Ir para conteúdo
  • Publicidade

turca

  • Postagens

    265
  • Desde

  • Última visita

Mídias Sociais

1 Seguidor

Perfil

  • Estado
    Mato Grosso
  • Sexo
    masculino
  • Escolaridade
    2º grau incompleto
  • Área Profissional
    Telecomunicações
  • Nível Profissional
    Autônomo

Últimos Visitantes

4.241 visualizações
  1. essa pagina tb nao abre, na hora de fazer o download 404. That’s an error. That’s all we know
  2. Algo deu errado A área que você está tentando acessar está atualmente offline. Por favor, tente novamente mais tarde. Código do erro: 2S100/4
  3. C:\AdvanceBox Turbo Flasher\ATFJ.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting C:\AdvanceBox Turbo Flasher\Drive32.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting C:\AdvanceBox Turbo Flasher\eMMC\Recovered\Drive32.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting C:\AdvanceBox Turbo Flasher\Updates\ATFJ.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting C:\Program Files\SPT\SPT.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting C:\Program Files\SPT\AdbTools\Root1 Android/Exploit.Lotoor.AK trojan cleaned by deleting C:\Program Files\SPT\AdbTools\Root2 Android/Exploit.Lotoor.AF trojan cleaned by deleting C:\Program Files\SPT\AdbTools\Spt_I950x_pwn Android/Exploit.Lotoor.EP trojan cleaned by deleting C:\Program Files\SPT\AdbTools\Spt_I950x_pwn.pwn Android/Exploit.Lotoor.EP trojan cleaned by deleting C:\Program Files\SPT\AdbTools\Spt_I950x_su Android/KingRoot.B potentially unsafe application cleaned by deleting C:\Program Files\SPT\AdbTools\Spt_I950x_su.su Android/KingRoot.B potentially unsafe application cleaned by deleting C:\Program Files\SPT\AdbTools\Spt_I950x_Superuser.apk Android/KingRoot.B potentially unsafe application deleted C:\Program Files\SPT\AdbTools\zergRush Android/Exploit.Lotoor.AV trojan cleaned by deleting C:\Program Files\SPT\AdbTools\ExynosRootFiles\exynos-abuse Android/Exploit.Lotoor.CX trojan cleaned by deleting C:\Program Files\SPT\ExynosRootFiles\exynos-abuse Android/Exploit.Lotoor.CX trojan cleaned by deleting C:\Users\TURCA\.flashTool\devices\root\iovyroot\iovyroot a variant of Android/Exploit.Lotoor.IB trojan cleaned by deleting C:\Users\TURCA\Downloads\RomasterSu_3.2.3_160728T1707_2075_r.apk a variant of Android/Spy.Agent.PI trojan deleted C:\Users\TURCA\Downloads\Update.45.8.15.1.564.zip VBS/Kryptik.JU trojan deleted D:\ANDROID\ROOT\framaroot_1.9.3-framaroota-app-com.apk Android/Exploit.Lotoor.EM trojan deleted D:\ANDROID\ROOT\iRoot_1.8.9.21144_cid1005.exe multiple threats cleaned by deleting D:\ANDROID\ROOT\iRoot_171024.zip multiple threats deleted D:\ANDROID\ROOT\Motochopper_Auto_Root(2).zip Android/Exploit.Lotoor.EP trojan deleted D:\ANDROID\ROOT\RootGenius_en_3_1_7pc.zip a variant of Win32/RootGenius.B potentially unsafe application deleted D:\ANDROID\ROOT\vroot-download.zip multiple threats deleted D:\ANDROID\ROOT\Motochopper_Auto_Root\pwn Android/Exploit.Lotoor.EP trojan cleaned by deleting D:\ANDROID\ROOT\RootGenius_en_3.1.7\RootGenius_en_3.1.7.exe a variant of Win32/RootGenius.B potentially unsafe application cleaned by deleting D:\BOX\ASAMSAN\AHT_v2.9.5.rar a variant of Generik.EXTOBZP trojan deleted D:\BOX\ASAMSAN\HFT_v1.0.4.rar a variant of Generik.GXFXZVL trojan deleted D:\BOX\AVATOR\AvatorPro_Ver_2.0.rar multiple threats deleted D:\BOX\SPT\SPTCARD2048.exe multiple threats cleaned by deleting D:\BOX\SPT\SPTCARD2048.rar multiple threats deleted D:\BOX\VOLCANO\VolcanoUtility_v2.8.3_Volcano Yellowstone.rar multiple threats deleted D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module.rar multiple threats deleted D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\dPhone.dll a variant of Win32/Packed.Themida suspicious application cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\VolcanoTool.exe a variant of Win32/Packed.VMProtect.ABO trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\VolcanoUtility.exe a variant of Win32/Packed.VMProtect.ABO trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin\FlashTool.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin\HTCCALC.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin\XESevice.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin2\FlashTool.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin3\MtkAndroid.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin4\android_mtk.exe a variant of Win32/Packed.Themida.AAN trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin5\CDMA.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin6\FlashTool.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin7\bebe.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\bin8\SamsungModule.exe a variant of Win32/Packed.VMProtect.ABO trojan cleaned by deleting D:\BOX\VOLCANO\VolcanoUtility_v3.1.0_Volcano Module\rootfiles\Superuser.apk Android/Spy.Agent.BK trojan deleted D:\PROGRAMAS PC\sd5_setup.exe a variant of Win32/FusionCore.Y.gen potentially unwanted application cleaned by deleting D:\PROGRAMAS PC\REPARO REGISTRO\ccsetup544.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting D:\SONY\flashtool-0.9.18.6-Windows.exe a variant of Android/Exploit.Lotoor.EW trojan cleaned by deleting PC parece ter melhorado, ainda travando e umm pouco lento no crhomme, mas melhorou um pouco sim
  4. Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 10/07/18 Hora da análise: 09:21 Arquivo de registro: 28210c3e-8444-11e8-9061-00269e0596dc.json Administrador: Sim -Informação do software- Versão: 3.5.1.2522 Versão de componentes: 1.0.374 Versão do pacote de definições: 1.0.5851 Licença: Gratuita -Informação do sistema- Sistema operacional: Windows 7 Service Pack 1 CPU: x86 Sistema de arquivos: NTFS Usuário: NOTE\TURCA -Resumo da análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 186026 Ameaças detectadas: 2 Ameaças em quarentena: 0 (Nenhum item malicioso detectado) Tempo decorrido: 5 min, 7 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 2 PUP.Optional.AuslogicsDiskDefrag, C:\USERS\TURCA\DESKTOP\Auslogics Disk Defrag.lnk, Nenhuma ação do usuário, [3619], [537156],1.0.5851 PUP.Optional.AuslogicsDiskDefrag, C:\PROGRAM FILES\AUSLOGICS\DISK DEFRAG\DISKDEFRAG.EXE, Nenhuma ação do usuário, [3619], [537156],1.0.5851 Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:36:54, on 10/07/2018 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.19036) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe C:\Program Files\Diebold\Warsaw\core.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\CCleaner\CCleaner.exe C:\ProgramData\MEGAsync\MEGAsync.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE D:\MOTOROLA\FLASH\XT1672\CEDRIC_NPPS25.137-93-2-3_cid50_subsidy-DEFAULT_regulatory-DEFAULT_CFC.xml\adb.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\TURCA\Desktop\HijackThis.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.* R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKCU\..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe /BACKUP O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe -- End of file - 4930 bytes
  5. ~ ZHPCleaner v2018.7.10.148 by Nicolas Coolman (2018/07/10) ~ Run by TURCA (Administrator) (10/07/2018 08:38:45) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\TURCA\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\TURCA\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Deactivate ~ Boot Mode : Normal (Normal boot) Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (40) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (0) ~ No malicious or unnecessary items found. ---\\ Registry ( Key, Value, Data) (1) DELETED key*: HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>PUP.Optional.Camec ---\\ Summary of the elements found (1) https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Camec ---\\ Other deletions. (9) ~ Registry Keys Tracing deleted (9) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Browser not found (Mozilla Firefox) ~ Browser not found (Opera Software) ---\\ Statistics ~ Items scanned : 579 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 0/7 ~ Space saving (bytes) : 0 ~ End of clean in 00h00mn11s ---\\ Reports (2) ZHPCleaner--10072018-08_29_57.txt ZHPCleaner-[R]-10072018-08_38_56.txt Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 08:40:18, on 10/07/2018 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.19036) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe C:\Program Files\Diebold\Warsaw\core.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\CCleaner\CCleaner.exe C:\ProgramData\MEGAsync\MEGAsync.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files\Auslogics\Disk Defrag\DiskDefrag.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\TURCA\Desktop\HijackThis.exe C:\Windows\system32\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.* R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKCU\..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe /BACKUP O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe -- End of file - 6593 bytes
  6. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:05:09, on 09/07/2018 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.19036) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe C:\Program Files\Diebold\Warsaw\core.exe C:\Program Files\Trusteer\Rapport\bin\RapportService.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\ProgramData\MEGAsync\MEGAsync.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\cmd.exe C:\Windows\system32\conhost.exe C:\Program Files\Trusteer\Rapport\bin\RapportHelper.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\CCleaner\CCleaner.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\IObit\Smart Defrag\SmartDefrag.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\TURCA\Desktop\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.* R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKCU\..\Run: [SH_AutoBackup] C:\SHARMAQ\SHOficina\SHRecovery.exe /BACKUP O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe O23 - Service: PST Service - Motorola - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe -- End of file - 6475 bytes
  • Publicidade

×