Ir ao conteúdo
  • Cadastre-se

theilor thauan

Membros Juniores
  • Total de itens

    3
  • Registro em

  • Última visita

  • Qualificações

    N/D
  1. ele acabou acusando esses dois arquivos que são de programas que eu uso, porém, lembrando agora, eu uso o bluestacks então provavelmente esses serviços encontrados no primeiro post sejam dele certo?
  2. @Turco pronto esta com o scan. Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version) Tool run by theilor on 14/01/2020 at 21:41:32,27. Microsoft Windows 10 Pro 10.0.18363 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\theilor\AppData\Local\Temp\Temp1_zoek.zip\ZA-Scan.exe [Z-Analyse Scan] ==== Running Processes ====================== C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe C:\Program Files (x86)\Pingzapper\PZService.exe C:\Users\theilor\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Users\theilor\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\FileCoAuth.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Users\theilor\AppData\Local\Temp\ZAScan.exe ==== Services(whitelist) ====================== Powered by E Dev R2 - [NVDisplay.ContainerLocalSystem] - NVIDIA Display Container LS - c:\windows\system32\driverstore\filerepository\nv_dispi.inf_amd64_a3efb8aa9e9e249a\display.nvcontainer\nvdisplay.container.exe R2 - [PingzapperSvc] - Pingzapper Service - c:\program files (x86)\pingzapper\pzservice.exe R2 - [SgrmBroker] - System Guard Runtime Monitor Broker - c:\windows\system32\sgrmbroker.exe R2 - [TeamViewer] - TeamViewer 15 - c:\program files (x86)\teamviewer\teamviewer_service.exe R2 - [WinDefend] - Serviço Windows Defender Antivirus - c:\programdata\microsoft\windows defender\platform\4.18.1911.3-0\msmpeng.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe R3 - [SecurityHealthService] - Serviço de Segurança do Windows - c:\windows\system32\securityhealthservice.exe S2 - [gupdate] - Serviço do Google Update (gupdate) - c:\program files (x86)\google\update\googleupdate.exe S2 - [sppsvc] - Proteção de Software - c:\windows\system32\sppsvc.exe S3 - [ALG] - Serviço Gateway de Camada de Aplicativo - c:\windows\system32\alg.exe S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe S3 - [diagnosticshub.standardcollector.service] - Serviço Coletor de Padrões de Hub de Diagnóstico da Microsoft (R) - c:\windows\system32\diagsvcs\diagnosticshub.standardcollector.service.exe S3 - [EasyAntiCheat] - EasyAntiCheat - c:\program files (x86)\easyanticheat\easyanticheat.exe S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe S3 - [GoogleChromeElevationService] - Google Chrome Elevation Service - c:\program files (x86)\google\chrome\application\79.0.3945.117\elevation_service.exe S3 - [gupdatem] - Serviço do Google Update (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe S3 - [MSDTC] - Coordenador de transações distribuídas - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [NvContainerLocalSystem] - NVIDIA LocalSystem Container - c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe S3 - [NvContainerNetworkService] - NVIDIA NetworkService Container - c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe S3 - [perceptionsimulation] - Serviço de Simulação de Percepção do Windows - c:\windows\system32\perceptionsimulation\perceptionsimulationservice.exe S3 - [PerfHost] - Host de DLL de Contador de Desempenho - c:\windows\syswow64\perfhost.exe S3 - [Rockstar Service] - Rockstar Game Library Service - c:\program files\rockstar games\launcher\rockstarservice.exe S3 - [RpcLocator] - Alocador Remote Procedure Call (RPC) - c:\windows\system32\locator.exe S3 - [Sense] - Serviço Proteção Avançada contra Ameaças do Windows Defender - c:\program files\windows defender advanced threat protection\mssense.exe S3 - [SensorDataService] - Serviço de Dados de Sensor - c:\windows\system32\sensordataservice.exe S3 - [SNMPTRAP] - Interceptação SNMP - c:\windows\system32\snmptrap.exe S3 - [spectrum] - Serviço de Percepção do Windows - c:\windows\system32\spectrum.exe S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe S3 - [TieringEngineService] - Gerenciamento de Camadas de Armazenamento - c:\windows\system32\tieringengineservice.exe S3 - [TrustedInstaller] - Instalador de Módulos do Windows - c:\windows\servicing\trustedinstaller.exe S3 - [vds] - Disco Virtual - c:\windows\system32\vds.exe S3 - [VSS] - Cópia de Sombra de Volume - c:\windows\system32\vssvc.exe S3 - [wbengine] - Serviço de Mecanismo de Backup em Nível de Bloco - c:\windows\system32\wbengine.exe S3 - [WdNisSvc] - Serviço de Inspeção de Rede do Windows Defender Antivirus - c:\programdata\microsoft\windows defender\platform\4.18.1911.3-0\nissrv.exe S3 - [wmiApSrv] - Adaptador de Desempenho WMI - c:\windows\system32\wbem\wmiapsrv.exe S3 - [WMPNetworkSvc] - Serviço de Compartilhamento de Rede do Windows Media Player - c:\program files\windows media player\wmpnetwk.exe S4 - [AppVClient] - Microsoft App-V Client - c:\windows\system32\appvclient.exe S4 - [ssh-agent] - OpenSSH Authentication Agent - c:\windows\system32\openssh\ssh-agent.exe S4 - [UevAgentService] - Serviço de User Experience Virtualization - c:\windows\system32\agentservice.exe ==== Drivers(whitelist) ====================== Powered by E Dev R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys R0 - [WdFilter] - Driver de Minifiltro do Windows Defender Antivirus - C:\Windows\system32\Drivers\WdFilter.sys R0 - [Wof] - Windows Overlay File System Filter Driver - C:\Windows\system32\Drivers\Wof.sys R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys R3 - [srv2] - Driver SMB 2.xxx do Servidor - C:\Windows\system32\Drivers\srv2.sys R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys R0 - [acpiex] - Microsoft ACPIEx Driver - C:\Windows\system32\Drivers\acpiex.sys R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys R0 - [disk] - Driver de disco - C:\Windows\system32\Drivers\disk.sys R0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\Windows\system32\Drivers\EhStorClass.sys R0 - [fvevol] - Driver de Filtro de Criptografia de Unidade de Disco BitLocker - C:\Windows\system32\Drivers\fvevol.sys R0 - [intelpep] - Driver Intel(R) Power Engine Plug-in - C:\Windows\system32\Drivers\intelpep.sys R0 - [iorate] - Driver do Filtro de Taxa de E/S de Disco - C:\Windows\system32\Drivers\iorate.sys R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys R0 - [mountmgr] - Gerenciador de Pontos de Montagem - C:\Windows\system32\Drivers\mountmgr.sys R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys R0 - [MsSecFlt] - Minifiltro do Componente de Eventos de Segurança da Microsoft - C:\Windows\system32\Drivers\MsSecFlt.sys R0 - [NDIS] - Driver do Sistema NDIS - C:\Windows\system32\Drivers\NDIS.sys R0 - [partmgr] - Driver de partição - C:\Windows\system32\Drivers\partmgr.sys R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys R0 - [pdc] - pdc - C:\Windows\system32\Drivers\pdc.sys R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys R0 - [SgrmAgent] - System Guard Runtime Monitor Agent - C:\Windows\system32\Drivers\SgrmAgent.sys R0 - [spaceport] - Driver de Espaços de Armazenamento - C:\Windows\system32\Drivers\spaceport.sys R0 - [storahci] - Driver AHCI SATA Padrão da Microsoft - C:\Windows\system32\Drivers\storahci.sys R0 - [Tcpip] - Driver de Protocolo TCP/IP - C:\Windows\system32\Drivers\Tcpip.sys R0 - [vdrvroot] - Enumerador de Unidade Virtual Microsoft - C:\Windows\system32\Drivers\vdrvroot.sys R0 - [volmgr] - Driver de Gerenciador de Volumes - C:\Windows\system32\Drivers\volmgr.sys R0 - [volmgrx] - Gerenciador de Volume Dinâmico - C:\Windows\system32\Drivers\volmgrx.sys R0 - [volsnap] - Driver de Cópia de Sombra de Volume - C:\Windows\system32\Drivers\volsnap.sys R0 - [volume] - Driver do volume - C:\Windows\system32\Drivers\volume.sys R0 - [Wdf01000] - Serviço de Estruturas de Driver em Modo Kernel - C:\Windows\system32\Drivers\Wdf01000.sys R0 - [WFPLWFS] - Plataforma para Filtros do Microsoft Windows - C:\Windows\system32\Drivers\WFPLWFS.sys R0 - [WindowsTrustedRT] - Windows Trusted Execution Environment Class Extension - C:\Windows\system32\Drivers\WindowsTrustedRT.sys R0 - [WindowsTrustedRTProxy] - Serviço de Proteção de Tempo de Execução Confiável do Microsoft Windows - C:\Windows\system32\Drivers\WindowsTrustedRTProxy.sys R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys R1 - [tdx] - Driver de Suporte a TDI Herdado de NetIO - C:\Windows\system32\Drivers\tdx.sys R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys S0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys S0 - [WdBoot] - Driver de Inicialização do Windows Defender Antivirus - C:\Windows\system32\Drivers\WdBoot.sys S3 - [atapi] - Canal de IDE - C:\Windows\system32\Drivers\atapi.sys S3 - [Tcpip6] - @todo.dll,-100;Microsoft IPv6 Protocol Driver - C:\Windows\system32\Drivers\Tcpip6.sys [x] ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3651943628-483799169-25154171-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\theilor\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "Battle.net"="C:\Program Files (x86)\Battle.net\Battle.net.exe --autostarted" "Discord"="C:\Users\theilor\AppData\Local\Discord\app-0.0.305\Discord.exe" "utweb"="C:\Users\theilor\AppData\Roaming\uTorrent Web\utweb.exe /MINIMIZED" "EpicGamesLauncher"="C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent" "com.blitz.app"="C:\Users\theilor\AppData\Local\Blitz\Update.exe --processStart Blitz.exe --process-start-args --hidden" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\theilor\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "Battle.net"="C:\Program Files (x86)\Battle.net\Battle.net.exe --autostarted" "Discord"="C:\Users\theilor\AppData\Local\Discord\app-0.0.305\Discord.exe" "utweb"="C:\Users\theilor\AppData\Roaming\uTorrent Web\utweb.exe /MINIMIZED" "EpicGamesLauncher"="C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent" "com.blitz.app"="C:\Users\theilor\AppData\Local\Blitz\Update.exe --processStart Blitz.exe --process-start-args --hidden" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"="%windir%\system32\SecurityHealthSystray.exe " ==== Task Scheduler Jobs ====================== C:\Windows\tasks\CreateExplorerShellUnelevatedTask.job --a-------- C:\Windows\explorer.exe [14/12/2019 01:36] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\BlueStacksHelper" [C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe] "C:\Windows\SysNative\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe] "C:\Windows\SysNative\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" ["C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"] "C:\Windows\SysNative\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe] "C:\Windows\SysNative\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\Windows\SysNative\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\Windows\SysNative\tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe] "C:\Windows\SysNative\tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe] "C:\Windows\SysNative\tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe] "C:\Windows\SysNative\tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe] "C:\Windows\SysNative\tasks\OneDrive Standalone Update Task-S-1-5-21-3651943628-483799169-25154171-1001" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1576273055" [C:\Users\theilor\AppData\Local\Programs\Opera\launcher.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{84D8D506-3CD0-4B8A-8E0B-C9CB4F3361DF}" [C:\Windows\system32\msfeedssync.exe] ==== Chromium Look ====================== Google Chrome Version: 79.0.3945.117 HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions hdkdmoacnkphoadmfidlhfdobieblphn - C:\Program Files (x86)\EagleGet\addon\eagleget_newtab.crx[] Slides - theilor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Docs - theilor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - theilor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - theilor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Sheets - theilor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - theilor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - theilor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - theilor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - theilor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 F2 - REG:system.ini: UserInit= ==== EOF on 14/01/2020 at 21:43:12,70 ======================
  3. então eu estava mexendo no meu computador hoje e percebi uma demora ao iniciar o windows então eu fui no msconfig, desativei alguns programas e passei para a parte de serviços e me deparei com esses serviços, todos eles na descrição tem algo associado a monitorar e também sempre que reinicio o computador tudo o que tem depois do " _ " muda então gostaria de saber se realmente é algo malicioso, E se for como eu poderia fazer para tirar. Atualizado com o scan. Obs.: nenhum deles tem dependência no windows.

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

Aprenda_a_Ler_Resistores_e_Capacitores-capa-3d-newsletter.jpg

EBOOK GRÁTIS!

CLIQUE AQUI E BAIXE AGORA MESMO!