Ir para conteúdo
  • Cadastre-se

Pesquisar na Comunidade

Mostrando resultados para as tags ''trojan''.



Mais opções de pesquisa

  • Pesquisar por Tags

    Digite tags separadas por vírgulas
  • Pesquisar por Autor

Tipo de Conteúdo


Fóruns

  • WINDOWS
    • Windows 10: INSTALAÇÃO, ATIVAÇÃO, REDE E DRIVERS
    • Windows 10: GERAL
    • Windows 10: SEGURANÇA
    • Windows 10: DESEMPENHO
    • Windows 10: TUTORIAIS, GUIAS E DICAS
    • Windows 8.1 e anteriores: GERAL
    • Windows 8.1 e anteriores: TUTORIAIS
    • Windows Server
    • Microsoft Office
  • Remoção de vírus e malware pelo Mr.Million
    • Remoção de vírus e malware
    • Tópicos Resolvidos
    • Tópicos Arquivados
  • Vídeos e Cursos do BABOO
    • Espaço do Baboo
    • Vídeos do BABOO
    • Cursos Online
    • Windows Lento e Inseguro NUNCA MAIS!
  • Arquivo
    • Tópicos Antigos
  • BABOO
    • Notícias do site BABOO
    • Comentários, infos e novidades

Encontrar resultados em...

Encontrar resultados que...


Data de Criação

  • Início

    FIM


Data de Atualização

  • Início

    FIM


Filtrar pelo número de...

Data de Registro

  • Início

    FIM


Grupo


URL do site ou blog


LinkedIn


Facebook


Twitter


Google+


Skype


Idade


Nível de conhecimento de Windows


Nível de conhecimento de Segurança Digital


Sistema operacional que vc utiliza no dia-a-dia

Foram encontradas 5 postagens

  1. Sandro00001000

    remoção de virus entre outros

    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:12:49, on 12/01/2019 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.17134.0001) Boot mode: Normal Running processes: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Users\sandro ribas\AppData\Local\Microsoft\BingSvc\BingSvc.exe C:\Users\sandro ribas\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe C:\Users\sandro ribas\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?PC=DCJB R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 1.37.57.171:8 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll O4 - HKLM\..\Run: [MMReminderService] C:\Program Files (x86)\Mindjet\MindManager 7\MMReminderService.exe O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files (x86)\Essentials Codec Pack\update.exe -silent O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe O4 - HKLM\..\Run: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" O4 - HKLM\..\Run: [Shodo] C:\Program Files (x86)\Shodo\Shodo.exe O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" O4 - HKCU\..\Run: [BingSvc] C:\Users\sandro ribas\AppData\Local\Microsoft\BingSvc\BingSvc.exe O4 - HKCU\..\Run: [OneDrive] "C:\Users\sandro ribas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [Spotify] C:\Users\sandro ribas\AppData\Roaming\Spotify\Spotify.exe --autostart O4 - HKCU\..\Run: [EpicGamesLauncher] "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe O8 - Extra context menu item: Anexar a PDF existente - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Anexar destino do link a PDF existente - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Capturar esta página - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 O8 - Extra context menu item: Capturar favorito - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 O8 - Extra context menu item: Capturar imagem - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 O8 - Extra context menu item: Capturar seleção - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 O8 - Extra context menu item: Converter destino do link em Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Converter em Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Nova nota - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft SQL Server Compact Edition\Office12\REFIEBAR.DLL (file missing) O9 - Extra button: Send to Mindjet MindManager - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - C:\Program Files (x86)\Mindjet\MindManager 7\Mm7InternetExplorer.dll O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: aapj.bb.com.br O15 - Trusted Zone: seg.bb.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: cloud.gastecnologia.com.br O15 - Trusted Zone: bankline.itau.com.br O15 - Trusted Zone: clickbanking.itau.com.br O15 - Trusted Zone: guardiao.itau.com.br O15 - Trusted Zone: www.itau.com.br O15 - Trusted Zone: http://www.itau.com.br O15 - Trusted Zone: *.itau.com.br O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.2.0.0/GarminAxControl_32.CAB O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Serviço do Kaspersky Anti-Virus 19.0.0 (AVP19.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: DraftSight API Service - Dassault Systèmes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EpsonCustomerResearchParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: klvssbridge64_18.0.0 - Unknown owner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\vssbridge64.exe (file missing) O23 - Service: klvssbridge64_19.0.0 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe O23 - Service: Serviço do Kaspersky Secure Connection 2.0.0 (KSDE2.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MySQL - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: SACSrv - SafeNet, Inc. - C:\Program Files\SafeNet\Authentication\SAC\x64\SACSrv.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\Windows\system32\xbgmsvc.exe (file missing) -- End of file - 17657 bytes
  2. Philipe Afonso

    Sobre o vírus MEM:Trojan.Win32.SEPEH.gen

    Boa tarde, pessoal! Ontem instalei o Kaspersky Free (estou grato em dizer que adquiri hoje o Kaspersky Total Security! fiquem atentos às promoções e aos cupons de desconto, foi assim que consegui 50% de desconto por cupom) e descobri que meu laptop estava infectado pelo trojan "MEM:Trojan.Win32.SEPEH.gen". O antivírus anterior, AVG free, não conseguiu identificar o trojan. Ver solução em: Pelas informações que obtive fazendo uma breve pesquisa, tudo indica que esse vírus é bem recente. Segue abaixo informações sobre ele: A remoção só foi completa com o uso do ESET Online Scanner. Mas também outras ferramentas foram utilizadas, como demonstrado no tópico de solução.
  3. Philipe Afonso

    Remoção do vírus MEM:TROJAN.WIN32.SPEH.GEN

    Bom dia, Meu notebook Dell 7000 Gaming chegou semana passada e eu havia instalado o AVG antivírus free, conforme dica presente em um vídeo do Baboo no YouTube. Além disso, instalei o Malwarebytes e até então foi sucesso - só alguns PUP que o MWB encontrou e o restante era de arquivos de crack de jogos que mandei o antivírus excluir. O problema surgiu quando ontem de noite resolvi remover o AVG (fiz uma varredura antes e constava que meu notebook estava limpo) e instalar o Kaspersky free. Logo apareceu um trojan presente na memória do computador com a seguinte descrição: MEM:Trojan.WIN32.SPEH.gen. Fiz uma pesquisa na internet e, pelo que pareceu, o vírus é bem recente - o que me preocupou mais ainda. Porém, ainda receio que a indicação de ameaça do Kaspersky possa ser um falso-positivo. Por favor, gostaria que me ajudasse a remover esse vírus! Adiciono que o Windows Defender, durante a varredura do ESET, neutralizou uma ameaça "Trojan:Win32/Occany.c" advinda de uma pasta de jogo pirata que eu havia excluído. Depois de cinco varreduras do Kaspersky, apontando para o Trojan na memória, o computador foi reiniciado em três vezes e nas outras duas resolvi desinfectar sem reiniciar. Após as reinicializações o Trojan reaparecia. Histórico de varreduras do Kaspersky (00:51 até 3:15): 20.09.2018 02.55.12 Rootkit Scan Objects detected: 1, neutralized: 1, not disinfected: 0 Detected: 1 Deleted: 1 Not disinfected: 0 Release date of databases used for scan: 9/20/2018 1:46 AM Total duration: 20 minutes 15 seconds Completion time: 9/20/2018 3:15 AM 20.09.2018 02.19.12 Advanced Disinfection Objects detected: 1, neutralized: 1, not disinfected: 0 Detected: 1 Deleted: 1 Not disinfected: 0 Release date of databases used for scan: 9/19/2018 10:22 PM Total duration: 2 minutes 33 seconds Completion time: 9/20/2018 2:21 AM 20.09.2018 02.17.42 Full Scan (canceled) Objects detected: 1, neutralized: 0, not disinfected: 1 Detected: 1 Deleted: 0 Not disinfected: 1 Release date of databases used for scan: 9/19/2018 10:22 PM Total duration: 1 minute 30 seconds Completion time: 9/20/2018 2:19 AM 20.09.2018 01.58.45 Quick Scan No threats detected Detected: 0 Deleted: 0 Not disinfected: 0 Release date of databases used for scan: 9/19/2018 10:22 PM Total duration: 4 minutes 25 seconds Completion time: 9/20/2018 2:03 AM 20.09.2018 01.43.41 Full Scan Objects detected: 1, neutralized: 1, not disinfected: 0 Detected: 1 Deleted: 1 Not disinfected: 0 Cloud objects skipped: 496 Release date of databases used for scan: 9/19/2018 10:22 PM Total duration: 14 minutes 35 seconds Completion time: 9/20/2018 1:58 AM 20.09.2018 01.39.00 Advanced Disinfection Objects detected: 1, neutralized: 1, not disinfected: 0 Detected: 1 Deleted: 1 Not disinfected: 0 Release date of databases used for scan: 9/19/2018 10:22 PM Total duration: 2 minutes 56 seconds Completion time: 9/20/2018 1:41 AM 20.09.2018 01.39.00 Rootkit Scan (canceled) No threats detected Detected: 0 Deleted: 0 Not disinfected: 0 Release date of databases used for scan: 9/19/2018 10:22 PM Total duration: 0 seconds Completion time: 9/20/2018 1:38 AM 20.09.2018 01.02.39 Full Scan Objects detected: 2, neutralized: 1, not disinfected: 1 Detected: 2 Deleted: 1 Not disinfected: 1 Cloud objects skipped: 496 Release date of databases used for scan: 9/19/2018 10:22 PM Total duration: 36 minutes 20 seconds Completion time: 9/20/2018 1:38 AM 20.09.2018 00.57.58 Advanced Disinfection Objects detected: 1, neutralized: 1, not disinfected: 0 Detected: 1 Deleted: 1 Not disinfected: 0 Release date of databases used for scan: 9/19/2018 10:22 PM Total duration: 3 minutes 3 seconds Completion time: 9/20/2018 1:01 AM 20.09.2018 00.56.26 Full Scan (canceled) Objects detected: 1, neutralized: 0, not disinfected: 1 Detected: 1 Deleted: 0 Not disinfected: 1 Release date of databases used for scan: 9/19/2018 10:22 PM Total duration: 1 minute 21 seconds Completion time: 9/20/2018 12:57 AM 20.09.2018 00.51.03 Advanced Disinfection Objects detected: 1, neutralized: 1, not disinfected: 0 Detected: 1 Deleted: 1 Not disinfected: 0 Release date of databases used for scan: 9/19/2018 10:22 PM Total duration: 3 minutes 9 seconds Completion time: 9/20/2018 12:54 AM 20.09.2018 00.49.48 Full Scan (canceled) Objects detected: 1, neutralized: 0, not disinfected: 1 Detected: 1 Deleted: 0 Not disinfected: 1 Cloud objects skipped: 496 Release date of databases used for scan: 9/19/2018 10:22 PM Total duration: 1 minute 14 seconds Completion time: 9/20/2018 12:51 AM Logs e reports em ordem de execução. Report do Kaspersky free (e sim, depois disso eu deletei meus jogos piratas, cerca de cinco, criando vergonha na cara para comprá-los. Não tenho vergonha de admitir isso. Que isso sirva de lição a todos: não baixem softwares piratas!): 20.09.2018 02.25.26 Detected object (system memory) not processed System Memory System memory: System Memory Object name: MEM:Trojan.Win32.SEPEH.gen Object type: Trojan program Time: 9/20/2018 2:25 AM 20.09.2018 01.12.42 Detected object (file) deleted D:\Downloads\Jogos\Portal.2.RePack\Portal-2.exe File: D:\Downloads\Jogos\Portal.2.RePack\Portal-2.exe Object name: UDS:Trojan.Win32.Comei.sb Object type: Trojan program Time: 9/20/2018 1:12 AM Log do ADWcleaner: # ------------------------------- # Malwarebytes AdwCleaner 7.2.3.0 # ------------------------------- # Build: 08-30-2018 # Database: (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 09-20-2018 # Duration: 00:00:17 # OS: Windows 10 Pro # Scanned: 41929 # Detected: 0 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. AdwCleaner_Debug.log - [37645 octets] - [20/09/2018 02:13:23] AdwCleaner[S00].txt - [2884 octets] - [20/09/2018 02:13:57] AdwCleaner[C00].txt - [2851 octets] - [20/09/2018 02:14:30] AdwCleaner[S01].txt - [1422 octets] - [20/09/2018 02:16:01] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ########## Log do Malwarebytes (com opção de rootkits ativada): Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 20/09/2018 Hora da análise: 02:35 Arquivo de registro: feb1a076-bc96-11e8-975b-d09466f6f85f.json -Informação do software- Versão: 3.6.1.2711 Versão de componentes: 1.0.463 Versão do pacote de definições: 1.0.6923 Licença: Versão de Avaliação -Informação do sistema- Sistema operacional: Windows 10 (Build 17134.285) CPU: x64 Sistema de arquivos: NTFS Usuário: DESKTOP-2IO1G6F\phili -Resumo da análise- Tipo de análise: Análise de Ameaças Análise Iniciada Por: Manual Resultado: Concluído Objetos verificados: 308124 Ameaças detectadas: 4 Ameaças em quarentena: 4 Tempo decorrido: 2 min, 42 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Detectar PUM: Detectar -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 1 PUP.Optional.SpyHunter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\Windows\CURRENTVERSION\UNINSTALL\SpyHunter5, Excluir ao reiniciar, [3920], [552679],1.0.6923 Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 0 (Nenhum item malicioso detectado) Arquivo: 3 PUP.Optional.SpyHunter, C:\PROGRAM FILES\ENIGMASOFT\SPYHUNTER\SPYHUNTER5.EXE, Excluir ao reiniciar, [3920], [552678],1.0.6923 PUP.Optional.SpyHunter, C:\PROGRAMDATA\ENIGMASOFT LIMITED\SH5_INSTALLER.EXE, Excluir ao reiniciar, [3920], [552679],1.0.6923 PUP.Optional.SpyHunter, C:\PROGRAMDATA\ENIGMASOFT LIMITED\SH5_INSTALLER.EXE, Excluir ao reiniciar, [3920], [552698],1.0.6923 Setor físico: 0 (Nenhum item malicioso detectado) Instrumentação do Windows (WMI): 0 (Nenhum item malicioso detectado) (end) Log do ZHPCleaner: ~ ZHPCleaner v2018.9.14.172 by Nicolas Coolman (2018/09/14) ~ Run by phili (Administrator) (20/09/2018 02:45:31) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\phili\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\phili\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Pro, 64-bit (Build 17134) ---\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. (ADS) ---\ Services (0) ~ No malicious or unnecessary items found. (Service) ---\ Browser internet (0) ~ No malicious or unnecessary items found. (Browser) ---\ Hosts file (1) ~ The hosts file is legitimate (21) ---\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. (Task) ---\ Explorer ( File, Folder) (1) MOVED folder: C:\Users\phili\AppData\Local\OneDrive =>PUP.Optional.Y2Go ---\ Registry ( Key, Value, Data) (3) DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{50f4b9dd-c39c-4241-9199-cedb1d2f772c}\\DhcpNameServer [Bad : 189.5.128.61 189.5.128.66] =>Hijacker.Browser DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 189.5.128.61 189.5.128.66] =>Hijacker.Browser DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.] =>BitTorrent (P2P) ---\ Summary of the elements found (3) https://nicolascoolman.eu/2017/04/08/pup-optional-y2go/ =>PUP.Optional.Y2Go https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P) ---\ Other deletions. (10) ~ Registry Keys Tracing deleted (10) ~ Remove the old reports ZHPCleaner. (0) ---\ Result of repair ~ Repair carried out successfully ~ Browser not found (Opera Software) ---\ Statistics ~ Items scanned : 762 ~ Items found : 0 ~ Items cancelled : 0 ~ Items options : 0/7 ~ Space saving (bytes) : 0 ~ End of clean in 00h00mn13s ---\ Reports (2) ZHPCleaner--20092018-02_45_12.txt ZHPCleaner-[R]-20092018-02_45_44.txt Log do ESET Smart Installer (varredura realizada com anti-vírus e anti-malware desligado): C:\Users\phili\AppData\Local\Temp\temp__1366\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__14298\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__1441\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__17846\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__18081\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__18352\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__18883\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__19688\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__19982\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__20048\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__20891\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__21504\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__21595\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__22650\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__24057\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__2510\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__264\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__26721\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__27249\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__28498\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__29311\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__30810\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__3126\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__31310\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__31363\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__32440\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__3512\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__5864\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__7585\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__9021\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Users\phili\AppData\Local\Temp\temp__9850\package\upd.bat PowerShell/TrojanDownloader.Agent.AVN trojan cleaned by deleting C:\Windows\System32\cscsrv.dll a variant of Win64/CoinMiner.NZ trojan cleaned by deleting D:\Livros Eletrônicos\organizar pdfs\e-books\E-Livros\Kaspersky Anti-Virus + Internet Security + Total Security 2018 18.0.0.405 + Activator [CracksNow]\Kaspersky Total Security 2018\Activator + Update.rar a variant of Win32/RiskWare.HackAV.OM application deleted
  4. andrelsf

    Solicitação de Análise de Logs

    Já fiz todos os procedimentos solicitados no Tópico Oficial. O meu problema é que sempre que o PC é iniciado, o processo Svchost iniciar com uso de mais de 50% de recursos do processador e a placa de vídeo fica trabalhando em sua potência máxima, mesmo sem que eu abra qualquer jogo ou aplicativo. Segue meu log para exame: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:30:38, on 25/08/2018 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.17134.0001) Boot mode: Normal Running processes: C:\Windows\SysWOW64\svchost.exe C:\Windows\SysWOW64\svchost.exe C:\Program Files (x86)\IObit\Driver Booster\5.5.1\Pub\PubMonitor.exe C:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/p/?LinkId=619797&PC=UE01&ocid=UE01DHP R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit= O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE /EPT "EPLTarget\P0000000000000000" /M "L355 Series" O4 - HKCU\..\Run: [Discord] C:\Users\Eudes Pereira\AppData\Local\Discord\app-0.0.301\Discord.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\RunOnce: [Uninstall 18.131.0701.0007\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Eudes Pereira\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\amd64" O4 - HKCU\..\RunOnce: [Uninstall 18.131.0701.0007] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Eudes Pereira\AppData\Local\Microsoft\OneDrive\18.131.0701.0007" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE') O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{413eaeca-9f54-4950-bc55-b51e41cd0065}: NameServer = 181.213.132.2,181.213.132.3 O17 - HKLM\System\CS1\Services\Tcpip\..\{413eaeca-9f54-4950-bc55-b51e41cd0065}: NameServer = 181.213.132.2,181.213.132.3 O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O20 - AppInit_DLLs: prio32.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - AMD - C:\Windows\System32\DriverStore\FileRepository\c0331834.inf_amd64_598c38be6d6a3fce\B331820\atiesrxx.exe O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Prio Service (prio_svc) - Unknown owner - C:\Program Files\Prio\prio_svc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\Windows\system32\xbgmsvc.exe (file missing) -- End of file - 8247 bytes
  5. Karioba

    Malwarebytes

    Tenho o Advanced System Care instalado, instalei o Malwarebytes e ele desinstalou o Advanced dizendo que o Advanced é uma ameaça, o que eu posso fazer ou se tem algum anti malware de confiança para instalar. Obrigado Karioba
×