Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Boa tarde pc lento, navegadores travando,
seguelog...
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:48:06, on 10/01/2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbwmgr.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe
C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com.br/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8555;https=127.0.0.1:8555
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Google Update] "C:\Users\Usuario\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: internetbanking.caixa.gov.br
O15 - Trusted Zone: internetbankingpf.caixa.gov.br
O15 - Trusted Zone: www.caixa.gov.br
O15 - Trusted Zone: http://www.caixa.gov.br
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe--
End of file - 12041 bytes
/!\ Boa Noite! Ionara /!\
Copie estas informações que estão em vermelho,para o Bloco de Notas.
Salve-as com o nome fixlist. << Texto!
Salve-as no desktop! (** Área de trabalho ... ) -/- C:\Users\Usuario\Desktop** <<
start
CloseProcesses:
HKU\S-1-5-21-4088202244-695289871-602143169-1000\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
ProxyServer: [s-1-5-21-4088202244-695289871-602143169-1000] => http=127.0.0.1:8555;https=127.0.0.1:8555
S1 mosfilterdrv; system32\drivers\mosfilterdrv.sys [X]
2014-11-23 16:01 - 2014-11-23 16:01 - 0000227 _____ () C:\ProgramData\bc.ini
Task: {03E994D3-08A5-49AD-A554-45B7586F719F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {10111258-6185-408B-B840-D1A5217426D5} - System32\Tasks\{81A286C5-ECF0-4FAA-B8E6-3CA71606D8AF} => pcalua.exe -a "C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46DWYPP1\iGBPCEFgb[1].exe" -d C:\Users\Usuario\DesktopTask: {676D6BF7-39DD-4EB4-9E2F-56C539EC78AB} - System32\Tasks\{0AAEEAEA-C5AB-421D-BC73-74825497DC95} => pcalua.exe -a E:\SETUP.EXE -d E:\
FirewallRules: [{9FE50098-C291-4DEE-A513-96CCBE97AEC8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{88B40F6B-6F87-4533-BABB-570F0012811B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{284BCC4D-83B2-40E4-B4C6-172D3D4D79C7}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{2B24B699-D0DC-49C2-AC91-1170C4EF5CA2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{51BA35DA-78EF-49C6-89FD-D34D8E5A4D24}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{9C886FBD-D72D-4B63-9D6D-CE2D7474533E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{77B688FD-1973-44A1-9420-67BFFF11C117}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{4A183D4D-107A-45FC-AB8E-E290BADEE126}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{26D2B37B-8D94-46A7-98EA-3B3E40437CF2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exeExecute FRST/FRST64 >> Clique "Corrigir" << Aguarde!
Na mensagem,clique Executar.
Poste o relatório! (Fixlog.txt)
/applications/core/interface/imageproxy/imageproxy.php?img=http://r17.imgfast.net/users/1712/29/07/67/smiles/434264.gif&key=8b580fd8c41338fe0925cd84ba4dbbb4293b15fe6a04cbd03d242b4e86624720" alt="434264.gif" />
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! >
A+
Boa noite,
segue log.
Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão:10-01-2015 01
Executado por Usuario (2016-01-12 20:37:45) Run:1
Executando a partir de C:\Users\Usuario\Desktop
Perfis Carregados: Usuario (Perfis Disponíveis: Usuario & Reparo & Convidado)
Modo da Inicialização: Normal
==============================================
fixlist Conteúdo:
*****************
start
CloseProcesses:
HKU\S-1-5-21-4088202244-695289871-602143169-1000\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
ProxyServer: [s-1-5-21-4088202244-695289871-602143169-1000] => http=127.0.0.1:8555;https=127.0.0.1:8555
S1 mosfilterdrv; system32\drivers\mosfilterdrv.sys [X]
2014-11-23 16:01 - 2014-11-23 16:01 - 0000227 _____ () C:\ProgramData\bc.ini
Task: {03E994D3-08A5-49AD-A554-45B7586F719F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {10111258-6185-408B-B840-D1A5217426D5} - System32\Tasks\{81A286C5-ECF0-4FAA-B8E6-3CA71606D8AF} => pcalua.exe -a "C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46DWYPP1\iGBPCEFgb[1].exe" -d C:\Users\Usuario\DesktopTask: {676D6BF7-39DD-4EB4-9E2F-56C539EC78AB} - System32\Tasks\{0AAEEAEA-C5AB-421D-BC73-74825497DC95} => pcalua.exe -a E:\SETUP.EXE -d E:\
FirewallRules: [{9FE50098-C291-4DEE-A513-96CCBE97AEC8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{88B40F6B-6F87-4533-BABB-570F0012811B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{284BCC4D-83B2-40E4-B4C6-172D3D4D79C7}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{2B24B699-D0DC-49C2-AC91-1170C4EF5CA2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{51BA35DA-78EF-49C6-89FD-D34D8E5A4D24}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{9C886FBD-D72D-4B63-9D6D-CE2D7474533E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{77B688FD-1973-44A1-9420-67BFFF11C117}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{4A183D4D-107A-45FC-AB8E-E290BADEE126}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{26D2B37B-8D94-46A7-98EA-3B3E40437CF2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exeProcessos fechados com sucesso.
HKU\S-1-5-21-4088202244-695289871-602143169-1000\Software\Microsoft\Windows\CurrentVersion\Run\\KSS => valor removido (a) com sucesso.
HKU\S-1-5-21-4088202244-695289871-602143169-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => valor não encontrado (a).
mosfilterdrv => serviço removido (a) com sucesso.
C:\ProgramData\bc.ini => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{03E994D3-08A5-49AD-A554-45B7586F719F}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03E994D3-08A5-49AD-A554-45B7586F719F}" => chave removido (a) com sucesso.
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10111258-6185-408B-B840-D1A5217426D5}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10111258-6185-408B-B840-D1A5217426D5}" => chave removido (a) com sucesso.
C:\Windows\System32\Tasks\{81A286C5-ECF0-4FAA-B8E6-3CA71606D8AF} => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{81A286C5-ECF0-4FAA-B8E6-3CA71606D8AF}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5752978-ED90-4313-8304-6BA9B63DB3D3}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5752978-ED90-4313-8304-6BA9B63DB3D3}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4C00E39F-EC56-418C-8BED-28239473F78A}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E80D6459-376F-4A79-9847-01B95C21C281}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E80D6459-376F-4A79-9847-01B95C21C281}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{676D6BF7-39DD-4EB4-9E2F-56C539EC78AB}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{676D6BF7-39DD-4EB4-9E2F-56C539EC78AB}" => chave removido (a) com sucesso.
C:\Windows\System32\Tasks\{0AAEEAEA-C5AB-421D-BC73-74825497DC95} => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0AAEEAEA-C5AB-421D-BC73-74825497DC95}" => chave removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9FE50098-C291-4DEE-A513-96CCBE97AEC8} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{88B40F6B-6F87-4533-BABB-570F0012811B} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{284BCC4D-83B2-40E4-B4C6-172D3D4D79C7} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2B24B699-D0DC-49C2-AC91-1170C4EF5CA2} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{51BA35DA-78EF-49C6-89FD-D34D8E5A4D24} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C886FBD-D72D-4B63-9D6D-CE2D7474533E} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{77B688FD-1973-44A1-9420-67BFFF11C117} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A183D4D-107A-45FC-AB8E-E290BADEE126} => valor removido (a) com sucesso.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{26D2B37B-8D94-46A7-98EA-3B3E40437CF2} => valor removido (a) com sucesso.C:\Users\Usuario\AppData\Local\Temp\AdbeRdr11000_pt_BR.exe => movido com sucesso
C:\Users\Usuario\AppData\Local\Temp\GURB817.exe => movido com sucesso
C:\Users\Usuario\AppData\Local\Temp\SkypeSetup.exe => movido com sucesso========= RemoveProxy: =========
HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => valor removido (a) com sucesso.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.
HKU\S-1-5-21-4088202244-695289871-602143169-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => valor removido (a) com sucesso.
HKU\S-1-5-21-4088202244-695289871-602143169-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => valor removido (a) com sucesso.
HKU\S-1-5-21-4088202244-695289871-602143169-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.
HKU\S-1-5-21-4088202244-695289871-602143169-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.========= Fim de RemoveProxy: =========
C:\Windows\System32\Drivers\etc\hosts => movido com sucesso
Hosts restaurado com sucesso.
EmptyTemp: => 499.7 MB de dados temporários Removidos.
O sistema precisou ser reiniciado.
==== Fim de Fixlog 20:38:59 ====
/!\ Boa Noite! Ionara /!\
Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/ZHPCleaner_zps71d274df.jpg&key=dfc2cbaf1226075546950032c506270c0439c57203ca7c527f7221c835e7cf3f" alt="ZHPCleaner_zps71d274df.jpg" /> > ( ... de Nicolas Coolman )
Ou |Aqui!| << Mirror!
Estando na página,clique /applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/7ukwnm8.jpg&key=411680a7552ecf5560e81caa8178fc7cb71e09190a8cbd96b9b9f256cdfd3139" alt="7ukwnm8.jpg" />
Salve-a no desktop! ( ZHPCleaner.exe )
Execute ZHPCleaner.exe <<
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/psizeTv.jpg&key=1c335172bd8813ee2a17270ffc592714466fd22e6a0d02e01289ff5a950048d6" alt="psizeTv.jpg" />
Clique "Eu".
Clique Scanner.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/ljOOETD.jpg&key=17f616a66a0ac1f98d58b7ad72fc71eb684f7e9613c302777e420d4af6d64274" alt="ljOOETD.jpg" />
Aguarde a conclusão!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/9g2LW3p.jpg&key=0e1bebfae36cbb4c260bebf282446e492aa1234bbb6cdf835ba00e03c61990c3" alt="9g2LW3p.jpg" />
Ao concluir,clique Reparar.
Acesse as guias que estão assinaladas em vermelho.
Clique Reparar ou desmarque algum ítem que seja Falso Positivo.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/fN86PG8.jpg&key=0627b2d6ba9a8d38506700f60ee02989c4346b5b8c2a5f812deb142e1dc5d4dd" alt="fN86PG8.jpg" />
Ao concluir,clique Relatório!
Poste o log de reparo: ~ Type : Reparo
A+
Bom dia,
segue log.
~ ZHPCleaner v2016.1.12.7 by Nicolas Coolman (2016/01/12)
~ Run by Usuario (Administrator) (13/01/2016 07:34:59)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparo
~ Report : C:\Users\Usuario\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Usuario\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
---\\ Serviços (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.
---\\ Navegadores de Internet (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.
---\\ Arquivo hosts (1)
~ O arquivo hosts é legítimo (1)
---\\ Tarefas automáticas agendadas. (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.
---\\ Explorer ( Arquivos, Pastas) (2)
MOVIDO arquivo: C:\Users\Usuario\AppData\Local\CrashRpt =>.Superfluous.CrashReports
MOVIDO arquivo: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\CrashRpt =>.Superfluous.CrashReports
---\\ Registro ( Chaves, Valores, Dados ) (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.
---\\ Resumo dos elementos encontrados na sua estação de trabalho (1)
http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.CrashReports
---\\ Dodatkowe oczyszczenie. (129)
~ Chave de registro Tracing Supprimido (129)
~ Remover os relatórios antigos ZHPCleaner. (0)
---\\ Resultado de reparação
Reparação efectuada com sucesso
~ Este navegador está faltando ! (Mozilla Firefox)
~ Este navegador está faltando ! (Opera Software)
---\\ Estatísticas
~ Items scan : 367
~ Items encontrado : 0
~ items cancelados : 0
~ Items réparo : 2
~ End of clean in 00h00mn04s
===================
ZHPCleaner-[R]-13012016-07_35_03.txt
ZHPCleaner--13012016-07_32_32.txt
/!\ Bom Dia! Ionara /!\
Baixe: < PrivaZer >
Salve-o ao desktop!
>
Assista à este vídeo,que lhe dará maiores detalhes quanto ao uso ou configuração.
Baixe-o pelo link que lhe indiquei logo àcima.
Informe os resultados!
Abs!
Boa tarde,
o vídeo é muito ruim, mas rodei o privazer,
limpou dados, liberou espaço, enfim,
só não localizei nenhum log do histórico de atividades,
acho que deve ter funcionado,
att.
PROBLEMA RESOLVIDO
Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
/!\ Boa Noite! Ionara /!\
< Farbar Recovery Scan Tool 64-Bit >
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/gVW2tHN.jpg&key=8a4d8a4134e07ee10ae8ae0806be72d8705c19e1c848b05588fb8569bedc9cf4" alt="gVW2tHN.jpg" />
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/EUE4tdb.jpg&key=a1493902e025170e24c1db9b5cbad8c87dbfb6dcd8089f17bcd66f77da7e54c1" alt="EUE4tdb.jpg" />
/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/acrVh6GY.jpg&key=a98031df11d71116e6fc6fe6586a03c4ab49a7be484751ed5881cb409d37ce42" alt="acrVh6GY.jpg" />
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Copierlelien_zpsd51f499f.jpg&key=660428e74964025a431cba1b51ee2132f7bbee4aaf74172bd3f0a3be25c5b2b1" alt="Copierlelien_zpsd51f499f.jpg" />
A+