Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Réparez votre ordinateur gratuitement sur notre assistance en ligne.
  • Avatar du membre
  • Avatar du membre
  • Avatar du membre
Avatar du membre
par joram
#204664
Bonjour! g3n-h@ckm@n

Suis helper et j'ai eu des problèmes pour exécuter l'outil de AdsFix, sur l'ordinateur de l'utilisateur. Il a engendré un rapport complet, mais a donné BSOD et l'utilisateur n'a pas accès à l'écran initial et n'aient pas accès à Windows. Le rapport que je vous envoie, vous pouvez détecter les corrections de problème et de faire de l'ingéniosité qui a mis au point ? Le problème est survenu sur un Windows 8.1.
Descend le rapport.
Pardonnez-moi si ce n'est pas la chambre correcte à poster !

....et le montage !

Pour rassurer tout le monde, l'utilisateur a remarqué l'erreur et a réussi à restaurer l'ordinateur.
J'étais curieux d'essayer de figurer dehors que l'on était l'archive supprimé ou désinfectés, qui a provoqué le symptôme.
Nous devrions considérer, aussi, que ce symptôme peut ont été causé ou induit par l'utilisateur de l'outil à l'aide de faute professionnelle.
-----
-----
Je pense que j'ai posté dans la mauvaise chambre. Déplacer ce sujet, s'il vous plaît, à la chambre correcte.
Code: Tout sélectionner
¤¤¤¤¤¤¤¤¤¤ | AdsFix | g3n-h@ckm@n | 16.09.2014.7

¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 10:59:14 - 17/09/2014

Atualizado : 16/09/2014 | 23.40 Por g3n-h@ckm@nâ„¢
Contact : https://www.sosvirus.net
Assistance : https://www.sosvirus.net/forum-virus-securite.html
Feedbacks : https://www.sosvirus.net/feedbacks-t75915.html
Boot: Normal boot
[Eduardo! (Administrator)] - [EDUARDO] - (Brasil [0416])
SID = S-1-5-21-1807048544-1797508965-3556924721-1001 || [4564756172646f21205e5e]
PC : Dell Inc. - 0NW73C - To be filled by O.E.M.
Bios : Dell Inc. - 10/19/2012
Sistema : Windows 8.1 Pro (64 bits) Professional
Memà³ria RAM = Total (MB) : 8349 | Livre (MB) : 6531
Pagefile = Total (MB) : 9659 | Livre (MB) : 7787
Virtual = Total (MB) : 4194 | Livre (MB) : 3995

Registro protegido, restabelecer : : C:\AdsFix\Save\Registry [17.09.2014 @ 10_59_13] (Clique em Opçàµes & Restabeleça o registro)
A Restauraçà£o de arquivos apagou por engano : Clique em Opçàµes & Restabeleça Arquivos, Selecione um item >> "restaurar"

¤¤¤¤¤¤¤¤¤¤ | Windows atualizado

Nenhuma atualizaçà£o descoberta !!!

¤¤¤¤¤¤¤¤¤¤ | Navegadores

IE : 11.0.9600.17278 (© Microsoft Corporation. Todos os direitos reservados.)
GC : 37.0.2062.120 (Copyright 2012 Google Inc. All rights reserved.)

¤¤¤¤¤¤¤¤¤¤ | Security (atcav : 0)

AV : Windows Defender Disabled
AS : Windows Defender Disabled
FW :
WMI : OK
WU: Windows Update Service [Manual(3)] = Ordem
AS: Windows Defender [Manual(3)] = Ordem
FW: Windows FireWall Service [Auto(2)] = Ordem

¤¤¤¤¤¤¤¤¤¤ | FlashPlayer

ActiveX : 15.0.0.152

¤¤¤¤¤¤¤¤¤¤ | Processos mortos

920 | [Owner : SISTEMA |Parent : 688] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 326.60.) - (8.17.13.2660) = C:\Windows\System32\nvvsvc.exe
960 | [Owner : SISTEMA |Parent : 688] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.2660) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
980 | [Owner : SISTEMA |Parent : 920] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.2660) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
988 | [Owner : SISTEMA |Parent : 920] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 326.60.) - (8.17.13.2660) = C:\Windows\System32\nvvsvc.exe
1460 | [Owner : SISTEMA |Parent : 688] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.3.9600.17238) = C:\Windows\System32\spoolsv.exe
1668 | [Owner : SISTEMA |Parent : 688] - (.Atheros Commnucations - AdminService Application.) - (7.0.2.7) = C:\Windows\System32\AdminService.exe
1712 | [Owner : SERVIà‡O LOCAL |Parent : 492] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (6.3.9600.17031) = C:\Windows\System32\dasHost.exe
2540 | [Owner : SERVIà‡O LOCAL |Parent : 688] - (.Microsoft Corporation - Serviço Gateway de Camada de Aplicativo.) - (6.3.9600.16384) = C:\Windows\System32\alg.exe
2648 | [Owner : SERVIà‡O LOCAL |Parent : 492] - (.Microsoft Corporation - Windows Driver Foundation - Processo de Host da Estrutura de Driver de Modo de Usuà¡rio.) - (6.3.9600.17195) = C:\Windows\System32\WUDFHost.exe
3064 | [Owner : Eduardo! |Parent : 404] - (.Microsoft Corporation - Processo de Host para Tarefas do Windows.) - (6.3.9600.17031) = C:\Windows\System32\taskhostex.exe
3748 | [Owner : Eduardo! |Parent : 980] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.2660) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
3916 | [Owner : Eduardo! |Parent : 764] - (.Microsoft Corporation - OneDrive Sync Engine.) - (6.3.9600.17230) = C:\Windows\System32\SkyDrive.exe
3696 | [Owner : Eduardo! |Parent : 3048] - (.Spotify Ltd - SpotifyWebHelper.) - (0.9.11.27) = C:\Users\Eduardo!\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
2764 | [Owner : Eduardo! |Parent : 2536] - (.Hewlett-Packard - hpwuSchd Application.) - (80.1.1.0) = C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
348 | [Owner : Eduardo! |Parent : 764] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (6.3.9600.17031) = C:\Windows\System32\SettingSyncHost.exe
1196 | [Owner : UpdatusUser |Parent : 688] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - (1.14.17.0) = C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
2912 | [Owner : SERVIà‡O DE REDE |Parent : 688] - (.Microsoft Corporation - Serviço de Compartilhamento de Rede do Windows Media Player.) - (12.0.9600.17031) = C:\Program Files\Windows Media Player\wmpnetwk.exe
4132 | [Owner : Eduardo! |Parent : 648] - (.Microsoft Corporation - Windows Explorer.) - (6.3.9600.17284) = C:\Windows\explorer.exe
4444 | [Owner : SISTEMA |Parent : 688] - (.SurfRight B.V. - HitmanPro Scheduler.) - (3.7.0.5) = C:\Program Files\HitmanPro\hmpsched.exe
5096 | [Owner : SISTEMA |Parent : 688] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.9600.17031) = C:\Windows\System32\SearchIndexer.exe
2320 | [Owner : SERVIà‡O LOCAL |Parent : 492] - (.Microsoft Corporation - Windows Driver Foundation - Processo de Host da Estrutura de Driver de Modo de Usuà¡rio.) - (6.3.9600.17195) = C:\Windows\System32\WUDFHost.exe
1080 | [Owner : SERVIà‡O LOCAL |Parent : 492] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (6.3.9600.17031) = C:\Windows\System32\dasHost.exe

¤¤¤¤¤¤¤¤¤¤ | Tasks



¤¤¤¤¤¤¤¤¤¤ | Serviços


¤¤¤¤¤¤¤¤¤¤ | AppCertDlls | AppInit_DLLs


¤¤¤¤¤¤¤¤¤¤ | Hosts


¤¤¤¤¤¤¤¤¤¤ | SafeBoot

Consertado : [HKLM | Minimal\vga.sys] : -> Driver
Consertado : [HKLM | Minimal\vgasave.sys] : -> Driver

¤

Consertado : [HKLM | Network\vga.sys] : -> Driver
Consertado : [HKLM | Network\vgasave.sys] : -> Driver

¤¤¤¤¤¤¤¤¤¤ | Registro

Apagado prosperamente : HKLM64\SOFTWARE\Classes\RocketEngine.FXEngine
Apagado prosperamente : HKLM\SOFTWARE\Classes\RocketEngine.FXEngine.1.2.7
¤¤¤¤¤¤¤¤¤¤ | AdsFix | g3n-h@ckm@n | 16.09.2014.7

¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 15:00:47 - 17/09/2014

Atualizado : 16/09/2014 | 23.40 Por g3n-h@ckm@nâ„¢
Contact : https://www.sosvirus.net
Assistance : https://www.sosvirus.net/forum-virus-securite.html
Feedbacks : https://www.sosvirus.net/feedbacks-t75915.html
Boot: Normal boot
[Eduardo! (Administrator)] - [EDUARDO] - (f [0416])
SID = S-1-5-21-1807048544-1797508965-3556924721-1001 || [4564756172646f21205e5e]
PC : Dell Inc. - 0NW73C - To be filled by O.E.M.
Bios : Dell Inc. - 10/19/2012
Sistema : Windows 8.1 Pro (64 bits) Professional
Memà³ria RAM = Total (MB) : 8349 | Livre (MB) : 6543
Pagefile = Total (MB) : 9659 | Livre (MB) : 7900
Virtual = Total (MB) : 4194 | Livre (MB) : 3987

Registro protegido, restabelecer : : C:\AdsFix\Save\Registry [17.09.2014 @ 15_00_46] (Clique em Opçàµes & Restabeleça o registro)
A Restauraçà£o de arquivos apagou por engano : Clique em Opçàµes & Restabeleça Arquivos, Selecione um item >> "restaurar"

¤¤¤¤¤¤¤¤¤¤ | Windows atualizado

Nenhuma atualizaçà£o descoberta !!!

¤¤¤¤¤¤¤¤¤¤ | Navegadores

IE : 11.0.9600.17278 (© Microsoft Corporation. Todos os direitos reservados.)
GC : 37.0.2062.120 (Copyright 2012 Google Inc. All rights reserved.)

¤¤¤¤¤¤¤¤¤¤ | Security (atcav : 0)

AV : Windows Defender Disabled
AS : Windows Defender Disabled
FW :
WMI : OK
WU: Windows Update Service [Manual(3)] = Ordem
AS: Windows Defender [Manual(3)] = Ordem
FW: Windows FireWall Service [Auto(2)] = Ordem

¤¤¤¤¤¤¤¤¤¤ | FlashPlayer

ActiveX : 15.0.0.152

¤¤¤¤¤¤¤¤¤¤ | Processos mortos

3180 | [Owner : SERVIà‡O LOCAL |Parent : 492] - (.Microsoft Corporation - Windows Driver Foundation - Processo de Host da Estrutura de Driver de Modo de Usuà¡rio.) - (6.3.9600.17195) = C:\Windows\System32\WUDFHost.exe
3892 | [Owner : SISTEMA |Parent : 688] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.9600.17031) = C:\Windows\System32\SearchIndexer.exe
104 | [Owner : SISTEMA |Parent : 688] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.3.9600.17238) = C:\Windows\System32\spoolsv.exe
4436 | [Owner : SERVIà‡O LOCAL |Parent : 492] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (6.3.9600.17031) = C:\Windows\System32\dasHost.exe
5012 | [Owner : SERVIà‡O LOCAL |Parent : 492] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (6.3.9600.17031) = C:\Windows\System32\dasHost.exe
2008 | [Owner : SERVIà‡O DE REDE |Parent : 688] - (.Microsoft Corporation - Serviço de Compartilhamento de Rede do Windows Media Player.) - (12.0.9600.17031) = C:\Program Files\Windows Media Player\wmpnetwk.exe
3528 | [Owner : SERVIà‡O LOCAL |Parent : 688] - (.Microsoft Corporation - Serviço Gateway de Camada de Aplicativo.) - (6.3.9600.16384) = C:\Windows\System32\alg.exe
2452 | [Owner : Eduardo! |Parent : 4164] - (.Microsoft Corporation - Windows Explorer.) - (6.3.9600.17284) = C:\Windows\explorer.exe
476 | [Owner : Eduardo! |Parent : 764] - (.Microsoft Corporation - OneDrive Sync Engine.) - (6.3.9600.17230) = C:\Windows\System32\SkyDrive.exe
1412 | [Owner : SERVIà‡O LOCAL |Parent : 492] - (.Microsoft Corporation - Windows Driver Foundation - Processo de Host da Estrutura de Driver de Modo de Usuà¡rio.) - (6.3.9600.17195) = C:\Windows\System32\WUDFHost.exe
5080 | [Owner : SERVIà‡O LOCAL |Parent : 492] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (6.3.9600.17031) = C:\Windows\System32\dasHost.exe

¤¤¤¤¤¤¤¤¤¤ | Tasks



¤¤¤¤¤¤¤¤¤¤ | Serviços


¤¤¤¤¤¤¤¤¤¤ | AppCertDlls | AppInit_DLLs


¤¤¤¤¤¤¤¤¤¤ | Hosts


¤¤¤¤¤¤¤¤¤¤ | SafeBoot


¤


¤¤¤¤¤¤¤¤¤¤ | Registro

Apagado prosperamente : HKLM64\SOFTWARE\EnigmaSoftwareGroup
Apagado prosperamente : HKLM\SOFTWARE\EnigmaSoftwareGroup
Apagado prosperamente : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} : BabylonToolbar.dll (String)
Apagado prosperamente : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} : alot.dll;alot.dll (String)
Apagado prosperamente : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} : BabylonToolbar.dll (String)
Apagado prosperamente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} (CLSID)
Apagado prosperamente : [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files\Enigma Software Group\SpyHunter\]
Apagado prosperamente : [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files\Enigma Software Group\SpyHunter\Defs\]
Apagado prosperamente : [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]~[C:\Program Files (x86)\Enigma Software Group\]

¤¤¤¤¤¤¤¤¤¤ | Heuristics


¤¤¤¤¤¤¤¤¤¤ | reparsepoint


¤¤¤¤¤¤¤¤¤¤ | Arquivos

Apagado prosperamente : C:\ProgramData\Internet Plug-Ins (.-.)
Apagado prosperamente : C:\ProgramData\PKP_DLdw.DAT (.-.)
Apagado prosperamente : C:\Users\Eduardo!\AppData\Local\QtCore4.dll (Copyright (C) 2013 Digia Plc and/or its subsidiary(-ies)..-.Qt4) QtCore4.dll
Apagado prosperamente : C:\Users\Eduardo!\AppData\Local\QtGui4.dll (Copyright (C) 2013 Digia Plc and/or its subsidiary(-ies)..-.Qt4) QtGui4.dll
Apagado prosperamente : C:\Users\Eduardo!\AppData\Local\QtNetwork4.dll (Copyright (C) 2013 Digia Plc and/or its subsidiary(-ies)..-.Qt4) QtNetwork4.dll
Apagado prosperamente : C:\Users\Eduardo!\AppData\Local\QtWebKit4.dll (Copyright (C) 2013 Digia Plc and/or its subsidiary(-ies)..-.Qt4) QtWebKit4.dll
Apagado prosperamente : C:\Users\Eduardo!\AppData\Roaming\LaserPrinter (.-.)

¤¤¤¤¤¤¤¤¤¤ | .LNK


¤¤¤¤¤¤¤¤¤¤ | Extensà£o desconhecida abrindo


¤¤¤¤¤¤¤¤¤¤ | Proxy


¤¤¤¤¤¤¤¤¤¤ | Internet Explorer

Consertado : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main]~[Search Bar] : -> https://www.google.com/
Consertado : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main]~[Start Default_Page_URL] : -> https://www.google.com/
Consertado : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : C:\Windows\System32\blank.htm -> C:\WINDOWS\SysWOW64\blank.htm
Consertado : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchURL]~[Default] : -> https://www.google.com/
Consertado : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main]~[CustomizeSearch] : -> https://www.google.com/
Consertado : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Search]~[SearchAssistant] : -> https://www.google.com/
Consertado : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Search]~[Search Bar] : -> https://www.google.com/
Consertado : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Search]~[Start Page] : -> https://www.google.com/
Consertado : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Search]~[Start Default_Page_URL] : -> https://www.google.com/
Consertado : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Search]~[Local Page] : -> C:\WINDOWS\SysWOW64\blank.htm
Consertado : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Search]~[Search Page] : -> https://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Consertado : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Search]~[Default_Search_URL] : -> https://go.microsoft.com/fwlink/?LinkId=54896
Consertado : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Search]~[Default_Page_URL] : -> https://go.microsoft.com/fwlink/?LinkId=69157
Consertado : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Search]~[CustomizeSearch] : -> https://www.google.com/
Consertado : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]~[Tabs] : -> https://www.google.com/
Consertado : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main]~[Start Default_Page_URL] : -> https://www.google.com/
Consertado : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchURL]~[Default] : -> https://www.google.com/
Consertado : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main]~[CustomizeSearch] : -> https://www.google.com/
Consertado : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[SearchAssistant] : -> https://www.google.com/
Consertado : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[Search Bar] : -> https://www.google.com/
Consertado : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[Start Page] : -> https://www.google.com/
Consertado : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[Start Default_Page_URL] : -> https://www.google.com/
Consertado : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[Local Page] : -> C:\WINDOWS\SysWOW64\blank.htm
Consertado : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[Search Page] : -> https://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Consertado : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[Default_Search_URL] : -> https://go.microsoft.com/fwlink/?LinkId=54896
Consertado : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[Default_Page_URL] : -> https://go.microsoft.com/fwlink/?LinkId=69157
Consertado : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[CustomizeSearch] : -> https://www.google.com/
Consertado : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]~[Tabs] : -> https://www.google.com/
Consertado : [HKU\S-1-5-21-1807048544-1797508965-3556924721-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Start Default_Page_URL] : -> https://www.google.com/
Consertado : [HKU\S-1-5-21-1807048544-1797508965-3556924721-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Local Page] : C:\WINDOWS\system32\blank.htm -> C:\WINDOWS\SysWOW64\blank.htm
Consertado : [HKU\S-1-5-21-1807048544-1797508965-3556924721-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[Default_Search_URL] : -> https://go.microsoft.com/fwlink/?LinkId=54896
Consertado : [HKU\S-1-5-21-1807048544-1797508965-3556924721-1001\SOFTWARE\Microsoft\Internet Explorer\SearchURL]~[Default] : -> https://www.google.com/
Consertado : [HKU\S-1-5-21-1807048544-1797508965-3556924721-1001\SOFTWARE\Microsoft\Internet Explorer\Main]~[CustomizeSearch] : -> https://www.google.com/
Consertado : [HKU\S-1-5-21-1807048544-1797508965-3556924721-1001\SOFTWARE\Microsoft\Internet Explorer\Search]~[SearchAssistant] : -> https://www.google.com/
Consertado : [HKU\S-1-5-21-1807048544-1797508965-3556924721-1001\SOFTWARE\Microsoft\Internet Explorer\Search]~[Search Bar] : -> https://www.google.com/
Consertado : [HKU\S-1-5-21-1807048544-1797508965-3556924721-1001\SOFTWARE\Microsoft\Internet Explorer\Search]~[Start Page] : -> https://www.google.com/
Consertado : [HKU\S-1-5-21-1807048544-1797508965-3556924721-1001\SOFTWARE\Microsoft\Internet Explorer\Search]~[Start Default_Page_URL] : -> https://www.google.com/
Consertado : [HKU\S-1-5-21-1807048544-1797508965-3556924721-1001\SOFTWARE\Microsoft\Internet Explorer\Search]~[Local Page] : -> C:\WINDOWS\SysWOW64\blank.htm
Consertado : [HKU\S-1-5-21-1807048544-1797508965-3556924721-1001\SOFTWARE\Microsoft\Internet Explorer\Search]~[Search Page] : -> https://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Consertado : [HKU\S-1-5-21-1807048544-1797508965-3556924721-1001\SOFTWARE\Microsoft\Internet Explorer\Search]~[Default_Search_URL] : -> https://go.microsoft.com/fwlink/?LinkId=54896
Consertado : [HKU\S-1-5-21-1807048544-1797508965-3556924721-1001\SOFTWARE\Microsoft\Internet Explorer\Search]~[Default_Page_URL] : -> https://go.microsoft.com/fwlink/?LinkId=69157
Consertado : [HKU\S-1-5-21-1807048544-1797508965-3556924721-1001\SOFTWARE\Microsoft\Internet Explorer\Search]~[CustomizeSearch] : -> https://www.google.com/
Consertado : [HKU\S-1-5-21-1807048544-1797508965-3556924721-1001\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]~[Tabs] : -> https://www.google.com/

¤¤¤¤¤¤¤¤¤¤ | Google Chrome

Apagado prosperamente : C:\Users\Eduardo!\AppData\Local\Google\Chrome\User Data\Default\Web Data (.-.) Reponha para zerar prosperamente : SearchURL

C:\Users\Eduardo!\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Eduardo!\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [https://docs.google.com/https://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx
C:\Users\Eduardo!\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - https://www.youtube.com - https://www.youtube.com/?feature=ytca - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Eduardo!\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - https://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - https://clients2.google.com/service/update2/crx
C:\Users\Eduardo!\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Eduardo!\AppData\Local\Google\Chrome\User Data\Default\extensions\lneaknkopdijkpnocmklfnjbeapigfbh = : Google & co - https://maps.google.com/ - https://maps.google.com/ - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Eduardo!\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\Eduardo!\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - https://clients2.google.com/service/update2/crx

¤¤¤¤¤¤¤¤¤¤ | Chromium



¤¤¤¤¤¤¤¤¤¤ | Comodo Dragon



¤¤¤¤¤¤¤¤¤¤ | Firefox



¤¤¤¤¤¤¤¤¤¤ | SeaMonkey



¤¤¤¤¤¤¤¤¤¤ | Pale moon



¤¤¤¤¤¤¤¤¤¤ | Opera



¤¤¤¤¤¤¤¤¤¤ | Spark



¤¤¤¤¤¤¤¤¤¤ | StartMenuInternet


¤¤¤¤¤¤¤¤¤¤ | Javascript


¤¤¤¤¤¤¤¤¤¤ | Firewall


¤¤¤¤¤¤¤¤¤¤ | ADS

¤¤¤¤¤¤¤¤¤¤ | Arquivos temporà¡rios

[All Users] Arquivos temporà¡rios Apagado : 0 Ko
[Default] Arquivos temporà¡rios Apagado : 0 Ko
[Default User] Arquivos temporà¡rios Apagado : 0 Ko
[Default.migrated] Arquivos temporà¡rios Apagado : 0 Ko
[Eduardo!] Arquivos temporà¡rios Apagado : 0 Ko
[Public] Arquivos temporà¡rios Apagado : 0 Ko
[Todos os Usuà¡rios] Arquivos temporà¡rios Apagado : 0 Ko
[UpdatusUser] Arquivos temporà¡rios Apagado : 0 Ko
[Usuà¡rio Padrà£o] Arquivos temporà¡rios Apagado : 0 Ko
[C:\WINDOWS\Temp] Arquivos temporà¡rios Apagado : 7 Ko
[C:\Temp] Arquivos temporà¡rios Apagado : 0 Ko


Outros relatà³rios


¤¤¤¤¤¤¤¤¤¤ | Listing


¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86)

[22/08/2013 10:36:15] - |D| - C:\Program Files (x86)\Common Files
[17/02/2014 20:19:25] - |D| - C:\Program Files (x86)\DAEMON Tools Lite
[22/08/2013 12:36:33] - |ASH| - C:\Program Files (x86)\desktop.ini
[16/09/2014 15:49:30] - |D| - C:\Program Files (x86)\ESET
[13/01/2014 16:00:48] - |D| - C:\Program Files (x86)\Google
[16/09/2014 22:05:29] - |A| - C:\Program Files (x86)\HitmanPro_x64.exe
[12/02/2014 18:22:48] - |D| - C:\Program Files (x86)\HP
[12/02/2014 18:23:00] - |D| - C:\Program Files (x86)\HP Photo Creations
[22/08/2013 12:36:30] - |D| - C:\Program Files (x86)\Internet Explorer
[04/02/2014 06:13:29] - |D| - C:\Program Files (x86)\Java
[12/02/2014 18:23:02] - |D| - C:\Program Files (x86)\Microsoft
[17/02/2014 20:23:04] - |D| - C:\Program Files (x86)\Microsoft Analysis Services
[17/02/2014 20:22:59] - |D| - C:\Program Files (x86)\Microsoft Office
[17/02/2014 20:24:21] - |D| - C:\Program Files (x86)\Microsoft SQL Server
[22/08/2013 12:36:30] - |D| - C:\Program Files (x86)\Microsoft.NET
[17/02/2014 20:23:59] - |D| - C:\Program Files (x86)\Mozilla Firefox
[05/03/2014 19:01:19] - |D| - C:\Program Files (x86)\MPC-HC
[15/09/2014 19:30:57] - |D| - C:\Program Files (x86)\MSBuild
[25/06/2014 16:13:38] - |D| - C:\Program Files (x86)\MSXML 4.0
[07/05/2014 18:47:13] - |D| - C:\Program Files (x86)\Nikon
[27/06/2014 02:29:43] - |D| - C:\Program Files (x86)\NVIDIA Corporation
[15/09/2014 19:30:57] - |D| - C:\Program Files (x86)\Reference Assemblies
[22/08/2013 12:36:30] - |D| - C:\Program Files (x86)\Windows Defender
[22/08/2013 12:36:30] - |D| - C:\Program Files (x86)\Windows Mail
[22/08/2013 12:36:30] - |D| - C:\Program Files (x86)\Windows Media Player
[22/08/2013 12:36:30] - |D| - C:\Program Files (x86)\Windows Multimedia Platform
[22/08/2013 12:36:30] - |D| - C:\Program Files (x86)\Windows NT
[22/08/2013 12:36:30] - |D| - C:\Program Files (x86)\Windows Photo Viewer
[22/08/2013 12:36:30] - |D| - C:\Program Files (x86)\Windows Portable Devices
[22/08/2013 12:36:30] - |SHD| - C:\Program Files (x86)\Windows Sidebar
[22/08/2013 12:36:30] - |D| - C:\Program Files (x86)\WindowsPowerShell
[13/03/2014 16:11:06] - |D| - C:\Program Files (x86)\WinRAR

¤¤¤¤¤¤¤¤¤¤ | C:\Program Files

[17/09/2014 10:24:42] - |D| - C:\Program Files\Adware-Removal-Tool
[13/01/2014 05:44:53] - |SHD| - C:\Program Files\Arquivos Comuns
[22/08/2013 10:36:15] - |D| - C:\Program Files\Common Files
[22/08/2013 12:36:45] - |ASH| - C:\Program Files\desktop.ini
[16/09/2014 22:20:03] - |D| - C:\Program Files\HitmanPro
[12/02/2014 18:22:47] - |D| - C:\Program Files\HP
[22/08/2013 12:36:31] - |D| - C:\Program Files\Internet Explorer
[17/02/2014 20:23:04] - |D| - C:\Program Files\Microsoft Analysis Services
[17/02/2014 20:22:57] - |D| - C:\Program Files\Microsoft Office
[17/02/2014 20:23:51] - |D| - C:\Program Files\Microsoft SQL Server
[17/02/2014 20:24:21] - |D| - C:\Program Files\Microsoft.NET
[15/09/2014 19:30:53] - |D| - C:\Program Files\MSBuild
[27/06/2014 02:29:43] - |D| - C:\Program Files\NVIDIA Corporation
[15/09/2014 19:30:53] - |D| - C:\Program Files\Reference Assemblies
[26/07/2012 04:22:18] - |HD| - C:\Program Files\Uninstall Information
[22/08/2013 12:36:31] - |D| - C:\Program Files\Windows Defender
[18/03/2014 06:47:04] - |D| - C:\Program Files\Windows Journal
[22/08/2013 12:36:31] - |D| - C:\Program Files\Windows Mail
[22/08/2013 12:36:31] - |D| - C:\Program Files\Windows Media Player
[22/08/2013 12:36:31] - |D| - C:\Program Files\Windows Multimedia Platform
[22/08/2013 12:36:31] - |D| - C:\Program Files\Windows NT
[22/08/2013 12:36:31] - |D| - C:\Program Files\Windows Photo Viewer
[22/08/2013 12:36:31] - |D| - C:\Program Files\Windows Portable Devices
[22/08/2013 12:36:31] - |SHD| - C:\Program Files\Windows Sidebar
[22/08/2013 12:36:31] - |HD| - C:\Program Files\WindowsApps
[22/08/2013 12:36:31] - |D| - C:\Program Files\WindowsPowerShell

¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86)\Common Files

[07/05/2014 18:45:23] - |D| - C:\Program Files (x86)\Common Files\InstallShield
[04/02/2014 06:13:40] - |D| - C:\Program Files (x86)\Common Files\Java
[22/08/2013 12:36:30] - |D| - C:\Program Files (x86)\Common Files\Microsoft Shared
[07/05/2014 18:47:14] - |D| - C:\Program Files (x86)\Common Files\Nikon
[22/08/2013 12:36:30] - |D| - C:\Program Files (x86)\Common Files\Services
[22/08/2013 12:36:30] - |D| - C:\Program Files (x86)\Common Files\System
[23/05/2014 08:38:25] - |D| - C:\Program Files (x86)\Common Files\Wise Installation Wizard

¤¤¤¤¤¤¤¤¤¤ | C:\Program Files\Common Files

[28/06/2014 00:32:09] - |D| - C:\Program Files\Common Files\Atheros
[17/02/2014 20:24:32] - |D| - C:\Program Files\Common Files\DESIGNER
[17/09/2014 10:24:42] - |D| - C:\Program Files\Common Files\Microsoft
[22/08/2013 12:36:31] - |D| - C:\Program Files\Common Files\microsoft shared
[22/08/2013 12:36:31] - |D| - C:\Program Files\Common Files\Services
[13/01/2014 05:44:53] - |SHD| - C:\Program Files\Common Files\Sistema
[22/08/2013 12:36:31] - |D| - C:\Program Files\Common Files\System

¤¤¤¤¤¤¤¤¤¤ | C:\Users\Eduardo!\AppData\Roaming

[13/01/2014 06:12:03] - |D| - C:\Users\Eduardo!\AppData\Roaming\Adobe
[26/01/2014 19:51:47] - |D| - C:\Users\Eduardo!\AppData\Roaming\Baidu Security
[17/02/2014 20:19:28] - |D| - C:\Users\Eduardo!\AppData\Roaming\DAEMON Tools Lite
[16/09/2014 11:36:48] - |D| - C:\Users\Eduardo!\AppData\Roaming\ESET
[12/02/2014 18:22:57] - |D| - C:\Users\Eduardo!\AppData\Roaming\HpUpdate
[27/06/2014 09:08:43] - |D| - C:\Users\Eduardo!\AppData\Roaming\Identities
[13/01/2014 09:16:29] - |D| - C:\Users\Eduardo!\AppData\Roaming\Macromedia
[27/06/2014 02:35:19] - |SD| - C:\Users\Eduardo!\AppData\Roaming\Microsoft
[05/03/2014 19:02:27] - |D| - C:\Users\Eduardo!\AppData\Roaming\MPC-HC
[25/06/2014 16:17:13] - |D| - C:\Users\Eduardo!\AppData\Roaming\Nero
[07/05/2014 18:47:30] - |D| - C:\Users\Eduardo!\AppData\Roaming\Nikon
[12/07/2014 18:01:04] - |D| - C:\Users\Eduardo!\AppData\Roaming\Spotify
[16/03/2014 19:19:52] - |D| - C:\Users\Eduardo!\AppData\Roaming\WinRAR

¤¤¤¤¤¤¤¤¤¤ | C:\Users\Eduardo!\AppData\Local

[17/09/2014 10:31:49] - |D| - C:\Users\Eduardo!\AppData\Local\Apps
[21/05/2014 17:38:20] - |D| - C:\Users\Eduardo!\AppData\Local\Axialis
[18/04/2014 14:23:00] - |D| - C:\Users\Eduardo!\AppData\Local\cache
[27/06/2014 02:35:19] - |SHD| - C:\Users\Eduardo!\AppData\Local\Dados de Aplicativos
[17/09/2014 10:31:49] - |D| - C:\Users\Eduardo!\AppData\Local\Deployment
[16/04/2014 19:45:09] - |D| - C:\Users\Eduardo!\AppData\Local\ElevatedDiagnostics
[14/07/2014 18:19:47] - |SHD| - C:\Users\Eduardo!\AppData\Local\EmieSiteList
[14/07/2014 18:19:47] - |SHD| - C:\Users\Eduardo!\AppData\Local\EmieUserList
[16/09/2014 11:36:48] - |D| - C:\Users\Eduardo!\AppData\Local\ESET
[04/02/2014 06:20:42] - |D| - C:\Users\Eduardo!\AppData\Local\GAS Tecnologia
[13/01/2014 16:00:44] - |D| - C:\Users\Eduardo!\AppData\Local\Google
[27/06/2014 02:35:19] - |SHD| - C:\Users\Eduardo!\AppData\Local\Histà³rico
[12/02/2014 18:22:01] - |D| - C:\Users\Eduardo!\AppData\Local\HP
[13/01/2014 06:56:11] - |AH| - C:\Users\Eduardo!\AppData\Local\IconCache.db
[12/07/2014 17:37:19] - |A| - C:\Users\Eduardo!\AppData\Local\libeay32.dll
[12/07/2014 17:37:20] - |A| - C:\Users\Eduardo!\AppData\Local\log.txt
[27/06/2014 02:35:19] - |D| - C:\Users\Eduardo!\AppData\Local\Microsoft
[17/02/2014 20:22:59] - |D| - C:\Users\Eduardo!\AppData\Local\Microsoft Help
[12/07/2014 17:37:19] - |A| - C:\Users\Eduardo!\AppData\Local\msvcp100.dll
[12/07/2014 17:37:19] - |A| - C:\Users\Eduardo!\AppData\Local\msvcr100.dll
[13/01/2014 06:11:28] - |D| - C:\Users\Eduardo!\AppData\Local\Packages
[04/02/2014 06:20:42] - |D| - C:\Users\Eduardo!\AppData\Local\Programs
[12/07/2014 18:21:45] - |D| - C:\Users\Eduardo!\AppData\Local\Spotify
[12/07/2014 17:37:19] - |A| - C:\Users\Eduardo!\AppData\Local\ssleay32.dll
[27/06/2014 02:35:19] - |SHD| - C:\Users\Eduardo!\AppData\Local\Temporary Internet Files
[12/07/2014 17:37:20] - |A| - C:\Users\Eduardo!\AppData\Local\viewer.txt
[13/01/2014 06:11:31] - |D| - C:\Users\Eduardo!\AppData\Local\VirtualStore

¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData

[12/02/2014 18:22:09] - |A| - C:\ProgramData\Ament.ini
[22/08/2013 11:45:52] - |SHD| - C:\ProgramData\Application Data
[26/01/2014 19:56:32] - |D| - C:\ProgramData\Baidu Security
[26/01/2014 20:00:18] - |D| - C:\ProgramData\Connectify
[13/01/2014 05:44:53] - |SHD| - C:\ProgramData\Dados de Aplicativos
[17/02/2014 20:18:49] - |D| - C:\ProgramData\DAEMON Tools Lite
[22/08/2013 11:45:52] - |SHD| - C:\ProgramData\Desktop
[13/01/2014 05:44:53] - |SHD| - C:\ProgramData\Documentos
[22/08/2013 11:45:52] - |SHD| - C:\ProgramData\Documents
[07/05/2014 18:45:27] - |D| - C:\ProgramData\EnterNHelp
[04/02/2014 06:20:42] - |D| - C:\ProgramData\GAS Tecnologia
[04/02/2014 06:21:00] - |D| - C:\ProgramData\GbPlugin
[16/09/2014 22:19:26] - |D| - C:\ProgramData\HitmanPro
[12/02/2014 18:22:48] - |D| - C:\ProgramData\HP
[12/02/2014 18:23:00] - |D| - C:\ProgramData\HP Photo Creations
[26/01/2014 19:56:28] - |D| - C:\ProgramData\Log
[15/09/2014 17:06:23] - |D| - C:\ProgramData\Malwarebytes
[13/01/2014 05:44:53] - |SHD| - C:\ProgramData\Menu Iniciar
[22/08/2013 10:36:15] - |SD| - C:\ProgramData\Microsoft
[17/02/2014 20:22:55] - |D| - C:\ProgramData\Microsoft Help
[13/01/2014 05:44:53] - |SHD| - C:\ProgramData\Modelos
[25/06/2014 16:14:15] - |D| - C:\ProgramData\Nero
[14/07/2014 18:10:40] - |A| - C:\ProgramData\ntuser.dat
[14/07/2014 18:10:40] - |ASH| - C:\ProgramData\ntuser.dat.LOG1
[14/07/2014 18:10:40] - |ASH| - C:\ProgramData\ntuser.dat.LOG2
[14/07/2014 18:10:40] - |ASH| - C:\ProgramData\ntuser.dat{c7ebc17b-0afb-11e4-bea6-5cf9ddece5bb}.TM.blf
[14/07/2014 18:10:40] - |ASH| - C:\ProgramData\ntuser.dat{c7ebc17b-0afb-11e4-bea6-5cf9ddece5bb}.TMContainer00000000000000000001.regtrans-ms
[14/07/2014 18:10:40] - |ASH| - C:\ProgramData\ntuser.dat{c7ebc17b-0afb-11e4-bea6-5cf9ddece5bb}.TMContainer00000000000000000002.regtrans-ms
[27/06/2014 02:30:11] - |D| - C:\ProgramData\NVIDIA
[27/06/2014 02:29:48] - |D| - C:\ProgramData\NVIDIA Corporation
[04/02/2014 06:13:55] - |D| - C:\ProgramData\Oracle
[13/01/2014 06:11:28] - |D| - C:\ProgramData\PRICache
[22/08/2013 12:36:30] - |D| - C:\ProgramData\regid.1991-06.com.microsoft
[22/08/2013 11:45:52] - |SHD| - C:\ProgramData\Start Menu
[04/02/2014 06:13:40] - |D| - C:\ProgramData\Sun
[04/02/2014 06:20:19] - |D| - C:\ProgramData\Temp
[22/08/2013 11:45:52] - |SHD| - C:\ProgramData\Templates
[07/05/2014 18:45:27] - |D| - C:\ProgramData\Ultima_T15
[12/02/2014 18:23:00] - |D| - C:\ProgramData\Visan

¤¤¤¤¤¤¤¤¤¤ | C:\WINDOWS\Tasks

[17/09/2014 10:32:20] - |A| - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[17/09/2014 10:32:20] - |A| - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[22/08/2013 11:45:54] - |AH| - C:\WINDOWS\Tasks\SA.DAT

¤¤¤¤¤¤¤¤¤¤ | C:\WINDOWS\System32\Tasks

[22/08/2013 12:36:31] - |D| - C:\WINDOWS\System32\Tasks\Microsoft

Analisados : 134413 | Modificados : 0 | Infetado : 24

¤¤¤¤¤¤¤¤¤¤ |EOF| ¤¤¤¤¤¤¤¤¤¤ | 15:23:37 | [32 Ko]
Avatar du membre
par g3n-h@ckm@n
#205232
Oi eu penso que é "Hitman Pro" que nà£o apoiou (urso) para ser prendido assim de repente.

Também pode chegar se SPyhunter mudasse o MBR.

à‰ na primeira vez quando eu ver um BSOD com adsfix. Eu nà£o penso que a preocupaçà£o (calêndula) vem dele, caso contrà¡rio o relatà³rio (relaçà£o) nà£o mostra para isto.

Obrigado

¤¤¤¤¤¤¤¤¤¤ | Processos mortos

4444 | [Owner : SISTEMA |Parent : 688] - (.SurfRight B.V. - HitmanPro Scheduler.) - (3.7.0.5) = C:\Program Files\HitmanPro\hmpsched.exe
Avatar du membre
par ladlasheikh
#216998
vous pouvez détecter les corrections de problème et de faire de l'ingéniosité qui a mis au point ?















_____________________________________________________________________________________________________



Modifié en dernier par ladlasheikh le sam. 18 avr. 2015 13:17, modifié 1 fois.
Avatar du membre
par g3n-h@ckm@n
#216999
hello elle veut rien dire ta question
    suspicion de contamination

    ok très bien, merci

    ZHPDiag détecte des problèmes

    Bonjour Jacques, Peux tu transmettre ton rapport[…]

    Bonjour pas de réponse je ferme

    Bienvenue sur la zone de Feedback

    Ce forum est destiné à recevoir les […]