Ir para conteúdo

A partir do dia 19/11/2018, o foco do Fórum do BABOO é apenas Windows e Segurança Digital conforme informado no início de 2018.
As áreas que não têm relação com esses dois assuntos foram arquivadas e seus tópicos estão disponíveis para consulta na área Tópicos Antigos.

horozitta

  • Postagens

    2
  • Desde

  • Última visita

Últimos Visitantes

O bloco dos últimos visitantes está desativado e não está sendo visualizado por outros usuários.

  1. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:56:51, on 04/12/2018 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.17134.0001) Boot mode: Normal Running processes: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe C:\Users\Andressa\AppData\Local\Discord\app-0.0.301\Discord.exe C:\Users\Andressa\AppData\Local\Discord\app-0.0.301\Discord.exe C:\Users\Andressa\AppData\Local\Discord\app-0.0.301\Discord.exe C:\Users\Andressa\AppData\Local\Discord\app-0.0.301\Discord.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe C:\Users\Andressa\Downloads\HijackThis (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung17win10.msn.com/?PC=SMTE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:NewsFeed R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe, O1 - Hosts: ::1 localhost O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKCU\..\Run: [OneDrive] "C:\Users\Andressa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [uTorrent] "C:\Users\Andressa\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [Discord] C:\Users\Andressa\AppData\Local\Discord\app-0.0.301\Discord.exe O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #1] C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe /RestartByRestartManager:8902FDF9-AEB9-4d39-B3D7-D0E2EC54D9DD (User 'SISTEMA') O4 - HKUS\S-1-5-18\..\RunOnce: [Application Restart #0] C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe /RestartByRestartManager:F4EC75CB-6063-4aa0-83A4-1C97B85BF5F5 (User 'SISTEMA') O4 - HKUS\.DEFAULT\..\RunOnce: [Application Restart #1] C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe /RestartByRestartManager:8902FDF9-AEB9-4d39-B3D7-D0E2EC54D9DD (User 'Default user') O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{c127b507-c526-45c9-b16c-dd7e6ff4f0d7}: NameServer = 82.163.143.146,82.163.142.148 O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AtherosSvc - Unknown owner - C:\Windows\system32\DRIVERS\AdminService.exe (file missing) O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fd63a73c8c937d34\IntelCpHeciSvc.exe O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fd63a73c8c937d34\IntelCpHDCPSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @oem43.inf,%ServiceDisplayName%;Intel(R) Dynamic Platform and Thermal Framework service (esifsvc) - Unknown owner - C:\Windows\System32\Intel\DPTF\esif_uf.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fd63a73c8c937d34\igfxCUIService.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe O23 - Service: Intel(R) TPM Provisioning Service - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe O23 - Service: Intel(R) Audio Service (IntelAudioService) - Unknown owner - C:\Windows\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (file missing) O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MGE0N - Unknown owner - rundll32.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung Settings Expansion Launcher - Unknown owner - C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpLauncher.exe O23 - Service: Samsung Recovery Service (SamsungRecoveryService) - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\Recovery\BulletService.exe O23 - Service: SamsungSecurity Launcher - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityLauncher.exe O23 - Service: Samsung Update Service (SamsungUpdateService) - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\SamsungUpdate\\SUService.exe O23 - Service: SecPowerCtrlService - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlService.exe O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: Service KMSELDI - @ByELDI - C:\Program Files\KMSpico\Service_KMS.exe O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: sService Agent Launcher - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\sService\sServiceAgentLauncherSvc.exe O23 - Service: sServiceLoopBack - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\sService\sServiceLoopBackSvc.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: wampapache64 - Apache Software Foundation - c:\wamp64\bin\apache\apache2.4.35\bin\httpd.exe O23 - Service: wampmariadb64 - Unknown owner - c:\wamp64\bin\mariadb\mariadb10.3.9\bin\mysqld.exe O23 - Service: wampmysqld64 - Unknown owner - c:\wamp64\bin\mysql\mysql5.7.23\bin\mysqld.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\Windows\system32\xbgmsvc.exe (file missing) O23 - Service: ZjJmOTVhMWNjOTEzODUx - Unknown owner - C:\Program Files\ZjJmOTVhMWNjOTEzODUx\M2ViOWFl.exe -- End of file - 11606 bytes
  2. Boa noite galera, Fui instalar um programa no meu computador, mas logo vi que o mesmo era fake (falso) e ele acabou instalando vários malwares, adwares, PUP's e cavalos de tróia no meu PC (muitos mesmo), inclusive aqueles que alteram o registro do sistema, tantos que eu nem sei como remover. Descobri a detecção pois utilizo o antivírus Panda Security Pro. Não sei o que faço, sou um pouco leiga em segurança, mas entendo o necessário para seguir vossas dicas me ajudem pfv edit 1: meu chrome está cheio de propagandas e pop-ups indesejados, já reseitei ele e também verifiquei as extensões e nada. Também dei uma olhada nos programas instalados no painel de controle e já desinstalei o que estava de anormal com o Revo Unistaller pro Link de onde baixei: http://www.jyvsoft.com/2018/06/18/voicemod-v1131-x64/
×