Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
A poucos dias notei que meu Pc esta dando uns pequenos freezs tanto em jogo, pagina de internet, programa de edição de fotos, em tudo que uso, ai usei o Combofix, ele achou que achou uma ameaça, mas mesmo assim não resolveu.
Combofix Log:
http://pjjoint.malekal.com/files.php?read=20141129_o8w14f8x12f8.
ZHPDiag Log:
http://pjjoint.malekal.com/files.php?read=20141129_q13h13p10m12h14
Boa Tarde! NARAKO
Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://hijackthis.nl/smeenk/Zoek-exe.png&key=258c0a7e2e2a8839d194a8a472a7fac8b2b0a57b6edfe01c0c75632b2d33ae07" alt="Zoek-exe.png" /> > ( ... by Smeenk )
< /applications/core/interface/imageproxy/imageproxy.php?img=http://www.imgdumper.nl/uploads6/51a612a8b2bc1/51a612a8b27e2-Zoek.png&key=b080d87f02699d418b53b08471d428294848da3b0e2385f0657dbc188036baad" alt="51a612a8b27e2-Zoek.png" />zoek.exe >
Salve-o ao desktop!
Desabilite seu antivírus!
Para Windows 7,execute zoek.exe como administrador.
autoclean;
emptyalltemp;Copie e cole estas informações,que estão em vermelho,no campo da ferramenta.
Clique "Run Script".
>
Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
Surgirão informações,pedindo-lhe que aguarde o surgimento do relatório.
Ps: Essas informações,podem permanecer estáticas na tela por 20 minutos ou mais.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Zoek_Reboot_zpscf60b3cf.jpg&key=cd3dbc8b6058332b5ca134f03724ff8c45ff51d7f31a8c732301729c7a9e6c94" alt="Zoek_Reboot_zpscf60b3cf.jpg" />
Confirme o reboot!
>
zoek.hta failed by unknown error.
Restart computer, and try again.
Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
Poste o relatório,que estará em C:\zoek-results.txt <<
A+
Bom Dia! NARAKO
Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Logo2_zps580bcd78.jpg&key=71530441ef1621c6398a69f0f5fae6f7f5c87897579baf8487ec306c4e109626" alt="AdwCleaner_Logo2_zps580bcd78.jpg" /> > ( ... par Xplode )>
Ou daqui: < AdwCleaner >>
Ao acessar,clique em "Download Now".
Salve-o no desktop!
< /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" /> >
Clique direito em adwcleaner.exe,e escolha sua execução como administrador.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/AdwCleaner_Examinar_zps828ed634.jpg&key=ab3daa6c25adcfd393aa42949dcd0177a1c4f1dba193cc7c9704843f6ef97402" alt="AdwCleaner_Examinar_zps828ed634.jpg" />
Ps: Dê início ao scan,clicando em "Examinar".
< /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Limpar_zps06005ae9.jpg&key=e03b122437ba41a51aeb80130d87464e234beda92d71d6cab1205ee84e50d78e" alt="AdwCleaner_Limpar_zps06005ae9.jpg" /> >
Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
Copie o log ou clique "Relatório".
Poste: < C:\AdwCleaner\AdwCleaner[s0].txt >
A+
Adwcleaner Log: http://pjjoint.malekal.com/files.php?id=20141130_r9k13m15r12t5
depois que fiz a prate do zoek ja vi me lhora.... mas se tiver alguma coisa a + a fazer eu faço. ^^
Boa Tarde! NARAKO
Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/FRST_Logo.jpg&key=c15718bb8dd09587f9609594b5c08ed5e52c3c9d1c882702f6697f6f447d11bc" alt="FRST_Logo.jpg" /> > ( ... by Farbar )
No banner àcima,é para sistemas 32bits!
< Farbar Recovery Scan Tool 64-Bit >
No link àcima,é para sistemas 64bits!
Salve-o no desktop! (Área de trabalho ...)
Execute a ferramenta! Clique "Yes" >> "Scan".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/FRST_Addition_Scan_zpsa9fe21c8.jpg&key=57413e2cacfcda8498eac29552ca9f75b4e4f153241a12d409a31b0737393661" alt="FRST_Addition_Scan_zpsa9fe21c8.jpg" />
Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
Poste os relatórios! (FRST.txt + Addition.txt)
Como o log será extenso,envie-o à /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Cjoint_Logo.jpg&key=bc3f249ffa4fec167155636520ebfd1fed8f6c8d63b5aa0b8cd82fb55aa2edb7" alt="Cjoint_Logo.jpg" /> >
/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/acrVh6GY.jpg&key=a98031df11d71116e6fc6fe6586a03c4ab49a7be484751ed5881cb409d37ce42" alt="acrVh6GY.jpg" />
O link ao relatório,que é este assinalado,deverá ser colado em sua resposta.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Copierlelien_zpsd51f499f.jpg&key=660428e74964025a431cba1b51ee2132f7bbee4aaf74172bd3f0a3be25c5b2b1" alt="Copierlelien_zpsd51f499f.jpg" />
Ou clique "**Copier le lien (*)" e cole o link ao seu Post**.
A+
Boa Tarde! NARAKO
Copie estas informações que estão em vermelho,para o Bloco de Notas.
Salve-a com o nome fixlist. << Texto!
Salve-a na pasta Downloads! /!\ C:\Users\Breno\Downloads /!\
start
CloseProcesses:
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3953213382-33664593-4059234609-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR StartupUrls: Default -> "hxxp://search.babylon.com/?affID=111304&tt=3412_7&babsrc=HP_ss&mntrId=26be4e280000000000007071bc4e2fdd", "hxxp://search.babylon.com/?affID=110824&tt=4412_8&babsrc=HP_ss&mntrId=6c61473100000000000000224d48808a", "hxxp://br.hao123.com/?tn=opencd_hp_hao123_br", "hxxp://search.babylon.com/?affID=110824&tt=4512_2&babsrc=HP_ss&mntrId=5447336e00000000000000224d488094", "hxxp://search.babylon.com/?affID=110825&tt=0313_1&babsrc=HP_ss&mntrId=6c61473100000000000000224d48808a", "hxxp://astromenda.com/?f=7&a=ast_ir_14_39_ch&cd=2XzuyEtN2Y1L1QzuyCyEyD0AtDyEtDtCyEtD0D0ByEyByCyCtN0D0Tzu0SzyzytDtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyB0B0DyD0EtA0BtGyD0AyDtAtGtCtA0C0FtG0CyDzz0BtGyEtBtD0D0F0C0CzyyC0D0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0C0D0B0E0DyDyE0AtGzz0B0FyDtGyEyEyD0EtGzz0FtCyDtG0EtD0DtAyDyB0E0A0FyByDtD2Q&cr=241189509&uref=308&ir="
S3 catchme; \??\C:\Users\Breno\AppData\Local\Temp\catchme.sys [X]
2014-11-30 14:43 - 2014-11-30 14:43 - 00000810 _____ () C:\Users\Breno\Desktop\AdwCleaner[R0].txt
2014-11-30 14:40 - 2014-11-30 14:41 - 00000000 ____D () C:\AdwCleaner
2014-11-30 14:39 - 2014-11-30 14:39 - 02148864 _____ () C:\Users\Breno\Downloads\adwcleaner_4.102 (1).exe
2014-11-30 00:28 - 2014-11-30 00:28 - 00007166 _____ () C:\Users\Breno\Desktop\zoek-results.txt
2014-11-30 00:28 - 2014-11-30 00:28 - 00000197 _____ () C:\Windows\system32\2014-11-30-03-28-03.068-AvastVBoxSVC.exe-2652.log
2014-11-30 00:23 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-30 00:07 - 2014-11-30 00:25 - 00007163 _____ () C:\zoek-results.log
2014-11-30 00:04 - 2014-11-30 00:21 - 00000000 ____D () C:\zoek_backup
2014-11-30 00:02 - 2014-11-30 00:05 - 00000000 ____D () C:\Users\Breno\Desktop\Zoek
2014-11-30 00:01 - 2014-11-30 00:02 - 04270204 _____ () C:\Users\Breno\Desktop\zoek.zip
2014-11-29 23:52 - 2014-11-29 23:52 - 00000197 _____ () C:\Windows\system32\2014-11-30-02-52-13.012-AvastVBoxSVC.exe-5360.log
2014-11-29 14:45 - 2014-11-29 14:45 - 00000360 _____ () C:\Windows\DirectX.log
2014-11-29 14:35 - 2014-11-29 14:35 - 00002328 _____ () C:\Users\Breno\Desktop\ZHPFix[R1].txt
2014-11-29 14:33 - 2014-11-29 14:33 - 00002328 _____ () C:\Users\Breno\Desktop\ZHPFixReport.txt
2014-11-29 14:33 - 2014-11-29 14:33 - 00002158 _____ () C:\script.txt
2014-11-29 14:31 - 2014-11-29 14:31 - 03520003 _____ (Nicolas Coolman ) C:\Users\Breno\Downloads\ZHPFix.exe
2014-11-29 14:31 - 2014-11-29 14:31 - 00001849 _____ () C:\Users\Public\Desktop\ZHPFix.lnk
2014-11-29 14:31 - 2014-11-29 14:31 - 00000000 ____D () C:\Program Files (x86)\ZHPFix
2014-11-29 14:16 - 2014-11-29 14:16 - 00000197 _____ () C:\Windows\system32\2014-11-29-17-16-22.028-AvastVBoxSVC.exe-1940.log
2014-11-29 10:00 - 2014-11-29 10:00 - 00123065 _____ () C:\ZHPDiag.txt
2014-11-29 09:58 - 2014-11-29 09:58 - 00123065 _____ () C:\Users\Breno\Desktop\ZHPDiag.txt
2014-11-29 09:46 - 2014-11-29 09:58 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2014-11-29 09:41 - 2014-11-29 14:33 - 00000000 ____D () C:\Users\Breno\AppData\Roaming\ZHP
2014-11-29 09:41 - 2014-11-29 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-11-29 09:41 - 2014-11-29 09:41 - 06864042 _____ (Nicolas Coolman ) C:\Users\Breno\Downloads\ZHPDiag2.exe
2014-11-29 09:41 - 2014-11-29 09:41 - 00001987 _____ () C:\Users\Breno\Desktop\ZHPFix.lnk
2014-11-29 09:41 - 2014-11-29 09:41 - 00001860 _____ () C:\Users\Breno\Desktop\ZHPDiag.lnk
2014-11-29 09:41 - 2014-11-29 09:41 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-11-29 03:03 - 2014-11-29 03:03 - 00042009 _____ () C:\Users\Breno\Desktop\1344 2012-10-19 17.47.txt
2014-11-28 19:32 - 2014-11-28 19:32 - 00026749 _____ () C:\ComboFix.txt
2014-11-28 19:27 - 2014-11-28 19:27 - 00000197 _____ () C:\Windows\system32\2014-11-28-22-27-49.091-AvastVBoxSVC.exe-4448.log
2014-11-28 19:14 - 2014-11-28 19:32 - 00000000 ____D () C:\Qoobox
2014-11-28 19:14 - 2011-06-26 03:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-28 19:14 - 2010-11-07 14:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-28 19:14 - 2009-04-20 01:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-28 19:14 - 2000-08-30 21:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-28 19:14 - 2000-08-30 21:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-28 19:14 - 2000-08-30 21:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-28 19:14 - 2000-08-30 21:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-28 19:14 - 2000-08-30 21:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-28 19:13 - 2014-11-28 19:13 - 05577449 ____R (Swearware) C:\Users\Breno\Downloads\ComboFix.exe
2014-11-28 18:54 - 2014-11-28 18:54 - 00000197 _____ () C:\Windows\system32\2014-11-28-21-54-26.059-AvastVBoxSVC.exe-5140.log
2014-11-28 13:06 - 2014-11-28 13:06 - 00000197 _____ () C:\Windows\system32\2014-11-28-16-06-29.007-AvastVBoxSVC.exe-3584.log
2014-11-27 11:10 - 2014-11-27 11:10 - 00000197 _____ () C:\Windows\system32\2014-11-27-14-10-07.000-AvastVBoxSVC.exe-5812.log
2014-11-26 13:11 - 2014-11-26 13:11 - 00000197 _____ () C:\Windows\system32\2014-11-26-16-11-57.076-AvastVBoxSVC.exe-4440.log
2014-11-25 20:56 - 2014-11-25 20:56 - 00000247 _____ () C:\Windows\system32\2014-11-25-23-56-25.058-aswFe.exe-7152.log
2014-11-25 20:51 - 2014-11-25 20:56 - 00000247 _____ () C:\Windows\system32\2014-11-25-23-51-23.019-aswFe.exe-4808.log
2014-11-25 20:51 - 2014-11-25 20:51 - 00000197 _____ () C:\Windows\system32\2014-11-25-23-51-20.001-AvastVBoxSVC.exe-6712.log
2014-11-25 20:43 - 2014-11-30 00:24 - 00059588 _____ () C:\Windows\PFRO.log
2014-11-25 19:08 - 2014-12-01 12:56 - 00002688 _____ () C:\Windows\setupact.log
2014-11-25 19:08 - 2014-11-25 19:08 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-15 14:45 - 2014-11-15 14:45 - 00007044 _____ () C:\Users\Breno\Desktop\h_r_m_txtres_us_02.txt
2014-11-15 14:44 - 2014-11-15 14:44 - 00091668 _____ () C:\Users\Breno\Desktop\h_r_b_txtres_us_01.ztr.txt
2014-11-14 18:34 - 2014-11-14 18:34 - 00000017 _____ () C:\Users\Breno\Desktop\oi cancelamento.txt
2014-11-29 14:33 - 2014-10-11 14:13 - 00000000 ____D () C:\Windows\AutoKMS
C:\Users\Breno\AppData\Local\Temp\sfamcc00001.dll
emptytemp:
end
Execute FRST/FRST64 >> Clique "Fix" << Aguarde!
Na mensagem,clique Executar.
Poste o relatório! (Fixlog.txt)
A+
Boa Noite! NARAKO
Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/ZHPCleaner_zps71d274df.jpg&key=dfc2cbaf1226075546950032c506270c0439c57203ca7c527f7221c835e7cf3f" alt="ZHPCleaner_zps71d274df.jpg" /> > ( ... de Nicolas Coolman )
Estando na página,clique /applications/core/interface/imageproxy/imageproxy.php?img=http://www.nicolascoolman.fr/wp-content/plugins/wpdm-download-button/images/53cb8e11d3f80.jpg&key=f22e14f8b88ac073f4ac557679cbd6389de0f76ac82b2205e2eabc90b05b4280" alt="53cb8e11d3f80.jpg" />
Salve-a no desktop!
Execute-a e ao abrir,clique "J'accept/I Agree".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPCleaner_Tous_zpsae2ad662.jpg&key=8b4849d5007434c317e90970a3351c9e3031bbefb01ed9802d54bb1d1596fa7a" alt="ZHPCleaner_Tous_zpsae2ad662.jpg" />
Para correções mais abrangentes,marque todas as opções disponíveis.
Clique Réparer.
Clique Rapport.
Poste o relatório!
A+
Tópico Arquivado
Como o autor não respondeu por mais de 10 dias, o tópico foi arquivado.
Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.
Boa Tarde! NARAKO
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
[MD5.00000000000000000000000000000000] [APT] [{B3851660-BA40-4B35-B605-40C26DC80247}] (...) -- C:\Program Files (x86)\Dark Souls II Crown of the Ivory King\Game\DarkSoulsII.exe (.not file.) [0]
[MD5.C746CD166372F3C6F364B62F2C2C8B20] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS\AutoKMS.exe [3738624]
[MD5.32EB6532B59AE00571940904935C2984] [APT] [AutoPico Daily Restart] (.@ByELDI.) -- C:\Users\Breno\Desktop\kim\Portable_StonyRay_Stable_v10.0.1\KMSpico Portable\AutoPico.exe [966336]
O3 - Toolbar: (no name) - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Chave orfã
O42 - Logiciel: KMSpico - (...) [HKLM][64Bits] -- {8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1
O42 - Logiciel: KMSpico 8.7 - (...) [HKLM][64Bits] -- KMSpico v8.7_is1
O42 - Logiciel: KMSpico v9.0.5.20131112 - (...) [HKLM][64Bits] -- KMSpico_is1
O43 - CFD: 01/10/2014 - 12:03:20 - [] ----D C:\ProgramData\boost_interprocess
O44 - LFC:[MD5.52D2A02797FE24EE78B39CFA626DD13E] - 25/11/2014 - 08:56:20 ---A- . (...) -- C:\Windows\System32\2014-11-25-23-51-23.019-aswFe.exe-4808.log [247]
O44 - LFC:[MD5.05D1CE334D05028E1BFE984FA55147CD] - 25/11/2014 - 08:56:27 ---A- . (...) -- C:\Windows\System32\2014-11-25-23-56-25.058-aswFe.exe-7152.log [247]
O53 - SMSR:HKLM\...\startupreg\Chew7Hale [Key] . (...) -- C:\Windows\System32\hale.exe
O61 - LFC: 29/11/2014 - 09:57:26 ---A- . (...) -- C:\Users\Breno\AppData\Local\Temp\sfareca00001.dll [158720]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico v8.7_is1]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1]
[HKCU\Software\Conduit]
[HKCU\Software\Softonic]
[HKCU\Software\ParetoLogic]
[HKLM\Software\Chew7]
[HKLM\Software\Wow6432Node\ParetoLogic]
C:\ProgramData\ParetoLogic
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
C:\Users\Breno\AppData\Roaming\ParetoLogic
C:\Windows\AutoKMS\AutoKMS.exe
C:\Users\Breno\Desktop\kim\Portable_StonyRay_Stable_v10.0.1\KMSpico Portable\AutoPico.exe
sysrestore
A+