[Arquivado] Não consigo ativar nenhum antivirus!

[Ionara 2]

Segue log hijackthis......

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:59:34, on 27/08/2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\SupTab\HpUI.exe
C:\Program Files (x86)\SupTab\Loader32.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1409045324&from=bxk1&uid=WDCXWD5000AAKX-001CA0_WD-WCAYUFT4816148161&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1409045324&from=bxk1&uid=WDCXWD5000AAKX-001CA0_WD-WCAYUFT4816148161&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O12 - Plugin for .spop: C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: Watchdog do AVG (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10595 bytes

[DigRam 144]

Boa Noite! Ionara

 

|- Baixe: < Security Check > ( ... by screen317 )

|- < Link - 2 >

|- Salve-o no desktop!
|- Duplo-clique em SecurityCheck.exe



|- Siga as instruções e poste o relatório. ( checkup.txt )

 

-/-

 

|- Baixe: < > ( ... par Xplode )

|- Ao acessar,clique em "Download Now".
|- Ps: Se utilizar o navegador IE9,desabilite o filtro "SmartScreen".
|- Salve-o no desktop!

< >

|- Clique direito em adwcleaner.exe,e escolha sua execução como administrador.



|- Ps: Dê início ao scan,clicando em "Examinar".

< >

|- Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
|- Copie o log ou clique "Relatório".
|- Poste: < C:\AdwCleaner\AdwCleaner[s0].txt >

Abs!

[Ionara 2]

Bem estava usando o Karspesky trial,

terminou o período de avaliação, tentei instalar

o AVG 2014, não conseguia ativá-lo, o Avira

instalei e desinstalei, agora o AVast está funcionando,

porém o AVG que aparece como desligado, não desisntala

pelo painel de controle e com o Revo ele nem aparece...

 

segue log adwcleaner

 

# AdwCleaner v3.308 - Relatório criado 28/08/2014 às 06:17:56
# Atualizado 20/08/2014 por Xplode
# Sistema Operacional : Windows 7 Home Premium (64 bits)
# Usuário : reparo - CASA-PC
# Executando de : C:\Users\reparo\Desktop\adwcleaner_3.308.exe
# Opção : Limpar

***** [ Serviços ] *****

Serviço Deletada : IePluginServices
Serviço Deletada : WindowsMangerProtect

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\IePluginServices
Pasta Deletada : C:\ProgramData\WindowsMangerProtect
Pasta Deletada : C:\Program Files (x86)\SupTab
[#] Pasta Deletada : C:\Users\Public\Documents\baidu
Pasta Deletada : C:\Users\reparo\AppData\Local\Babylon
Pasta Deletada : C:\Users\reparo\AppData\Roaming\Babylon
Pasta Deletada : C:\Users\reparo\AppData\Roaming\baidu
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\SearchTheWeb.xml

***** [ Tarefas ] *****


***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancerService_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancerService_RASMANCS
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\SupHpUISoft
Chave Deletedo : HKLM\SOFTWARE\SupDp
Chave Deletedo : HKLM\SOFTWARE\SupTab
Chave Deletedo : HKLM\SOFTWARE\supWindowsMangerProtect
Chave Deletedo : HKLM\SOFTWARE\supWPM
Chave Deletedo : HKLM\SOFTWARE\webssearchesSoftware
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect

***** [ Navegadores ] *****

-\\ Internet Explorer v0.0.0.0

Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]

-\\ Mozilla Firefox v31.0 (x86 pt-BR)

[ Arquivo : C:\Users\Nara\AppData\Roaming\Mozilla\Firefox\Profiles\4ej3vhqz.default\prefs.js ]


[ Arquivo : C:\Users\reparo\AppData\Roaming\Mozilla\Firefox\Profiles\rbh8i03t.default\prefs.js ]


[ Arquivo : C:\Users\TEMP\AppData\Roaming\Mozilla\Firefox\Profiles\zdt96tt7.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [10544 octets] - [30/07/2014 21:27:54]
AdwCleaner[R1].txt - [10605 octets] - [30/07/2014 21:28:44]
AdwCleaner[R2].txt - [4350 octets] - [28/08/2014 06:16:27]
AdwCleaner[s0].txt - [10282 octets] - [30/07/2014 21:29:27]
AdwCleaner[s1].txt - [3517 octets] - [28/08/2014 06:17:56]

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [3577 octets] ##########

 

e o log checkout

 

Results of screen317's Security Check version 0.99.87
Windows 7 x64 (UAC is disabled!)
Out of date service pack!!
``````````````Antivirus/Firewall Check:``````````````
AVG AntiVirus Free Edition 2014
avast! Antivirus
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 65
Java version out of Date!
Adobe Flash Player 14.0.0.145
Adobe Reader 10.1.10 Adobe Reader out of Date!
Mozilla Firefox (31.0)
Google Chrome 35.0.1916.153
Google Chrome 36.0.1985.125
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: =
````````````````````End of Log``````````````````````

[DigRam 144]

Bom Dia! Ionara

 

< AVG Remover (64 bits) >

|- Baixe e salve este removedor,em seu desktop.
|- Feche programas que estejam abertos,pois haverá reboot ao concluir o scan.
|- Execute o arquivo "avg_remover_stf_x64_2014_4116.exe" e aguarde sua conclusão!

-/-

 

|- Complementarei a remoção de resquícios do AVG e Kaspersky,com a ferramenta ZHPFix.

 

|- Baixe: < ZHPDiag2.exe > < > ( ... de Nicolas Coolman )
|- Salve-o no disco local! ( C ou D )
|- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.



|- Execute o ícone do pergaminho. ( ZHPDiag )



|- Clique "COMPLETA" e aguarde a conclusão!
|- Clique OK e,ao concluir,poste o relatório! ( ZHPDiag.txt )
|- Ps: Como o log será extenso,envie-o à Pjjoint.malekal.

|- Ou acesse: < >

|- Maiores informações: < |Link| >

A+

[Ionara 2]

Boa noite,

 

foram removidos

o AVG e resquícios do

karspesky...

 

log postado no tópico indicado.

 

obrigada,

[DigRam 144]

Boa Noite! Ionara

 

|- Houve um engano,pois o link obtido é para ser colado aqui e agora. rsr...

|- Ps: Entendi o que houve! Você colou o relatório lá no Tutorial que trata de hospedagens.

|- Não se preocupe,deixe que resolvo esse engano.

 

-/-

 

|- Execute este script na ferramenta ZHPFix.
|- Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
|- Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
|- À seguir,minimize o Bloco de Notas.

Script ZHPFix
Firewallraz
Emptyprefetch
[MD5.169180F02ABCECA5DE72FC5EEBC861BB] [sPRF][07/08/2014] (.No owner - Setup/Uninstall.) -- C:\Users\reparo\AppData\Roaming\unins000.exe [730322]
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
O42 - Logiciel: New Destiny versão 7.57 - (.Star Group.) [HKLM][64Bits] -- {3E61DDE5-0D27-40E8-AA2C-D6C9E343D7T7}_is1
O42 - Logiciel: Star Destiny versão 3.7 - (.Star Group.) [HKLM][64Bits] -- {3E61DDE5-0D27-40E8-AA2C-D6C9E343D7T4}_is1
O43 - CFD: 07/08/2014 - 12:42:45 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 13/01/2014 - 11:12:19 - [] ----D C:\ProgramData\Log
O43 - CFD: 28/07/2014 - 20:08:36 - [] ----D C:\Users\reparo\AppData\Roaming\Baidu Security
O45 - LFCP:[MD5.7DD3B266B4FACAB6FA5DF877F2685BAB] - 26/08/2014 - 12:39:28 ---A- - C:\Windows\Prefetch\SPYHUNTER-INSTALLER.EXE-B7496F15.pf =>Crapware.SpyHunter
O61 - LFC: 26/08/2014 - 20:32:35 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\n7233\wajam_2207-6c14163c.exe [55363] =>PUP.Wajam
O61 - LFC: 26/08/2014 - 20:32:36 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\n764\wajam_2207-6c14163c.exe [55363] =>PUP.Wajam
O61 - LFC: 26/08/2014 - 20:32:36 ---A- . (.File Syn.) -- C:\Users\reparo\AppData\Local\Temp\n764\webssearches_2008_BX-af7abd00.exe [665976] =>Hijacker.WebsSearches
O61 - LFC: 26/08/2014 - 20:32:37 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\SHSetup.exe [29358328] =>Crapware.SpyHunter
O61 - LFC: 26/08/2014 - 20:32:38 ---A- . (.Enigma Software Group USA, LLC..) -- C:\Users\reparo\Downloads\SpyHunter-installer.exe [728960] =>Crapware.SpyHunter
O61 - LFC: 24/08/2014 - 20:32:34 ----- . (.Java™ Native Access (JNA).) -- C:\Users\reparo\AppData\Local\Temp\jna-reparo\jna252931645755262242.dll [441220]
O61 - LFC: 26/08/2014 - 20:32:35 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\n7233\BaixakiHPSE_2507-6c93d105.exe [326467]
O61 - LFC: 26/08/2014 - 20:32:35 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\n764\BaixakiHPSE_2507-6c93d105.exe [326467]
O61 - LFC: 26/08/2014 - 20:32:35 ---A- . (.AVG Technologies.) -- C:\Users\reparo\AppData\Local\Temp\n764\avg_free_stb_pb_2014_4745_free.exe [2104998]
O61 - LFC: 26/08/2014 - 20:32:35 ---A- . (.Apps Install.) -- C:\Users\reparo\AppData\Local\Temp\n1270\s1270.exe [421056]
O61 - LFC: 26/08/2014 - 20:32:35 ---A- . (.Apps Install.) -- C:\Users\reparo\AppData\Local\Temp\n7233\s7233.exe [421056]
O61 - LFC: 26/08/2014 - 20:32:35 ---A- . (.Apps Install.) -- C:\Users\reparo\AppData\Local\Temp\n764\s764.exe [421056]
O61 - LFC: 26/08/2014 - 20:32:35 ---A- . (.Baidu Inc..) -- C:\Users\reparo\AppData\Local\Temp\n764\spark_1706-7a62f19d.exe [1285312]
O61 - LFC: 26/08/2014 - 20:32:35 ---A- . (.Baidu.com.) -- C:\Users\reparo\AppData\Local\Temp\n7233\hao123BR_2706-599308a2.exe [476304]
O61 - LFC: 26/08/2014 - 20:32:36 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\nsiC12E.tmp\SimpleSC.dll [62976]
O61 - LFC: 26/08/2014 - 20:32:36 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\nsiC12E.tmp\System.dll [11264]
O61 - LFC: 26/08/2014 - 20:32:36 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\nsiC12E.tmp\nsDialogs.dll [9728]
O61 - LFC: 26/08/2014 - 20:32:36 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\nsiC12E.tmp\n---ec.dll [6656]
O61 - LFC: 26/08/2014 - 20:32:36 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\nsiC12E.tmp\version.dll [6144]
O61 - LFC: 26/08/2014 - 20:32:36 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\nsu2138.tmp\SimpleSC.dll [62976]
O61 - LFC: 26/08/2014 - 20:32:36 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\nsu2138.tmp\System.dll [11264]
O61 - LFC: 26/08/2014 - 20:32:36 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\nsu2138.tmp\inetc.dll [20992]
O61 - LFC: 26/08/2014 - 20:32:36 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\nsu2138.tmp\nsDialogs.dll [9728]
O61 - LFC: 26/08/2014 - 20:32:36 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\nsu2138.tmp\n---ec.dll [6656]
O61 - LFC: 26/08/2014 - 20:32:36 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\nsu2138.tmp\version.dll [6144]
O61 - LFC: 26/08/2014 - 20:32:37 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\spark_install.exe [44065600]
O61 - LFC: 27/08/2014 - 20:32:34 ---A- . (...) -- C:\Users\reparo\AppData\Local\Temp\jkbasuy1\inidata.dll [1413120]
O61 - LFC: 27/08/2014 - 20:32:36 ---A- . (.Microsoft Corporation.) -- C:\Users\reparo\AppData\Local\Temp\Rar$EXa0.847\dbghelp.dll [1213200]
[HKCU\Software\Baidu Security]
[HKCU\Software\Baidu]
[HKLM\Software\Baidu Security]
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PlusVid-codedownloader_RASAPI32 =>PUP.PlusVid
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PlusVid-codedownloader_RASMANCS =>PUP.PlusVid
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PlusVid-novainstaller_RASAPI32 =>PUP.PlusVid
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PlusVid-novainstaller_RASMANCS =>PUP.PlusVid
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SupTab_v5_RASAPI32 =>PUP.SupTab
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SupTab_v5_RASMANCS =>PUP.SupTab
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_2207-6c14163c_RASAPI32 =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_2207-6c14163c_RASMANCS =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webssearches_2008_BX-af7abd00_RASAPI32 =>Hijacker.WebsSearches
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webssearches_2008_BX-af7abd00_RASMANCS =>Hijacker.WebsSearches
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wpm_v20_RASAPI32 =>PUP.WpManager
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wpm_v20_RASMANCS =>PUP.WpManager
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110611171150}] =>PUP.CrossRider
Emptytemp
Emptyclsid
shortcutfix

|- Abra a ferramenta ZHPFix. < >
|- Clique IMPORTAÇÃO >> OK.
|- Clique "GO".
|- Poste o relatório!

A+

[DigRam 144]

Tópico Arquivado

 

Como o autor não respondeu por mais de 10 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.