites More sharing options...
TatianaBio21 Posted July 3, 2022 Author ID:1523177 Share Posted July 3, 2022 Thanks for the tips about the browser. 😉 And also thanks for the help about de file. I restored the file from quarantine, did another scan and everthing went back to normal. 🙂 1 Link to post Share on other sites More sharing options...
Root Admin Solution AdvancedSetup Posted July 3, 2022 Root Admin Solution ID:1523184 Share Posted July 3, 2022 You're quite welcome Let's go ahead and do some clean-up work and remove the tools and logs we've run. Please download KpRm by kernel-panik and save it to your desktop. right-click kprm_(version).exe and select Run as Administrator. Read and accept the disclaimer. When the tool opens, ensure all boxes under Actions are checked. Under Delete Quarantines select Delete Now, then click Run. Once complete, click OK. A log will open in Notepad titled kprm-(date).txt. Please attach that file to your next reply. (not compulsory) Recommend using a Password Manager for all websites, etc. that require a password. Never use the same password on more than one site.https://www.howtogeek.com/240255/password-managers-compared-lastpass-vs-keepass-vs-dashlane-vs-1password/ Make sure you're backing up your files https://forums.malwarebytes.com/topic/136226-backup-software/ Keep all software up to date - PatchMyPC - https://patchmypc.com/home-updater#download Keep your Operating System up to date and current at all times - https://support.microsoft.com/en-us/windows/windows-update-faq-8a903416-6f45-0718-f5c7-375e92dddeb2 Further tips to help protect your computer data and improve your privacy: https://forums.malwarebytes.com/topic/258363-tips-to-help-protect-from-infection/ Please consider installing the following Content Blockers for your Web browsers if you haven't done so already. This will help improve overall security Malwarebytes Browser Guard Google Chrome: https://chrome.google.com/webstore/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee Microsoft Edge: https://support.malwarebytes.com/hc/en-us/articles/4413298736787-Install-Malwarebytes-Browser-Guard-on-Microsoft-Edge-browser Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/ uBlock Origin Google Chrome: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm Microsoft Edge: https://microsoftedge.microsoft.com/addons/detail/ublock-origin/odfafepnkmbhccpbejgmiehpchacaeak Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin Further reading if you like to keep up on the malware threat scene: Malwarebytes Blog https://blog.malwarebytes.com/ Hopefully, we've been able to assist you with correcting your system issues. Thank you for using Malwarebytes Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 8, 2022 Root Admin ID:1523933 Share Posted July 8, 2022 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following to help you better protect your computer and privacy Tips to help protect from infection Thank you Link to post Share on other sites More sharing options...
Recommended Posts