Ir para conteúdo

turca

  • Postagens

    274
  • Desde

  • Última visita

Mídias Sociais

1 Seguidor

Perfil

  • Estado
    Mato Grosso
  • Sexo
    masculino
  • Escolaridade
    2º grau incompleto
  • Área Profissional
    Telecomunicações
  • Nível Profissional
    Autônomo

Últimos Visitantes

4.285 visualizações
  1. turca

    remover virus

    eu sei, mas nesse software so da isso se tem virus o PC, ele mostra na verdade corrompido ou manipulado, pois posso desinstalar todos antivírus fiirewal e reinstalar programa, o sfc nao encontrou nenhum erro tb,
  2. turca

    remover virus

    Obrigado, mas ainda tento abrir alguns programas especificos e mostra corruted, e ja tive isso uma vez era virus, mas obrigado ja ajudou muito, ccleaner ainda nao consegue finalizar limpeza de registro, o que acha do Dr.Web Scanner, se nao me engano foi ele que limpou da ultima vez, posso confiar nele?
  3. turca

    remover virus

    C:\Program Files\IObit\Driver Booster\5.5.1\IObitDownloader.exe a variant of Win32/IObit.L potentially unwanted application cleaned by deleting C:\Program Files\IObit\Driver Booster\5.5.1\Vulnerabilityfix.exe a variant of Win32/IObit.L potentially unwanted application cleaned by deleting C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll a variant of MSIL/WebCompanion.D potentially unwanted application cleaned by deleting (after the next restart) C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe a variant of MSIL/WebCompanion.D potentially unwanted application cleaned by deleting C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe a variant of MSIL/WebCompanion.D potentially unwanted application cleaned by deleting C:\Program Files\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe a variant of MSIL/WebCompanion.C potentially unwanted application cleaned by deleting C:\Users\TURCA\.flashTool\devices\root\iovyroot\iovyroot a variant of Android/Exploit.Lotoor.IB trojan cleaned by deleting C:\Users\TURCA\AppData\Local\Temp\WebCompanion.zip a variant of MSIL/WebCompanion.D potentially unwanted application deleted C:\Users\TURCA\AppData\Local\Temp\is-J5GTS.tmp-dbinst\setup.exe a variant of Win32/IObit.I potentially unwanted application cleaned by deleting D:\BOX\SPT\SPTCARD2048.rar multiple threats deleted D:\PROGRAMAS PC\dfsetup222.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting D:\PROGRAMAS PC\driver_booster_setup.exe a variant of Win32/IObit.I potentially unwanted application cleaned by deleting D:\PROGRAMAS PC\uTorrent.exe a variant of MSIL/WebCompanion.A potentially unwanted application cleaned by deleting D:\PROGRAMAS PC\REPARO REGISTRO\ccsetup546.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting D:\SAMSUNG\SAMKEY\SamKey Setup By Easygsmcrack.com.rar a variant of Win32/Packed.VMProtect.CZ trojan deleted D:\TURCATTO\10-09-18\Download\NsPro v6.8.5 small.exe multiple threats cleaned by deleting
  4. turca

    remover virus

    Segue log, outra coisa, nao consigo fazer limpeza com ccleaner, trava em 17% e ja deixei horas, Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 17/09/2018 Hora da análise: 21:32 Arquivo de registro: c4ffd560-bae2-11e8-8e2b-14dae9bc5ab7.json -Informação do software- Versão: 3.5.1.2522 Versão de componentes: 1.0.441 Versão do pacote de definições: 1.0.6881 Licença: Versão de Avaliação -Informação do sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x86 Sistema de arquivos: NTFS Usuário: TURCA-PC\TURCA -Resumo da análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 200118 Ameaças detectadas: 0 (Nenhum item malicioso detectado) Ameaças em quarentena: 0 (Nenhum item malicioso detectado) Tempo decorrido: 3 min, 29 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 0 (Nenhum item malicioso detectado) Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end)
  5. turca

    remover virus

    ~ ZHPCleaner v2018.9.14.172 by Nicolas Coolman (2018/09/14) ~ Run by TURCA (Administrator) (17/09/2018 18:12:24) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Scan ~ Report : C:\Users\TURCA\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\TURCA\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Deactivate ~ Boot Mode : Normal (Normal boot) Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (40) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (0) ~ No malicious or unnecessary items found. ---\\ Registry ( Key, Value, Data) (0) ~ No malicious or unnecessary items found. ---\\ Result of repair ~ Any repair made ~ Browser not found (Mozilla Firefox) ~ Browser not found (Opera Software) ---\\ Statistics ~ Items scanned : 54175 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 0/7 ~ Space saving (bytes) : 0 ~ End of search in 00h09mn30s ---\\ Reports (5) ZHPCleaner-[R]-15092018-13_04_41.txt ZHPCleaner--15092018-13_04_06.txt ZHPCleaner--15092018-13_14_08.txt ZHPCleaner--17092018-11_21_33.txt ZHPCleaner--17092018-18_21_54.txt Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:05:35, on 17/09/2018 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.19130) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\taskhost.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\DrWeb\spideragent.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\TP-LINK\Common\TWCU.exe C:\ProgramData\MEGAsync\MEGAsync.exe C:\Program Files\Trusteer\Rapport\bin\RapportService.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Program Files\DrWeb\frwl_notify.exe C:\Program Files\DrWeb\tips.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwantispam.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\cmd.exe C:\Windows\system32\conhost.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Trusteer\Rapport\bin\RapportHelper.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\TURCA\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SpIDerAgent] "C:\Program Files\DrWeb\spideragent.exe" O4 - HKCU\..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe /BACKUP O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-21-110099370-3803031138-126331215-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-110099370-3803031138-126331215-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe O4 - Global Startup: TP-LINK Wireless Utility.lnk = C:\Program Files\TP-LINK\Common\TWCU.exe O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files\Internet Download Manager\IEExt.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dr.Web Control Service (DrWebAVService) - Doctor Web, Ltd. - C:\Program Files\DrWeb\dwservice.exe O23 - Service: Dr.Web Scanning Engine (DrWebEngine) - Doctor Web, Ltd. - C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe O23 - Service: Dr.Web Firewall Service (DrWebFwSvc) - Doctor Web, Ltd. - C:\Program Files\DrWeb\frwl_svc.exe O23 - Service: Dr.Web Net Filtering Service (DrWebNetFilter) - Doctor Web, Ltd. - C:\Program Files\DrWeb\dwnetfilter.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\TP-LINK\Common\RaRegistry.exe O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe -- End of file - 8028 bytes
  6. turca

    remover virus

    Segue log agradeço desde ja Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:16:44, on 17/09/2018 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.19130) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\taskhost.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\DrWeb\spideragent.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\TP-LINK\Common\TWCU.exe C:\ProgramData\MEGAsync\MEGAsync.exe C:\Program Files\Trusteer\Rapport\bin\RapportService.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Program Files\DrWeb\frwl_notify.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\cmd.exe C:\Windows\system32\conhost.exe C:\Program Files\Trusteer\Rapport\bin\RapportHelper.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwantispam.exe C:\Windows\system32\taskeng.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\TURCA\Desktop\HijackThis.exe C:\Program Files\Defraggler\Defraggler.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SpIDerAgent] "C:\Program Files\DrWeb\spideragent.exe" O4 - HKCU\..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe /BACKUP O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-21-110099370-3803031138-126331215-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-110099370-3803031138-126331215-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe O4 - Global Startup: TP-LINK Wireless Utility.lnk = C:\Program Files\TP-LINK\Common\TWCU.exe O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files\Internet Download Manager\IEExt.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dr.Web Control Service (DrWebAVService) - Doctor Web, Ltd. - C:\Program Files\DrWeb\dwservice.exe O23 - Service: Dr.Web Scanning Engine (DrWebEngine) - Doctor Web, Ltd. - C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe O23 - Service: Dr.Web Firewall Service (DrWebFwSvc) - Doctor Web, Ltd. - C:\Program Files\DrWeb\frwl_svc.exe O23 - Service: Dr.Web Net Filtering Service (DrWebNetFilter) - Doctor Web, Ltd. - C:\Program Files\DrWeb\dwnetfilter.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\TP-LINK\Common\RaRegistry.exe O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe -- End of file - 7680 bytes
  7. turca

    error 0xc0000005

    infelizmente ao consigo resolver esse problema, lembrando que formatei por cause desse problema meu PC e continua, será hd ou partição d com defeito
  8. turca

    error 0xc0000005

    http://go.microsoft.com/fwlink/?LinkId=54896 consegui abrir o hijackthis quando copio e colo o log do hijackthis aparece esse link ai,
  9. turca

    error 0xc0000005

    analise de log, no instalam quase nada, erro 0xc0000005 em muita coisa, ccleaner não abre, quando tento abrir o HijackThis ele some da tela e não abre, como podem me ajudar
  10. essa pagina tb nao abre, na hora de fazer o download 404. That’s an error. That’s all we know
  11. Algo deu errado A área que você está tentando acessar está atualmente offline. Por favor, tente novamente mais tarde. Código do erro: 2S100/4
  12. C:\AdvanceBox Turbo Flasher\ATFJ.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting C:\AdvanceBox Turbo Flasher\Drive32.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting C:\AdvanceBox Turbo Flasher\eMMC\Recovered\Drive32.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting C:\AdvanceBox Turbo Flasher\Updates\ATFJ.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting C:\Program Files\SPT\SPT.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting C:\Program Files\SPT\AdbTools\Root1 Android/Exploit.Lotoor.AK trojan cleaned by deleting C:\Program Files\SPT\AdbTools\Root2 Android/Exploit.Lotoor.AF trojan cleaned by deleting C:\Program Files\SPT\AdbTools\Spt_I950x_pwn Android/Exploit.Lotoor.EP trojan cleaned by deleting C:\Program Files\SPT\AdbTools\Spt_I950x_pwn.pwn Android/Exploit.Lotoor.EP trojan cleaned by deleting C:\Program Files\SPT\AdbTools\Spt_I950x_su Android/KingRoot.B potentially unsafe application cleaned by deleting C:\Program Files\SPT\AdbTools\Spt_I950x_su.su Android/KingRoot.B potentially unsafe application cleaned by deleting C:\Program Files\SPT\AdbTools\Spt_I950x_Superuser.apk Android/KingRoot.B potentially unsafe application deleted C:\Program Files\SPT\AdbTools\zergRush Android/Exploit.Lotoor.AV trojan cleaned by deleting C:\Program Files\SPT\AdbTools\ExynosRootFiles\exynos-abuse Android/Exploit.Lotoor.CX trojan cleaned by deleting C:\Program Files\SPT\ExynosRootFiles\exynos-abuse Android/Exploit.Lotoor.CX trojan cleaned by deleting C:\Users\TURCA\.flashTool\devices\root\iovyroot\iovyroot a variant of Android/Exploit.Lotoor.IB trojan cleaned by deleting C:\Users\TURCA\Downloads\RomasterSu_3.2.3_160728T1707_2075_r.apk a variant of Android/Spy.Agent.PI trojan deleted C:\Users\TURCA\Downloads\Update.45.8.15.1.564.zip VBS/Kryptik.JU trojan deleted D:\ANDROID\ROOT\framaroot_1.9.3-framaroota-app-com.apk Android/Exploit.Lotoor.EM trojan deleted D:\ANDROID\ROOT\iRoot_1.8.9.21144_cid1005.exe multiple threats cleaned by deleting D:\ANDROID\ROOT\iRoot_171024.zip multiple threats deleted D:\ANDROID\ROOT\Motochopper_Auto_Root(2).zip Android/Exploit.Lotoor.EP trojan deleted D:\ANDROID\ROOT\RootGenius_en_3_1_7pc.zip a variant of Win32/RootGenius.B potentially unsafe application deleted D:\ANDROID\ROOT\vroot-download.zip multiple threats deleted D:\ANDROID\ROOT\Motochopper_Auto_Root\pwn Android/Exploit.Lotoor.EP trojan cleaned by deleting D:\ANDROID\ROOT\RootGenius_en_3.1.7\RootGenius_en_3.1.7.exe a variant of Win32/RootGenius.B potentially unsafe application cleaned by deleting D:\BOX\ASAMSAN\AHT_v2.9.5.rar a variant of Generik.EXTOBZP trojan deleted D:\BOX\ASAMSAN\HFT_v1.0.4.rar a variant of Generik.GXFXZVL trojan deleted D:\BOX\AVATOR\AvatorPro_Ver_2.0.rar multiple threats deleted D:\BOX\SPT\SPTCARD2048.exe multiple threats cleaned by deleting D:\BOX\SPT\SPTCARD2048.rar multiple threats deleted D:\BOX\VOLCANO\VolcanoUtility_v2.8.3_Volcano Yellowstone.rar multiple threats deleted D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module.rar multiple threats deleted D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\dPhone.dll a variant of Win32/Packed.Themida suspicious application cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\VolcanoTool.exe a variant of Win32/Packed.VMProtect.ABO trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\VolcanoUtility.exe a variant of Win32/Packed.VMProtect.ABO trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin\FlashTool.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin\HTCCALC.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin\XESevice.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin2\FlashTool.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin3\MtkAndroid.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin4\android_mtk.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin5\CDMA.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin6\FlashTool.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin7\bebe.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin8\SamsungModule.exe a variant of Win32/Packed.VMProtect.ABO trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\rootfiles\Superuser.apk Android/Spy.Agent.BK trojan deleted D:\PROGRAMAS PC\sd5_setup.exe a variant of Win32/FusionCore.Y.gen potentially unwanted application cleaned by deleting D:\PROGRAMAS PC\REPARO REGISTRO\ccsetup544.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting D:\SONY\flashtool-0.9.18.6-Windows.exe a variant of Android/Exploit.Lotoor.EW trojan cleaned by deleting PC parece ter melhorado, ainda travando e umm pouco lento no crhomme, mas melhorou um pouco sim
  13. Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 10/07/18 Hora da análise: 09:21 Arquivo de registro: 28210c3e-8444-11e8-9061-00269e0596dc.json Administrador: Sim -Informação do software- Versão: 3.5.1.2522 Versão de componentes: 1.0.374 Versão do pacote de definições: 1.0.5851 Licença: Gratuita -Informação do sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x86 Sistema de arquivos: NTFS Usuário: NOTE\TURCA -Resumo da análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 186026 Ameaças detectadas: 2 Ameaças em quarentena: 0 (Nenhum item malicioso detectado) Tempo decorrido: 5 min, 7 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 2 PUP.Optional.AuslogicsDiskDefrag, C:\USERS\TURCA\DESKTOP\Auslogics Disk Defrag.lnk, Nenhuma ação do usuário, [3619], [537156],1.0.5851 PUP.Optional.AuslogicsDiskDefrag, C:\PROGRAM FILES\AUSLOGICS\DISK DEFRAG\DISKDEFRAG.EXE, Nenhuma ação do usuário, [3619], [537156],1.0.5851 Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:36:54, on 10/07/2018 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.19036) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe C:\Program Files\Diebold\Warsaw\core.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\CCleaner\CCleaner.exe C:\ProgramData\MEGAsync\MEGAsync.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE D:\MOTOROLA\FLASH\XT1672\CEDRIC_NPPS25.137-93-2-3_cid50_subsidy-DEFAULT_regulatory-DEFAULT_CFC.xml\adb.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\TURCA\Desktop\HijackThis.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.* R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKCU\..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe /BACKUP O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe -- End of file - 4930 bytes
  14. ~ ZHPCleaner v2018.7.10.148 by Nicolas Coolman (2018/07/10) ~ Run by TURCA (Administrator) (10/07/2018 08:38:45) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\TURCA\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\TURCA\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Deactivate ~ Boot Mode : Normal (Normal boot) Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (40) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (0) ~ No malicious or unnecessary items found. ---\\ Registry ( Key, Value, Data) (1) DELETED key*: HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>PUP.Optional.Camec ---\\ Summary of the elements found (1) https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Camec ---\\ Other deletions. (9) ~ Registry Keys Tracing deleted (9) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Browser not found (Mozilla Firefox) ~ Browser not found (Opera Software) ---\\ Statistics ~ Items scanned : 579 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 0/7 ~ Space saving (bytes) : 0 ~ End of clean in 00h00mn11s ---\\ Reports (2) ZHPCleaner--10072018-08_29_57.txt ZHPCleaner-[R]-10072018-08_38_56.txt Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 08:40:18, on 10/07/2018 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.19036) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe C:\Program Files\Diebold\Warsaw\core.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\CCleaner\CCleaner.exe C:\ProgramData\MEGAsync\MEGAsync.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files\Auslogics\Disk Defrag\DiskDefrag.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\TURCA\Desktop\HijackThis.exe C:\Windows\system32\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.* R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKCU\..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe /BACKUP O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe -- End of file - 6593 bytes
  15. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:05:09, on 09/07/2018 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.19036) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe C:\Program Files\Diebold\Warsaw\core.exe C:\Program Files\Trusteer\Rapport\bin\RapportService.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\ProgramData\MEGAsync\MEGAsync.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\cmd.exe C:\Windows\system32\conhost.exe C:\Program Files\Trusteer\Rapport\bin\RapportHelper.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\IObit\Smart Defrag\SmartDefrag.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\TURCA\Desktop\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.* R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKCU\..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe /BACKUP O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe -- End of file - 6475 bytes
×