Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

.matiello

[Resolvido] Verificação de Log

Recommended Posts

Olá, gostaria de ajuda para verificação. Percebi que estou com algum tipo de vírus no meu email(hotmail). Recebi um email, vindo de mim mesmo. Passei o Malwarebytes e rodei o McAfee, mas a situação continua a mesma.

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:38:44 PM, on 20-Jun-15
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\puush\puush.exe
C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
C:\Users\henri_000\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Dell Update\DellUpTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui /runkey
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [GoPro Studio Importer] C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\henri_000\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [puush] C:\Program Files (x86)\puush\puush.exe
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\henri_000\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\henri_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [spotify] "C:\Users\henri_000\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [bankerFixV3] \LinhaDefensiva\rotinas\postreboot.bat
O4 - Global Startup: GoPro Importer.lnk = C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Customer Connect - Dell Inc. - C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe
O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
O23 - Service: Dell Product Registration Manager (DellProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
O23 - Service: Dell Update Service (DellUpdate) - Dell Inc. - C:\Program Files (x86)\Dell Update\DellUpService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: My Dell Client Framework - Dell Inc. - C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 16805 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites
/!\ Bom Dia! matiello /!\


> Aparentemente,não malwares em execução!


> Abra o HijackThis.

> Clique: Do a system scan only


O4 - HKCU\..\Run: [Facebook Update] "C:\Users\henri_000\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver


O4 - HKCU\..\Run: [bankerFixV3] \LinhaDefensiva\rotinas\postreboot.bat


> Marque estas entradas que estão em vermelho! ( Assinale as caixinhas! )

> Clique,para finalizá-las,em Fix checked.


> Baixe: < ZHPDiag2.exe > < NicolasCoolman.jpg > ( ... de Nicolas Coolman )

> Ou aqui! << Link!

> Ou aqui! << Mirror!


pSGTOt0.jpg


> Se o download não iniciar,automáticamente,vá em "clique aqui",para outro link alternativo.

> Salve-o no disco local! ( C ou D )

> Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.


ZHPDiag_Pergaminho2_zps6e758639.jpg


> Execute o ícone do pergaminho. ( ZHPDiag )


Vnc4TryL.jpg


> Clique "COMPLETA" e aguarde a conclusão!

> Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt )

> Ps: Como o log será extenso,envie-o à Pjjoint.malekal.


> Ou acesse: < Cjoint_Logo.jpg >


> Maiores informações: < |Link| > << Hospedagem!


A+

Compartilhar este post


Link para o post
Compartilhar em outros sites
/!\ Bom Dia! .matiello /!\

A atividade de spam no hotmail seria detectado pelo hijack?

> Não!
> Execute este script na ferramenta ZHPFix.
> Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
> Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
> À seguir,minimize o Bloco de Notas.
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyCLSID
EmptyTemp
EmptyFlash
HiddenFix
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2481831376-2314398108-120359188-1001Core] (.Facebook Inc..) -- C:\Users\henri_000\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2481831376-2314398108-120359188-1001UA] (.Facebook Inc..) -- C:\Users\henri_000\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.140237BA8BD1AAC665893A4A456ABDD9] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS\AutoKMS.exe [3732480]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2481831376-2314398108-120359188-1001Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2481831376-2314398108-120359188-1001Core.job [940]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2481831376-2314398108-120359188-1001Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2481831376-2314398108-120359188-1001Core [940]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2481831376-2314398108-120359188-1001UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2481831376-2314398108-120359188-1001UA.job [962]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2481831376-2314398108-120359188-1001UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2481831376-2314398108-120359188-1001UA [962]
[HKCU\Software\AppDataLow\Software\BackgroundContainerV2]
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow\Software\TbccintSearchScopes]
[HKCU\Software\AppDataLow\Software\Tbccint]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\Conduit]
[HKLM\Software\Wow6432Node\Conduit]
[HKCU\Software\AppDataLow\Software\TbccintSearchScopes]
[HKCU\Software\AppDataLow\Software\Tbccint]
[HKCU\Software\Conduit]
[HKLM\Software\Wow6432Node\Conduit]
sysrestore
> Abra a ferramenta ZHPFix. < ZHPFix_logo2_zpsea0f2aa4.jpg >
> Clique IMPORTAÇÃO >> OK.
> Ps: Ao clicar "OK",verifique se o campo está limpo para que receba,somente,as informações do script.
> Clique "GO".
> Poste o relatório!
434264.gif
< Peço aos visitantes que não utilizem este script em seus computadores,sob risco de danos aos mesmos! >
A+

Compartilhar este post


Link para o post
Compartilhar em outros sites
Rapport de ZHPFix 2015.4.9.5 par Nicolas Coolman, Update du 18/03/2015

Fichier d'export Registre :

Run by henri_000 at 21-Jun-15 12:05:47 AM

High Elevated Privileges : OK

Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)


Recycle Bin emptied (07mn AMs)

Prefetcher emptied


========== Registry keys ==========

REMOVES: HKCU\Software\AppDataLow\Software\BackgroundContainerV2

REMOVES: HKCU\Software\AppDataLow\Software\Smartbar

REMOVES: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

REMOVES: HKCU\Software\AppDataLow\Toolbar

REMOVES: HKCU\Software\AppDataLow\Software\TbccintSearchScopes

REMOVES: HKCU\Software\AppDataLow\Software\Tbccint

REMOVES: HKCU\Software\Conduit

REMOVES: HKLM\Software\Wow6432Node\Conduit


========== Registry values ==========

ABSENT value Standard Profile: FirewallRaz :

ABSENT value Domain Profile: FirewallRaz :

REMOVES: FirewallRaz (Domain) : {9E3D57FC-7C37-4424-9352-4831E97D029D}

REMOVES: FirewallRaz (Domain) : {548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}


========== Folders ==========

No folders empty CLSID Local user

Deletes temporary Windows (250)

REMOVES Flash Cookies (0)


========== Files ==========

Deletes temporary Windows (168) (101,597,675 octets)

REMOVES Flash Cookies (0) (0 octets)


========== Scheduled task ==========

REMOVES: FacebookUpdateTaskUserS-1-5-21-2481831376-2314398108-120359188-1001Core

REMOVES: FacebookUpdateTaskUserS-1-5-21-2481831376-2314398108-120359188-1001UA

REMOVES: AutoKMS

REMOVES: AutoKMS

REMOVES: AutoKMS


========== Hidden folders/files restored ==========

Mes images (My Pictures) : 27 restored successfully

Ma musique (My Music) : 295 restored successfully

Ma Video (My Video) : 34 restored successfully

Mes Favoris (My Favorites) : 2 restored successfully

Mes Documents (My Documents) : 13 restored successfully

Mon Bureau (My Desktop) : 9 restored successfully

Menu demarrer (Programs) : 8 restored successfully

Dossier utilisateur (AppData) : 24 restored successfully

Programmes (Program Files) : 6 restored successfully


========== System restore ==========

The system successfully created restore point



========== Summary ==========

8 : Registry keys

4 : Registry values

3 : Folders

2 : Files

5 : Scheduled task

418 : Hidden folders/files restored

1 : System restore



End of clean in 51mn AMs


========== Path to file report ==========

C:\Users\henri_000\AppData\Roaming\ZHP\ZHPFix[R1].txt - 21-Jun-15 12:05:55 AM [2453]

Compartilhar este post


Link para o post
Compartilhar em outros sites
/!\ Boa Tarde! .matiello /!\




> Seu hotmail pode ter sido hackeado.

> Utilize o Yahoo Mail,por um período,até que esta situação seja sanada!


> Baixe: < AdwCleaner_Logo2_zps580bcd78.jpg > ( ... par Xplode )


> Ou daqui: < AdwCleaner >

> Ao acessar,clique em "Download Now".


> Salve-o no desktop!


< Executar_Administrador.jpg >


> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.


AdwCleaner_Examinar_zps828ed634.jpg


> Ps: D� início ao scan,clicando em "Examinar".


AdwCleaner_Limpar_zps06005ae9.jpg


> Ao concluir,clique "Limpar" ou "Cleaning" >> Ok >> Ok >> Ok.

> Copie o log ou clique "Relatorio".

> Poste: < C:\AdwCleaner\AdwCleaner[s0].txt >


A+

Compartilhar este post


Link para o post
Compartilhar em outros sites
# AdwCleaner v4.206 - Logfile created 21/06/2015 at 10:29:30

# Updated 01/06/2015 by Xplode

# Database : 2015-06-17.1 [server]

# Operating system : Windows 8.1 (x64)

# Username : henri_000 - MATIELLO

# Running from : C:\Users\henri_000\Desktop\AdwCleaner.exe

# Option : Cleaning


***** [ Services ] *****



***** [ Files / Folders ] *****


Folder Deleted : C:\Users\henri_000\AppData\LocalLow\Tbccint

File Deleted : C:\END

File Deleted : C:\Users\henri_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage

File Deleted : C:\Users\henri_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal


***** [ Scheduled tasks ] *****



***** [ Shortcuts ] *****



***** [ Registry ] *****


Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}


***** [ Web browsers ] *****


-\\ Internet Explorer v11.0.9600.17840



-\\ Google Chrome v43.0.2357.124


[C:\Users\henri_000\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] :

[C:\Users\henri_000\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [startup_URLs] : 37D9568D348EDF77F73A1F3B60F5F1DC09EC5836273DBFD66B1861B28A7DF3A3"},"software_reporter":{"prompt_reason":"0A3B07BAE36CA2D73D136CCD3274D8D147C1F8DB2A45A9E0EFF9CB91A2D0D7BF","prompt_seed":"B92681C4F460C884C06B644CE183287A00277DF0B915BA2655D31E35D49CAAD7","prompt_version":"4D7B1E0830276285685D136008D1257DD2646E40075D625BF90A7F0524AE40C8"},"sync":{"remaining_rollback_tries":"5A360A4BDB99EAE5A7815F84710BD9A008F6A465BECEBE95DBE4635EB9AD6F5C"}},"super_mac":"E9C66AA2DDC8BEB524F90044DB9B7370D7F24D237FAA78D302E320FDAFA9983E"},"session":{"restore_on_startup":1,"startup_urls":["hxxp://istart.webssearches.com/?type=hppp&ts=1398804259&from=tugs&uid=WDCXWD5000AAKS-00V1A0_WD-WMAWF118870488704


*************************


AdwCleaner[R0].txt - [7047 bytes] - [21/06/2015 10:24:50]

AdwCleaner[s0].txt - [2204 bytes] - [21/06/2015 10:29:30]


########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2263 bytes] ##########

Compartilhar este post


Link para o post
Compartilhar em outros sites

/!\ Boa Noite! .matiello /!\

 

zx4ZII3H.jpg
> Abra a ferramenta AdwCleaner e clique em "Desinstalar".
> Confirme a solicitação!

> Baixe: < 1268r49.png > ( ... by Oleg N. Scherbakov )
> Salve-o no desktop!
> Desabilite seu antivírus!
> Para Windows 7,clique direito em JRT.exe e execute-o ...
Executar_Administrador.jpg
KRBKDhB8.jpg
> Aguarde a conclusão e poste o relatório. ( JRT.txt )
A+

 

Compartilhar este post


Link para o post
Compartilhar em outros sites
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 7.0.3 (06.19.2015:1)

OS: Windows 8.1 x64

Ran by henri_000 on 21-Jun-15 at 13:34:53.25

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





~~~ Services




~~~ Tasks


Successfully deleted: [Task] C:\Windows\system32\tasks\PCDEventLauncherTask

Successfully deleted: [Task] C:\Windows\system32\tasks\PCDoctorBackgroundMonitorTask




~~~ Registry Values




~~~ Registry Keys




~~~ Files




~~~ Folders


Successfully deleted: [Folder] C:\ProgramData\pcdr

Successfully deleted: [Folder] C:\Users\henri_000\AppData\Roaming\pcdr

Successfully deleted: [Folder] C:\Windows\syswow64\ai_recyclebin




~~~ Chrome



[C:\Users\henri_000\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset


[C:\Users\henri_000\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:


[C:\Users\henri_000\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset


[C:\Users\henri_000\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:

[]






~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 21-Jun-15 at 13:45:13.29

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Compartilhar este post


Link para o post
Compartilhar em outros sites

/!\ Bom Dia! .matiello /!\

 

> Baixe: < FRST_Logo.jpg > ( ... by Farbar )
> No banner àcima,é para sistemas 32bits!
> No link àcima,é para sistemas 64bits!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".
FRST_Addition_Scan_zpsa9fe21c8.jpg
> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
> Poste os relatórios! (FRST.txt + Addition.txt)
> Como o log será extenso,envie-o à Cjoint_Logo.jpg >
EUE4tdb.jpg
> Clique no botão Parcourir...
> Busque o relatório e clique no botão Abrir.
> Clique no botão "Créer le lien Cjoint".
> Copie o link que está ao lado de "Le lien a été créé" e poste-o em sua resposta.
acrVh6GY.jpg
> O link ao relatório,que é este assinalado,deverá ser colado em sua resposta.
Copierlelien_zpsd51f499f.jpg
> Ou clique "Copier le lien (*)" e cole o link ao seu Post.
A+

Compartilhar este post


Link para o post
Compartilhar em outros sites
/!\ Bom Dia! .matiello /!\


> Baixe: < CTR_Logo_zpsd76553a2.jpg > ( ... de Pierre 13 )

> Caso encontre dificuldades ou bloqueio ao realizar o download,utilize o navegador Internet Explorer.

> Salve-a no desktop!

> Para Windows 7 e 8,execute-a com clique direito do mouse.

> Desabilite seu antivírus!


8vq7ma.jpg


> Escolha: Executar como administrador! ( Windows Vista, 7 ,8 e 8.1 ) (32 e 64 bits)

> Para Windows XP,basta duplo-clique em CTR.exe.

> Aguarde a finalização,que é rápida!

> Poste o relatório! ( CTR.txt )


> Copie estas informações que estão em vermelho,para o Bloco de Notas.

> Salve-as com o nome fixlist. << Texto!

> Salve-as no desktop! ( Área de trabalho ... ) -/- C:\Users\henri_000\Desktop <<


start

CloseProcesses:

emptytemp:

HKU\S-1-5-21-2481831376-2314398108-120359188-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]

2015-06-21 13:45 - 2015-06-21 13:45 - 00001422 _____ C:\Users\henri_000\Desktop\JRT.txt

2015-06-21 13:35 - 2015-06-21 13:35 - 00000207 _____ C:\Windows\tweaking.com-regbackup-MATIELLO-Windows-8.1-(64-bit).dat

2015-06-21 13:32 - 2015-06-21 13:33 - 02950750 _____ (Thisisu) C:\Users\henri_000\Desktop\JRT.exe

2015-06-21 00:05 - 2015-06-21 00:05 - 00002539 _____ C:\Users\henri_000\Desktop\ZHPFixReport.txt

2015-06-20 21:59 - 2015-06-20 21:59 - 00122900 _____ C:\Users\henri_000\Desktop\ZHPDiag.txt

2015-06-20 21:57 - 2015-06-20 21:57 - 00000512 _____ C:\PhysicalDisk0_MBR.bin

2015-06-20 21:52 - 2015-06-21 00:05 - 00000000 ____D C:\Users\henri_000\AppData\Roaming\ZHP

2015-06-20 21:52 - 2015-06-20 21:52 - 00002005 _____ C:\Users\henri_000\Desktop\ZHPFix.lnk

2015-06-20 21:52 - 2015-06-20 21:52 - 00001874 _____ C:\Users\henri_000\Desktop\ZHPDiag.lnk

2015-06-20 21:52 - 2015-06-20 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

2015-06-20 21:52 - 2015-06-20 21:52 - 00000000 ____D C:\Program Files (x86)\ZHPDiag

2015-06-20 21:50 - 2015-06-20 21:51 - 06880102 _____ (Nicolas Coolman ) C:\Users\henri_000\Downloads\ZHPDiag2.exe

2015-06-20 17:30 - 2015-06-20 17:30 - 00000000 ____D C:\Users\henri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

2015-06-20 17:30 - 2015-06-20 17:30 - 00000000 ____D C:\Program Files (x86)\Trend Micro

2015-06-20 17:27 - 2015-06-20 17:38 - 00000000 ____D C:\HijackThis

CreateRestorePoint:

Reboot:

end


> Execute FRST/FRST64 >> Clique "Fix" << Aguarde!

> Na mensagem,clique Executar.

> Poste o relatório! (Fixlog.txt)


434264.gif

< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! >


A+

Compartilhar este post


Link para o post
Compartilhar em outros sites
Fix result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01

Ran by henri_000 at 2015-06-23 12:21:47 Run:1

Running from C:\Users\henri_000\Desktop

Loaded Profiles: henri_000 (Available Profiles: henri_000)

Boot Mode: Normal

==============================================


fixlist content:

*****************

start

CloseProcesses:

emptytemp:

HKU\S-1-5-21-2481831376-2314398108-120359188-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]

2015-06-21 13:45 - 2015-06-21 13:45 - 00001422 _____ C:\Users\henri_000\Desktop\JRT.txt

2015-06-21 13:35 - 2015-06-21 13:35 - 00000207 _____ C:\Windows\tweaking.com-regbackup-MATIELLO-Windows-8.1-(64-bit).dat

2015-06-21 13:32 - 2015-06-21 13:33 - 02950750 _____ (Thisisu) C:\Users\henri_000\Desktop\JRT.exe

2015-06-21 00:05 - 2015-06-21 00:05 - 00002539 _____ C:\Users\henri_000\Desktop\ZHPFixReport.txt

2015-06-20 21:59 - 2015-06-20 21:59 - 00122900 _____ C:\Users\henri_000\Desktop\ZHPDiag.txt

2015-06-20 21:57 - 2015-06-20 21:57 - 00000512 _____ C:\PhysicalDisk0_MBR.bin

2015-06-20 21:52 - 2015-06-21 00:05 - 00000000 ____D C:\Users\henri_000\AppData\Roaming\ZHP

2015-06-20 21:52 - 2015-06-20 21:52 - 00002005 _____ C:\Users\henri_000\Desktop\ZHPFix.lnk

2015-06-20 21:52 - 2015-06-20 21:52 - 00001874 _____ C:\Users\henri_000\Desktop\ZHPDiag.lnk

2015-06-20 21:52 - 2015-06-20 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

2015-06-20 21:52 - 2015-06-20 21:52 - 00000000 ____D C:\Program Files (x86)\ZHPDiag

2015-06-20 21:50 - 2015-06-20 21:51 - 06880102 _____ (Nicolas Coolman ) C:\Users\henri_000\Downloads\ZHPDiag2.exe

2015-06-20 17:30 - 2015-06-20 17:30 - 00000000 ____D C:\Users\henri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

2015-06-20 17:30 - 2015-06-20 17:30 - 00000000 ____D C:\Program Files (x86)\Trend Micro

2015-06-20 17:27 - 2015-06-20 17:38 - 00000000 ____D C:\HijackThis

CreateRestorePoint:

Reboot:

end

*****************


Processes closed successfully.

HKU\S-1-5-21-2481831376-2314398108-120359188-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully

HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully

HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully

HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully

"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key removed successfully

PCDSRVC{3B54B31B-D06B6431-06020200}_0 => Service removed successfully

C:\Users\henri_000\Desktop\JRT.txt => moved successfully.

C:\Windows\tweaking.com-regbackup-MATIELLO-Windows-8.1-(64-bit).dat => moved successfully.

C:\Users\henri_000\Desktop\JRT.exe => moved successfully.

C:\Users\henri_000\Desktop\ZHPFixReport.txt => moved successfully.

C:\Users\henri_000\Desktop\ZHPDiag.txt => moved successfully.

C:\PhysicalDisk0_MBR.bin => moved successfully.

C:\Users\henri_000\AppData\Roaming\ZHP => moved successfully.

C:\Users\henri_000\Desktop\ZHPFix.lnk => moved successfully.

C:\Users\henri_000\Desktop\ZHPDiag.lnk => moved successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP => moved successfully.

C:\Program Files (x86)\ZHPDiag => moved successfully.

C:\Users\henri_000\Downloads\ZHPDiag2.exe => moved successfully.

C:\Users\henri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis => moved successfully.

C:\Program Files (x86)\Trend Micro => moved successfully.

C:\HijackThis => moved successfully.

Restore point was successfully created.

EmptyTemp: => 2 GB temporary data Removed.



The system needed a reboot..


==== End of Fixlog 12:23:06 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

/!\ Bom Dia! .matiello /!\

 

> Poste o relatório da ferramenta CTR.

 

> Baixe: < SFT_Icon_zpsf8e1bf56.pngSFTGC > ( ... de Pierre13 )
> Tendo dificuldades no download,utilize o navegador Internet Explorer.
> Salve-o no desktop!
> Para Windows Vista e 7,execute "SFTGC.exe" como administrador!
SFTGC_Go_zps151dad06.jpg
> Execute-o e clique "Go".
> Aguarde seu término,que é rápido.
> Poste o relatório! ( SFT.txt )
> Ps: De acordo com o tamanho do relatório,não poste-o diretamente!
> Acesse,para esta tarefa! < Cjoint_Logo.jpg >
A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

/!\ Bom Dia! .matiello /!\

 

> O relatório da ferramenta CTR,pode ser colado diretamente em seu Post.

 

> Caso não haja mais problemas,remova as ferramentas que foram utilizadas na desinfecção!
> Baixe: < delfix_108_zps75ef8ba4.jpg > ( ... de Xplode )
DelFix_Download_zpsb5d944c7.jpg
> Link alternativo: < delfix_1.010.exe >
> Estando na página,clique em Download Now.
> Salve-a em um local conveniente! ( desktop! )
> Feche aplicativos que estejam abertos.
a2UgMDf.jpg
> Remover ferramentas de desinfecção
> Criar backup do registro
> Limpar pontos da restauração do sistema
> Redefinir as configurações do sistema
> Com estas caixinhas marcadas,clique Executar!
> Reinicie o computador ao concluir!
> Tudo Ok?
A+

Compartilhar este post


Link para o post
Compartilhar em outros sites
Rapport de Contrôle restrictions Pierre13 (CTR version 2.0.0.2 ) du 23\06\2015 à 12:19:03

PC de henri_000

Windows 8.1 (64 bits)


Réparation erreur 2203 effectuée.


Contrôle présence restrictions


[TROJ_POWELIKS.B] clé feature_browser_emulation supprimée.

[bKDR_BLACKEN.A] clé Check_Associations supprimée.

[bKDR_BLACKEN.A] clé DisableFirstRunCustomize supprimée.

[bKDR_BLACKEN.A] clé WarnOnClose corrigée.

Autorisation installation sponsor Java(x86) supprimée.

Autorisation installation sponsor Java(x64) supprimée.

Restriction Affichage Documents récents supprimée.

Restriction Affichage Documents supprimée.

Restriction synchronisation en arrière-plan des flux d’informations et des Web Slices supprimée.

Restriction découverte des flux RSS et des Web Slices supprimée.

Pavé numérique activé.

Restriction utilisateur pour Windows Installer supprimée.

Recherche Windows Update rétablie.

Service Pare feu Windows activé.

Paramètres Pare feu Windows rétablis par défaut et activé.


237 restrictions contrôlées.


14 restriction(s) réparée(s).

Re démarrer le PC pour prendre en compte la ou les réparations.



Le rapport est sur le bureau (C:\Users\henri_000\Desktop\CTR.txt)

Compartilhar este post


Link para o post
Compartilhar em outros sites

/!\ Olá! .matiello /!\

 

> Seus logs estão limpos! :)

> Seu hotmail ainda apresenta problemas?

 

A+

Compartilhar este post


Link para o post
Compartilhar em outros sites

/!\ Olá! .matiello /!\

 

> Normalmente a DelFix autodesinstala durante sua execução!

> Quanto ao SFTGC e CTR,pode excluir pastas,arquivos ou atalhos!

 

> Bom trabalho!

 

Abs!

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.