Ir para conteúdo

turca

  • Postagens

    277
  • Desde

  • Última visita

Mídias Sociais

1 Seguidor

Perfil

  • Estado
    Mato Grosso
  • Sexo
    masculino
  • Escolaridade
    2º grau incompleto
  • Área Profissional
    Telecomunicações
  • Nível Profissional
    Autônomo

Últimos Visitantes

4.330 visualizações
  1. turca

    PC nao abre programa

    Tenho um programa no PC que nao abre, diz assim: File damaged oor manipulated! Ja desinstalei reinstalei de tudo Já falei com o suporte do software, diz que é virus, uma vez deu isso com os software daqui mesmo resolvi, ja tentei alguns programas, mas sem solução, em modo de segurança o software abre Suporte tamebem falou que pode ser hardwarde ou Windows, alguém pode ajudar, hd tem 4 meses de uso, Windows foi reinstalado a menso de 1 mes
  2. turca

    Analise de virus

    Verdade, mas ate formatei o PC, mas obrigado
  3. turca

    Analise de virus

    Tenho um programa no PC que nao abre, diz assim: File damaged oor manipulated! Ja desinstalei reinstalei de tudo Já falei com o suporte do softwar diz que é virus, umavez deu isso com os software daqui mesmo resolvi, ja tentei alguns programas, mas sem solução, em modo de segurança o software abre Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 01:13:03, on 06/10/2018 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.19130) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\System32\svchost.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe C:\Windows\system32\svchost.exe C:\Windows\system32\viakaraokesrv.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\sppsvc.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Trusteer\Rapport\bin\RapportService.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Windows\system32\mmc.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskhost.exe C:\Program Files\IObit\Driver Booster\6.0.2\ScanDisp.exe C:\Users\TURCA\Desktop\OTL.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe C:\Users\TURCA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\TURCA\Desktop\Tweaking.com - Windows Repair\Repair_Windows.exe C:\Users\TURCA\Desktop\Tweaking.com - Windows Repair\WR_Tray_Icon.exe C:\Windows\system32\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\system32\sfc.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\explorer.exe C:\Users\TURCA\Desktop\HijackThis.exe C:\Windows\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe /BACKUP O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKUS\S-1-5-21-1017730129-4113547076-1562775105-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1017730129-4113547076-1562775105-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files\Internet Download Manager\IEExt.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe -- End of file - 7645 bytes
  4. turca

    remover virus

    eu sei, mas nesse software so da isso se tem virus o PC, ele mostra na verdade corrompido ou manipulado, pois posso desinstalar todos antivírus fiirewal e reinstalar programa, o sfc nao encontrou nenhum erro tb,
  5. turca

    remover virus

    Obrigado, mas ainda tento abrir alguns programas especificos e mostra corruted, e ja tive isso uma vez era virus, mas obrigado ja ajudou muito, ccleaner ainda nao consegue finalizar limpeza de registro, o que acha do Dr.Web Scanner, se nao me engano foi ele que limpou da ultima vez, posso confiar nele?
  6. turca

    remover virus

    C:\Program Files\IObit\Driver Booster\5.5.1\IObitDownloader.exe a variant of Win32/IObit.L potentially unwanted application cleaned by deleting C:\Program Files\IObit\Driver Booster\5.5.1\Vulnerabilityfix.exe a variant of Win32/IObit.L potentially unwanted application cleaned by deleting C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll a variant of MSIL/WebCompanion.D potentially unwanted application cleaned by deleting (after the next restart) C:\Program Files\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe a variant of MSIL/WebCompanion.D potentially unwanted application cleaned by deleting C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe a variant of MSIL/WebCompanion.D potentially unwanted application cleaned by deleting C:\Program Files\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe a variant of MSIL/WebCompanion.C potentially unwanted application cleaned by deleting C:\Users\TURCA\.flashTool\devices\root\iovyroot\iovyroot a variant of Android/Exploit.Lotoor.IB trojan cleaned by deleting C:\Users\TURCA\AppData\Local\Temp\WebCompanion.zip a variant of MSIL/WebCompanion.D potentially unwanted application deleted C:\Users\TURCA\AppData\Local\Temp\is-J5GTS.tmp-dbinst\setup.exe a variant of Win32/IObit.I potentially unwanted application cleaned by deleting D:\BOX\SPT\SPTCARD2048.rar multiple threats deleted D:\PROGRAMAS PC\dfsetup222.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting D:\PROGRAMAS PC\driver_booster_setup.exe a variant of Win32/IObit.I potentially unwanted application cleaned by deleting D:\PROGRAMAS PC\uTorrent.exe a variant of MSIL/WebCompanion.A potentially unwanted application cleaned by deleting D:\PROGRAMAS PC\REPARO REGISTRO\ccsetup546.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting D:\SAMSUNG\SAMKEY\SamKey Setup By Easygsmcrack.com.rar a variant of Win32/Packed.VMProtect.CZ trojan deleted D:\TURCATTO\10-09-18\Download\NsPro v6.8.5 small.exe multiple threats cleaned by deleting
  7. turca

    remover virus

    Segue log, outra coisa, nao consigo fazer limpeza com ccleaner, trava em 17% e ja deixei horas, Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 17/09/2018 Hora da análise: 21:32 Arquivo de registro: c4ffd560-bae2-11e8-8e2b-14dae9bc5ab7.json -Informação do software- Versão: 3.5.1.2522 Versão de componentes: 1.0.441 Versão do pacote de definições: 1.0.6881 Licença: Versão de Avaliação -Informação do sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x86 Sistema de arquivos: NTFS Usuário: TURCA-PC\TURCA -Resumo da análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 200118 Ameaças detectadas: 0 (Nenhum item malicioso detectado) Ameaças em quarentena: 0 (Nenhum item malicioso detectado) Tempo decorrido: 3 min, 29 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 0 (Nenhum item malicioso detectado) Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end)
  8. turca

    remover virus

    ~ ZHPCleaner v2018.9.14.172 by Nicolas Coolman (2018/09/14) ~ Run by TURCA (Administrator) (17/09/2018 18:12:24) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Scan ~ Report : C:\Users\TURCA\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\TURCA\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Deactivate ~ Boot Mode : Normal (Normal boot) Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (40) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (0) ~ No malicious or unnecessary items found. ---\\ Registry ( Key, Value, Data) (0) ~ No malicious or unnecessary items found. ---\\ Result of repair ~ Any repair made ~ Browser not found (Mozilla Firefox) ~ Browser not found (Opera Software) ---\\ Statistics ~ Items scanned : 54175 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 0/7 ~ Space saving (bytes) : 0 ~ End of search in 00h09mn30s ---\\ Reports (5) ZHPCleaner-[R]-15092018-13_04_41.txt ZHPCleaner--15092018-13_04_06.txt ZHPCleaner--15092018-13_14_08.txt ZHPCleaner--17092018-11_21_33.txt ZHPCleaner--17092018-18_21_54.txt Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:05:35, on 17/09/2018 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.19130) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\taskhost.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\DrWeb\spideragent.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\TP-LINK\Common\TWCU.exe C:\ProgramData\MEGAsync\MEGAsync.exe C:\Program Files\Trusteer\Rapport\bin\RapportService.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Program Files\DrWeb\frwl_notify.exe C:\Program Files\DrWeb\tips.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwantispam.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\cmd.exe C:\Windows\system32\conhost.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Trusteer\Rapport\bin\RapportHelper.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\TURCA\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SpIDerAgent] "C:\Program Files\DrWeb\spideragent.exe" O4 - HKCU\..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe /BACKUP O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-21-110099370-3803031138-126331215-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-110099370-3803031138-126331215-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe O4 - Global Startup: TP-LINK Wireless Utility.lnk = C:\Program Files\TP-LINK\Common\TWCU.exe O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files\Internet Download Manager\IEExt.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dr.Web Control Service (DrWebAVService) - Doctor Web, Ltd. - C:\Program Files\DrWeb\dwservice.exe O23 - Service: Dr.Web Scanning Engine (DrWebEngine) - Doctor Web, Ltd. - C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe O23 - Service: Dr.Web Firewall Service (DrWebFwSvc) - Doctor Web, Ltd. - C:\Program Files\DrWeb\frwl_svc.exe O23 - Service: Dr.Web Net Filtering Service (DrWebNetFilter) - Doctor Web, Ltd. - C:\Program Files\DrWeb\dwnetfilter.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\TP-LINK\Common\RaRegistry.exe O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe -- End of file - 8028 bytes
  9. turca

    remover virus

    Segue log agradeço desde ja Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:16:44, on 17/09/2018 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.19130) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\taskhost.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\DrWeb\spideragent.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\TP-LINK\Common\TWCU.exe C:\ProgramData\MEGAsync\MEGAsync.exe C:\Program Files\Trusteer\Rapport\bin\RapportService.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files\Internet Download Manager\IEMonitor.exe C:\Program Files\DrWeb\frwl_notify.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\cmd.exe C:\Windows\system32\conhost.exe C:\Program Files\Trusteer\Rapport\bin\RapportHelper.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwantispam.exe C:\Windows\system32\taskeng.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\TURCA\Desktop\HijackThis.exe C:\Program Files\Defraggler\Defraggler.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SpIDerAgent] "C:\Program Files\DrWeb\spideragent.exe" O4 - HKCU\..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe /BACKUP O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE') O4 - HKUS\S-1-5-21-110099370-3803031138-126331215-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-110099370-3803031138-126331215-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe O4 - Global Startup: TP-LINK Wireless Utility.lnk = C:\Program Files\TP-LINK\Common\TWCU.exe O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files\Internet Download Manager\IEExt.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe O23 - Service: Avast antivírus (avast! antivírus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dr.Web Control Service (DrWebAVService) - Doctor Web, Ltd. - C:\Program Files\DrWeb\dwservice.exe O23 - Service: Dr.Web Scanning Engine (DrWebEngine) - Doctor Web, Ltd. - C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe O23 - Service: Dr.Web Firewall Service (DrWebFwSvc) - Doctor Web, Ltd. - C:\Program Files\DrWeb\frwl_svc.exe O23 - Service: Dr.Web Net Filtering Service (DrWebNetFilter) - Doctor Web, Ltd. - C:\Program Files\DrWeb\dwnetfilter.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\TP-LINK\Common\RaRegistry.exe O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe -- End of file - 7680 bytes
  10. turca

    error 0xc0000005

    infelizmente ao consigo resolver esse problema, lembrando que formatei por cause desse problema meu PC e continua, será hd ou partição d com defeito
  11. turca

    error 0xc0000005

    http://go.microsoft.com/fwlink/?LinkId=54896 consegui abrir o hijackthis quando copio e colo o log do hijackthis aparece esse link ai,
  12. turca

    error 0xc0000005

    analise de log, no instalam quase nada, erro 0xc0000005 em muita coisa, ccleaner não abre, quando tento abrir o HijackThis ele some da tela e não abre, como podem me ajudar
  13. essa pagina tb nao abre, na hora de fazer o download 404. That’s an error. That’s all we know
  14. Algo deu errado A área que você está tentando acessar está atualmente offline. Por favor, tente novamente mais tarde. Código do erro: 2S100/4
  15. C:\AdvanceBox Turbo Flasher\ATFJ.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting C:\AdvanceBox Turbo Flasher\Drive32.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting C:\AdvanceBox Turbo Flasher\eMMC\Recovered\Drive32.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting C:\AdvanceBox Turbo Flasher\Updates\ATFJ.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting C:\Program Files\SPT\SPT.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting C:\Program Files\SPT\AdbTools\Root1 Android/Exploit.Lotoor.AK trojan cleaned by deleting C:\Program Files\SPT\AdbTools\Root2 Android/Exploit.Lotoor.AF trojan cleaned by deleting C:\Program Files\SPT\AdbTools\Spt_I950x_pwn Android/Exploit.Lotoor.EP trojan cleaned by deleting C:\Program Files\SPT\AdbTools\Spt_I950x_pwn.pwn Android/Exploit.Lotoor.EP trojan cleaned by deleting C:\Program Files\SPT\AdbTools\Spt_I950x_su Android/KingRoot.B potentially unsafe application cleaned by deleting C:\Program Files\SPT\AdbTools\Spt_I950x_su.su Android/KingRoot.B potentially unsafe application cleaned by deleting C:\Program Files\SPT\AdbTools\Spt_I950x_Superuser.apk Android/KingRoot.B potentially unsafe application deleted C:\Program Files\SPT\AdbTools\zergRush Android/Exploit.Lotoor.AV trojan cleaned by deleting C:\Program Files\SPT\AdbTools\ExynosRootFiles\exynos-abuse Android/Exploit.Lotoor.CX trojan cleaned by deleting C:\Program Files\SPT\ExynosRootFiles\exynos-abuse Android/Exploit.Lotoor.CX trojan cleaned by deleting C:\Users\TURCA\.flashTool\devices\root\iovyroot\iovyroot a variant of Android/Exploit.Lotoor.IB trojan cleaned by deleting C:\Users\TURCA\Downloads\RomasterSu_3.2.3_160728T1707_2075_r.apk a variant of Android/Spy.Agent.PI trojan deleted C:\Users\TURCA\Downloads\Update.45.8.15.1.564.zip VBS/Kryptik.JU trojan deleted D:\ANDROID\ROOT\framaroot_1.9.3-framaroota-app-com.apk Android/Exploit.Lotoor.EM trojan deleted D:\ANDROID\ROOT\iRoot_1.8.9.21144_cid1005.exe multiple threats cleaned by deleting D:\ANDROID\ROOT\iRoot_171024.zip multiple threats deleted D:\ANDROID\ROOT\Motochopper_Auto_Root(2).zip Android/Exploit.Lotoor.EP trojan deleted D:\ANDROID\ROOT\RootGenius_en_3_1_7pc.zip a variant of Win32/RootGenius.B potentially unsafe application deleted D:\ANDROID\ROOT\vroot-download.zip multiple threats deleted D:\ANDROID\ROOT\Motochopper_Auto_Root\pwn Android/Exploit.Lotoor.EP trojan cleaned by deleting D:\ANDROID\ROOT\RootGenius_en_3.1.7\RootGenius_en_3.1.7.exe a variant of Win32/RootGenius.B potentially unsafe application cleaned by deleting D:\BOX\ASAMSAN\AHT_v2.9.5.rar a variant of Generik.EXTOBZP trojan deleted D:\BOX\ASAMSAN\HFT_v1.0.4.rar a variant of Generik.GXFXZVL trojan deleted D:\BOX\AVATOR\AvatorPro_Ver_2.0.rar multiple threats deleted D:\BOX\SPT\SPTCARD2048.exe multiple threats cleaned by deleting D:\BOX\SPT\SPTCARD2048.rar multiple threats deleted D:\BOX\VOLCANO\VolcanoUtility_v2.8.3_Volcano Yellowstone.rar multiple threats deleted D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module.rar multiple threats deleted D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\dPhone.dll a variant of Win32/Packed.Themida suspicious application cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\VolcanoTool.exe a variant of Win32/Packed.VMProtect.ABO trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\VolcanoUtility.exe a variant of Win32/Packed.VMProtect.ABO trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin\FlashTool.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin\HTCCALC.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin\XESevice.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin2\FlashTool.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin3\MtkAndroid.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin4\android_mtk.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin5\CDMA.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin6\FlashTool.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin7\bebe.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin8\SamsungModule.exe a variant of Win32/Packed.VMProtect.ABO trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\rootfiles\Superuser.apk Android/Spy.Agent.BK trojan deleted D:\PROGRAMAS PC\sd5_setup.exe a variant of Win32/FusionCore.Y.gen potentially unwanted application cleaned by deleting D:\PROGRAMAS PC\REPARO REGISTRO\ccsetup544.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting D:\SONY\flashtool-0.9.18.6-Windows.exe a variant of Android/Exploit.Lotoor.EW trojan cleaned by deleting PC parece ter melhorado, ainda travando e umm pouco lento no crhomme, mas melhorou um pouco sim
×