Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
fiz um scan com o meu antiviurs em modo boot e encontrou um cavalo de troia e o meu receio é que ainda continue infectado
segue-se os logs
segue-se o log
Fix result of Farbar Recovery Scan Tool (x64) Version: 28-05-2017
Ran by Pedro Quesado (01-06-2017 13:38:12) Run:1
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro Quesado (Available Profiles: Pedro Quesado & Pedro Alves)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CloseProcesses:
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
FF Extension: (Avast SafePrice) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\ixdg9mn0.default\Extensions\sp@avast.com.xpi [2017-05-03]
S3 dbx; system32\DRIVERS\dbx.sys [X]
2016-12-18 11:18 - 2016-12-18 11:18 - 0000000 _____ () C:\Users\Pedro\AppData\Local\{9FF9CF5E-BED5-4069-86F2-28076ED22E66}
2016-12-10 21:38 - 2016-12-10 21:38 - 0000000 _____ () C:\Users\Pedro\AppData\Local\{CD14F4C2-D7D0-4137-870B-C7B16CF75F45}
2017-04-06 18:38 - 2017-04-06 18:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-04 16:17 - 2016-08-04 16:17 - 0000016 _____ () C:\ProgramData\mntemp
C:\Users\Pedro\bulletjme.dll
C:\Users\Pedro\lwjgl64.dll
C:\Users\Pedro\OpenAL64.dll
CreateRestorePoint:
RemoveProxy:
EmptyTemp:
Reboot:
end
*****************
Processes closed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" => not found.
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\ixdg9mn0.default\Extensions\sp@avast.com.xpi => moved successfully
HKLM\System\CurrentControlSet\Services\dbx => key removed successfully
dbx => service removed successfully
C:\Users\Pedro\AppData\Local\{9FF9CF5E-BED5-4069-86F2-28076ED22E66} => moved successfully
C:\Users\Pedro\AppData\Local\{CD14F4C2-D7D0-4137-870B-C7B16CF75F45} => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\mntemp => moved successfully
C:\Users\Pedro\bulletjme.dll => moved successfully
C:\Users\Pedro\lwjgl64.dll => moved successfully
C:\Users\Pedro\OpenAL64.dll => moved successfully
Restore point was successfully created.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2955925240-1096623219-443652941-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2955925240-1096623219-443652941-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
=========== EmptyTemp: ==========
BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 52481216 B
Java, Flash, Steam htmlcache => 138483288 B
Windows/system/drivers => 969458 B
Edge => 11265332 B
Chrome => 0 B
Firefox => 85665774 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 12302 B
NetworkService => 0 B
Pedro => 23724387 B
Pedro Alves => 36580007 B
RecycleBin => 1037 B
EmptyTemp: => 342 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 13:40:19 ====/_ Boa Tarde! Pedroalves _\
> Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/ZHPCleaner_zps71d274df.jpg&key=dfc2cbaf1226075546950032c506270c0439c57203ca7c527f7221c835e7cf3f" /> > ( /applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/6LcRokv.jpg&key=4684c965737c18f7476fe10aa0d12f9a5f0279583460e462d3bcad9875ed3ea0" /> ... de Nicolas Coolman )
> Ou |Aqui!| << Mirror!
>
Citar
https://www.youtube.com/watch?v=8olWT8u5RYQ
> Caso tenha algum impedimento ao download,assista este tutorial que foi postado no YouTube,para desativar o Windows SmartScreen.
> Estando na página,clique
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/7ukwnm8.jpg&key=411680a7552ecf5560e81caa8178fc7cb71e09190a8cbd96b9b9f256cdfd3139" />
> Salve-a no desktop! ( ZHPCleaner.exe )
> Desabilite seu antivírus e execute ZHPCleaner.exe <<
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/psizeTv.jpg&key=1c335172bd8813ee2a17270ffc592714466fd22e6a0d02e01289ff5a950048d6" />
> Clique "Eu".
> Clique Scanner.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/ljOOETD.jpg&key=17f616a66a0ac1f98d58b7ad72fc71eb684f7e9613c302777e420d4af6d64274" />
> Aguarde a conclusão!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/9g2LW3p.jpg&key=0e1bebfae36cbb4c260bebf282446e492aa1234bbb6cdf835ba00e03c61990c3" />
> Ao concluir,clique Reparar.
> Surgirão guias que estarão em vermelho,indicando problemas a serem reparados.
> Clique Reparar.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i.imgur.com/fN86PG8.jpg&key=0627b2d6ba9a8d38506700f60ee02989c4346b5b8c2a5f812deb142e1dc5d4dd" />
> Ao concluir,clique Relatório!
> Poste o log de reparo: ~ Type : Reparo
[Abs]
segue-se o log
~ ZHPCleaner v2017.6.1.87 by Nicolas Coolman (2017/06/01)
~ Run by Pedro Quesado (Administrator) (02/06/2017 12:09:26)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparo
~ Report : C:\Users\Pedro\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Pedro\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 15063)
---\\ Serviços (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.
---\\ Navegadores de Internet (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.
---\\ Arquivo hosts (1)
~ O arquivo hosts é legítimo (35)
---\\ Tarefas automáticas agendadas. (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.
---\\ Explorer ( Arquivos, Pastas) (67)
MOVIDO pasta: C:\Windows\Installer\wix{7D84E343-A23D-451C-B123-0195B2D903A6}.SchedServiceConfig.rmi =>.Superfluous.Empty
MOVIDO pasta: C:\Windows\Installer\MSI81DC.tmp [Caphyon LTD - Custom action that installs feature-based p] =>.Superfluous.Elex
MOVIDO pasta: C:\Windows\Installer\MSI97AD.tmp [Copyright (C) 2011 Adobe Systems Incorporated and its - PerfInst Dynamic Link Library] =>.Superfluous.Elex
MOVIDO pasta: C:\Windows\Installer\MSIAE43.tmp [Copyright (C) 2011 Adobe Systems Incorporated and its - IWActs Dynamic Link Library] =>.Superfluous.Elex
MOVIDO pasta: C:\Windows\Installer\MSICB5B.tmp [Copyright (C) 2011 Adobe Systems Incorporated and its - PerfInst Dynamic Link Library] =>.Superfluous.Elex
MOVIDO pasta: C:\Users\Pedro\AppData\Local\Temp\dev87A3.tmp =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Pedro\AppData\Local\Temp\ecache.bin =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Pedro\AppData\Local\Temp\ExchangePerflog_8484fa3122feb217cfcccd43.dat =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Pedro\AppData\Local\Temp\wctD40A.tmp =>.Superfluous.Temporary.Various
MOVIDO pasta: C:\Users\Pedro\AppData\Local\Temp\{1A47C42C-6369-4D75-B698-2D7AA516F795} - OProcSessId.dat =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Pedro\AppData\Local\Temp\{9BDE868E-357C-4DDE-82B3-C10A8016199E} - OProcSessId.dat =>.Superfluous.Temporary.Empty
MOVIDO pasta: C:\Users\Pedro\AppData\Local\Temp\{A8A978A1-6922-45AA-ABFB-B3C3B1F522D4} - OProcSessId.dat =>.Superfluous.Temporary.Empty
MOVIDO arquivo: C:\ProgramData\Trymedia =>PUP.Optional.Trymedia
MOVIDO arquivo: C:\Users\Pedro\AppData\Local\Akamai =>.Superfluous.AkamaiHD
MOVIDO arquivo: C:\WINDOWS\Installer\MSI1016.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI1560.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI1C9C.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI23E9.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI2881.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI2CA3.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI2FD2.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI30B8.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI311B.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI31EC.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI3206.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI349D.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI35B2.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI3B8C.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI41F.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI4293.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI43EC.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI44B8.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI450A.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI4E10.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI5033.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI6178.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI65E5.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI7368.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI73D.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI796A.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI8C0B.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI8E3F.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI8E5.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI8F68.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI90A2.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI91EC.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI91FB.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI9335.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI945F.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI9599.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI9636.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSI9A51.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIA085.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIA23C.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIAE55.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIC4F4.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIC570.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSID030.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSID298.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSID912.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSID91D.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIDAE8.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIDC3.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIE0BF.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIEBA9.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIEDCC.tmp- =>.Superfluous.Empty
MOVIDO arquivo: C:\WINDOWS\Installer\MSIF3B3.tmp- =>.Superfluous.Empty
---\\ Registro ( Chaves, Valores, Dados ) (12)
SUPRIMIDO chave*: HKEY_USERS\S-1-5-21-2955925240-1096623219-443652941-1000\SOFTWARE\Akamai [] =>.Superfluous.AkamaiHD
SUPRIMIDO chave: HKCU\Software\Akamai [] =>.Superfluous.AkamaiHD
SUPRIMIDO chave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Akamai [Akamai Technologies, Inc] =>.Superfluous.AkamaiHD
SUPRIMIDO chave*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\soundcloud.com [] =>PUP.Optional.SoundCloud
SUPRIMIDO chave*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\soundcloud.com [] =>PUP.Optional.SoundCloud
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} [OCComSDK 1.0 Type Library] =>Adware.OpenCandy
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01C2B9A91E15D745790BEBE82E5351AC [C:\Program Files\Autodesk\3ds Max 2017\UI_ln\Resources\Dark\Icons\Main\Gravity Space Warp - Gravity_Objects Space Warps - 16.png] =>PUP.Optional.GravitySpace
SUPRIMIDO chave: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} [OCComSDK 1.0 Type Library] =>Adware.OpenCandy
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{48EAAAE9-F628-E8C2-91E9-72B13D43FFC5} [Microsoft Corporations] =>Heuristic.Suspect
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A499443F-F0D4-F8EC-AB29-2016D18A564A} [Microsoft Corporations] =>Heuristic.Suspect
SUPRIMIDO valor: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface ["C:\Users\Pedro\AppData\Local\Akamai\netsession_win.exe"] =>.Superfluous.AkamaiHD
SUPRIMIDO valor: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Akamai NetSession Interface [0x03000000A0DA4AF500A0D201] =>.Superfluous.AkamaiHD
---\\ Resumo dos elementos encontrados na sua estação de trabalho (10)[https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/](https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/) =>PUP.Optional.SoundCloud
[https://nicolascoolman.eu/2017/02/24/adware-opencandy/](https://nicolascoolman.eu/2017/02/24/adware-opencandy/) =>Adware.OpenCandy
[https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/](https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/) =>PUP.Optional.GravitySpace
[https://nicolascoolman.eu/2017/01/28/heuristic-suspect/](https://nicolascoolman.eu/2017/01/28/heuristic-suspect/) =>Heuristic.Suspect
---\\ Dodatkowe oczyszczenie. (30)
~ Chave de registro Tracing Supprimido (30)
~ Remover os relatórios antigos ZHPCleaner. (0)
---\\ Resultado de reparação
Reparação efectuada com sucesso
~ Este navegador está faltando ! (Google Chrome)
~ Este navegador está faltando ! (Opera Software)
---\\ Estatísticas
~ Items scan : 2058
~ Items encontrado : 0
~ items cancelados : 0
~ Items réparo : 79
~ End of clean in 00h00mn27s
~====================
ZHPCleaner-[R]-02062017-12_09_53.txt
ZHPCleaner--02062017-12_09_03.txt/_ Boa Noite! Pedroalves _\
> Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1377.photobucket.com/albums/ah43/caedurodrigues/Removal%2520Tools/SFT_Icon_zpsf8e1bf56.png&key=50ea599a4148658ca55b3ee0c7481356f54733c2bc24a6e3f86d76dad34561da" class="ipsImage" alt="SFT_Icon_zpsf8e1bf56.png" />SFTGC > ( ... de Pierre13 )
< Ou Aqui > << Link!
> Descompacte-o e salve-o ao desktop!
> Desabilite seu antivírus!
> Tendo dificuldades no download,utilize o navegador Internet Explorer.
> Para Windows 10,8.1 e 7,execute "SFTGC.exe" como administrador!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/SFTGC_Go_zps151dad06.jpg&key=1b6242bb716a1a228385ec3e75d2bd83e0dff6646ff08e4d73d5097c9c6f66c5" class="ipsImage" alt="SFTGC_Go_zps151dad06.jpg" />
> Execute-o e clique "Go".
> Aguarde seu término,que é rápido.
> Poste o relatório! ( SFT.txt )
> Ps: De acordo com o tamanho do relatório,não poste-o diretamente!
> Acesse,para esta tarefa! < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Cjoint_Logo.jpg&key=bc3f249ffa4fec167155636520ebfd1fed8f6c8d63b5aa0b8cd82fb55aa2edb7" class="ipsImage" alt="Cjoint_Logo.jpg" /> >
[Abs]
segue-se o link do log
/_ Boa Noite! Pedroalves _\
Seu antivírus ainda detecta algo?
Tudo Ok?
[]s
vou fazer o scan e ver se detecta alguma coisa
ja agora é normal ter mais que consola windows host quando o windows esta a fazer Microsoft Compatibility Telemetry
ja agora nos logs tinha mais infecções
/_ Bom Dia! Pedroalves _\
Ok! Caso haja detecções maliciosas de seu antivírus,poste-as aqui para darmos prosseguimento por meio da AdwCleaner e o engenho da Eset em seu modo diagnóstico.
Cabendo exclarecer que em dependência da heurística de alguns engenhos antivírus,podem ser detectados falsos positivos. Onde,para isto,fazemos uso das regras de exceção contidas em suas configurações.
[]s
aqui esta o resultado do log
03/06/2017 09:45
Verificação de C:
Verificação de *STARTUP
Ficheiro C:\Program Files\Epic Games\UE_4.15\Engine\Plugins\Experimental\AlembicImporter\Source\ThirdParty\Alembic\zlib-1.2.5\build\zlib-1.2.5.tar.gz|>zlib-1.2.5.tar|>zlib-1.2.5\contrib\dotzlib\DotZLib.chm|>DotZLib.Codec.html Erro 42136 {O ficheiro CHM está corrupto.}
Ficheiro C:\Program Files\Epic Games\UE_4.15\Engine\Plugins\Experimental\AlembicImporter\Source\ThirdParty\Alembic\zlib-1.2.5\Src\contrib\dotzlib\DotZLib.chm|>DotZLib.Codec.html Erro 42136 {O ficheiro CHM está corrupto.}
Ficheiro C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\ActiveCheck\product_line\AddData.cab|>HPSAObjUtil8.exe Erro 42127 {O ficheiro CAB está corrupto.}
Número de pastas processadas: 147541
Número de ficheiros testados: 4012376
Número de ficheiros infetados: 0
o meu avast não detectou nada
/_ Bom Dia! Pedroalves _\
Estes ficheiros que apresentam corrupção podem ser o resultado de instalações mal executadas,de alguns softwares. Nada comprometedor ao Sistema,pois atingem os não-Microsoft.
Ps: Manualmente,eles podem ser substituídos ou deletados,mas tenho minhas dúvidas se isto irá lhe trazer visíveis benefícios.
Portanto,sua máquina está livre de malwares.
[Abs]
obrigada pela ajuda
PROBLEMA RESOLVIDOCaso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
/_ Boa Noite! Pedroalves _\
> Copie estas informações que estão no spoiler,para o Bloco de Notas.
> Salve-as com o nome fixlist. << Texto!
> Salve-as no desktop! ( Área de trabalho ... )
start
CloseProcesses:
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
FF Extension: (Avast SafePrice) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\ixdg9mn0.default\Extensions\sp@avast.com.xpi [2017-05-03]
S3 dbx; system32\DRIVERS\dbx.sys [X]
2016-12-18 11:18 - 2016-12-18 11:18 - 0000000 _____ () C:\Users\Pedro\AppData\Local\{9FF9CF5E-BED5-4069-86F2-28076ED22E66}
2016-12-10 21:38 - 2016-12-10 21:38 - 0000000 _____ () C:\Users\Pedro\AppData\Local\{CD14F4C2-D7D0-4137-870B-C7B16CF75F45}
2017-04-06 18:38 - 2017-04-06 18:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-04 16:17 - 2016-08-04 16:17 - 0000016 _____ () C:\ProgramData\mntemp
C:\Users\Pedro\bulletjme.dll
C:\Users\Pedro\lwjgl64.dll
C:\Users\Pedro\OpenAL64.dll
CreateRestorePoint:
RemoveProxy:
EmptyTemp:
Reboot:
end
> Execute FRST/FRST64 >> Clique "Corrigir" << Aguarde!
> Poste o relatório "Resultado da Correção pela Farbar Recovery Scan Tool". (Fixlog.txt)
> Este e outros relatórios,podem ser encontrados na pasta: Disco Local (C) > FRST > Logs
/applications/core/interface/imageproxy/imageproxy.php?img=http://r17.imgfast.net/users/1712/29/07/67/smiles/434264.gif&key=8b580fd8c41338fe0925cd84ba4dbbb4293b15fe6a04cbd03d242b4e86624720" />
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! >
[Abs]