[Resolvido] Navegadores travando...

[Ionara 2]

Boa tarde pc lento, navegadores travando,

seguelog...

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 13:48:06, on 10/01/2016

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v8.00 (8.00.7601.17514)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files\AVAST Software\Avast\avastui.exe

C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe

C:\PROGRA~2\GbPlugin\GbpSv.exe

C:\Program Files (x86)\Hotspot Shield\bin\fbwmgr.exe

C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe

C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe

C:\Program Files (x86)\Hotspot Shield\bin\fbw.exe

C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Usuario\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com.br/?gws_rd=ssl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = www.google.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = www.google.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8555;https=127.0.0.1:8555

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [Google Update] "C:\Users\Usuario\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

O4 - HKCU\..\Run: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O15 - Trusted Zone: imagem.caixa.gov.br

O15 - Trusted Zone: internetbanking.caixa.gov.br

O15 - Trusted Zone: internetbankingpf.caixa.gov.br

O15 - Trusted Zone: www.caixa.gov.br

O15 - Trusted Zone: http://www.caixa.gov.br

O15 - Trusted Zone: *.clonewarsadventures.com

O15 - Trusted Zone: *.freerealms.com

O15 - Trusted Zone: *.soe.com

O15 - Trusted Zone: *.sony.com

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL

O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe

O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe

O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe

O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE

O23 - Service: Hotspot Shield Monitoring Service (HssWd) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: MultiSync Log DB Updater (MultiSyncLogDBUpdater) - Multilaser S/A - C:\MultiSyncServiceLog\MultiSyncDBService.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 12041 bytes

[DigRam 144]

/!\ Boa Noite! Ionara /!\

> Baixe: < > ( ... by Farbar )

> No banner àcima,é para sistemas 32bits!

< Farbar Recovery Scan Tool 64-Bit >

> No link àcima,é para sistemas 64bits!

> Salve-o no desktop! (Área de trabalho ...)

> Execute a ferramenta! Clique "Sim" >> "Examinar".

> Antes de clicar "Examinar",verifique se as caixinhas em "Whitelist" estão assinaladas.

> Em "Exame Opcional",deixe marcada as checkbox "Addition.txt" e "Arquivos 90 Dias".

> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.

> Poste os relatórios! (FRST.txt + Addition.txt)

> Como os logs serão extensos,envie-os à >

> Clique no botão Parcourir...

> Busque o relatório e clique no botão Abrir.

> Clique no botão "Créer le lien Cjoint".

> Copie o link que está ao lado de "Le lien a été créé" e poste-o em sua resposta.

> O link ao relatório,que é este assinalado,deverá ser colado em sua resposta.

> Ou clique "Copier le lien (*)" e cole o link ao seu Post.

> Fique atento,pois serão 2 links a serem postados!

A+

[Ionara 2]

Seguem logs,

 

http://www.cjoint.com/c/FAmiJSOXWHk

http://www.cjoint.com/c/FAmiLsJKqJk

[DigRam 144]

/!\ Boa Noite! Ionara /!\

> Copie estas informações que estão em vermelho,para o Bloco de Notas.

> Salve-as com o nome fixlist. << Texto!

> Salve-as no desktop! ( Área de trabalho ... ) -/- C:\Users\Usuario\Desktop <<

start

CloseProcesses:

HKU\S-1-5-21-4088202244-695289871-602143169-1000\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun

ProxyServer: [s-1-5-21-4088202244-695289871-602143169-1000] => http=127.0.0.1:8555;https=127.0.0.1:8555

S1 mosfilterdrv; system32\drivers\mosfilterdrv.sys [X]

2014-11-23 16:01 - 2014-11-23 16:01 - 0000227 _____ () C:\ProgramData\bc.ini

Task: {03E994D3-08A5-49AD-A554-45B7586F719F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)

Task: {10111258-6185-408B-B840-D1A5217426D5} - System32\Tasks\{81A286C5-ECF0-4FAA-B8E6-3CA71606D8AF} => pcalua.exe -a "C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46DWYPP1\iGBPCEFgb[1].exe" -d C:\Users\Usuario\Desktop

Task: {B5752978-ED90-4313-8304-6BA9B63DB3D3} - \{4C00E39F-EC56-418C-8BED-28239473F78A} -> Nenhum Arquivo <==== ATENÇÃO

Task: {E80D6459-376F-4A79-9847-01B95C21C281} - \060184C3-9766-46a0-B258-F4518A0B2633 -> Nenhum Arquivo <==== ATENÇÃO

Task: {676D6BF7-39DD-4EB4-9E2F-56C539EC78AB} - System32\Tasks\{0AAEEAEA-C5AB-421D-BC73-74825497DC95} => pcalua.exe -a E:\SETUP.EXE -d E:\

FirewallRules: [{9FE50098-C291-4DEE-A513-96CCBE97AEC8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{88B40F6B-6F87-4533-BABB-570F0012811B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{284BCC4D-83B2-40E4-B4C6-172D3D4D79C7}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{2B24B699-D0DC-49C2-AC91-1170C4EF5CA2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe

FirewallRules: [{51BA35DA-78EF-49C6-89FD-D34D8E5A4D24}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe

FirewallRules: [{9C886FBD-D72D-4B63-9D6D-CE2D7474533E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

FirewallRules: [{77B688FD-1973-44A1-9420-67BFFF11C117}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

FirewallRules: [{4A183D4D-107A-45FC-AB8E-E290BADEE126}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

FirewallRules: [{26D2B37B-8D94-46A7-98EA-3B3E40437CF2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

AlternateDataStreams: C:\Windows\System32:7421B3FA_Cef.gbp

C:\Users\Usuario\AppData\Local\Temp\AdbeRdr11000_pt_BR.exe

C:\Users\Usuario\AppData\Local\Temp\GURB817.exe

C:\Users\Usuario\AppData\Local\Temp\SkypeSetup.exe

CreateRestorePoint:

RemoveProxy:

EmptyTemp:

Reboot:

Hosts:

end

> Execute FRST/FRST64 >> Clique "Corrigir" << Aguarde!

> Na mensagem,clique Executar.

> Poste o relatório! (Fixlog.txt)

< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! >

A+

[Ionara 2]

Boa noite,

 

segue log.

 

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão:10-01-2015 01

Executado por Usuario (2016-01-12 20:37:45) Run:1

Executando a partir de C:\Users\Usuario\Desktop

Perfis Carregados: Usuario (Perfis Disponíveis: Usuario & Reparo & Convidado)

Modo da Inicialização: Normal

==============================================

fixlist Conteúdo:

*****************

start

CloseProcesses:

HKU\S-1-5-21-4088202244-695289871-602143169-1000\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun

ProxyServer: [s-1-5-21-4088202244-695289871-602143169-1000] => http=127.0.0.1:8555;https=127.0.0.1:8555

S1 mosfilterdrv; system32\drivers\mosfilterdrv.sys [X]

2014-11-23 16:01 - 2014-11-23 16:01 - 0000227 _____ () C:\ProgramData\bc.ini

Task: {03E994D3-08A5-49AD-A554-45B7586F719F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)

Task: {10111258-6185-408B-B840-D1A5217426D5} - System32\Tasks\{81A286C5-ECF0-4FAA-B8E6-3CA71606D8AF} => pcalua.exe -a "C:\Users\Usuario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46DWYPP1\iGBPCEFgb[1].exe" -d C:\Users\Usuario\Desktop

Task: {B5752978-ED90-4313-8304-6BA9B63DB3D3} - \{4C00E39F-EC56-418C-8BED-28239473F78A} -> Nenhum Arquivo <==== ATENÇÃO

Task: {E80D6459-376F-4A79-9847-01B95C21C281} - \060184C3-9766-46a0-B258-F4518A0B2633 -> Nenhum Arquivo <==== ATENÇÃO

Task: {676D6BF7-39DD-4EB4-9E2F-56C539EC78AB} - System32\Tasks\{0AAEEAEA-C5AB-421D-BC73-74825497DC95} => pcalua.exe -a E:\SETUP.EXE -d E:\

FirewallRules: [{9FE50098-C291-4DEE-A513-96CCBE97AEC8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{88B40F6B-6F87-4533-BABB-570F0012811B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{284BCC4D-83B2-40E4-B4C6-172D3D4D79C7}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{2B24B699-D0DC-49C2-AC91-1170C4EF5CA2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe

FirewallRules: [{51BA35DA-78EF-49C6-89FD-D34D8E5A4D24}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe

FirewallRules: [{9C886FBD-D72D-4B63-9D6D-CE2D7474533E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

FirewallRules: [{77B688FD-1973-44A1-9420-67BFFF11C117}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

FirewallRules: [{4A183D4D-107A-45FC-AB8E-E290BADEE126}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

FirewallRules: [{26D2B37B-8D94-46A7-98EA-3B3E40437CF2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

AlternateDataStreams: C:\Windows\System32:7421B3FA_Cef.gbp

C:\Users\Usuario\AppData\Local\Temp\AdbeRdr11000_pt_BR.exe

C:\Users\Usuario\AppData\Local\Temp\GURB817.exe

C:\Users\Usuario\AppData\Local\Temp\SkypeSetup.exe

CreateRestorePoint:

RemoveProxy:

EmptyTemp:

Reboot:

Hosts:

end

*****************

Processos fechados com sucesso.

HKU\S-1-5-21-4088202244-695289871-602143169-1000\Software\Microsoft\Windows\CurrentVersion\Run\\KSS => valor removido (a) com sucesso.

HKU\S-1-5-21-4088202244-695289871-602143169-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => valor não encontrado (a).

mosfilterdrv => serviço removido (a) com sucesso.

C:\ProgramData\bc.ini => movido com sucesso

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{03E994D3-08A5-49AD-A554-45B7586F719F}" => chave removido (a) com sucesso.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03E994D3-08A5-49AD-A554-45B7586F719F}" => chave removido (a) com sucesso.

C:\Windows\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => chave removido (a) com sucesso.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10111258-6185-408B-B840-D1A5217426D5}" => chave removido (a) com sucesso.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10111258-6185-408B-B840-D1A5217426D5}" => chave removido (a) com sucesso.

C:\Windows\System32\Tasks\{81A286C5-ECF0-4FAA-B8E6-3CA71606D8AF} => movido com sucesso

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{81A286C5-ECF0-4FAA-B8E6-3CA71606D8AF}" => chave removido (a) com sucesso.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5752978-ED90-4313-8304-6BA9B63DB3D3}" => chave removido (a) com sucesso.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5752978-ED90-4313-8304-6BA9B63DB3D3}" => chave removido (a) com sucesso.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4C00E39F-EC56-418C-8BED-28239473F78A}" => chave removido (a) com sucesso.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E80D6459-376F-4A79-9847-01B95C21C281}" => chave removido (a) com sucesso.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E80D6459-376F-4A79-9847-01B95C21C281}" => chave removido (a) com sucesso.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633" => chave removido (a) com sucesso.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{676D6BF7-39DD-4EB4-9E2F-56C539EC78AB}" => chave removido (a) com sucesso.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{676D6BF7-39DD-4EB4-9E2F-56C539EC78AB}" => chave removido (a) com sucesso.

C:\Windows\System32\Tasks\{0AAEEAEA-C5AB-421D-BC73-74825497DC95} => movido com sucesso

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0AAEEAEA-C5AB-421D-BC73-74825497DC95}" => chave removido (a) com sucesso.

HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9FE50098-C291-4DEE-A513-96CCBE97AEC8} => valor removido (a) com sucesso.

HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{88B40F6B-6F87-4533-BABB-570F0012811B} => valor removido (a) com sucesso.

HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{284BCC4D-83B2-40E4-B4C6-172D3D4D79C7} => valor removido (a) com sucesso.

HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2B24B699-D0DC-49C2-AC91-1170C4EF5CA2} => valor removido (a) com sucesso.

HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{51BA35DA-78EF-49C6-89FD-D34D8E5A4D24} => valor removido (a) com sucesso.

HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C886FBD-D72D-4B63-9D6D-CE2D7474533E} => valor removido (a) com sucesso.

HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{77B688FD-1973-44A1-9420-67BFFF11C117} => valor removido (a) com sucesso.

HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A183D4D-107A-45FC-AB8E-E290BADEE126} => valor removido (a) com sucesso.

HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{26D2B37B-8D94-46A7-98EA-3B3E40437CF2} => valor removido (a) com sucesso.

C:\Windows\System32 => ":7421B3FA_Cef.gbp" ADS removido (a) com sucesso..

C:\Users\Usuario\AppData\Local\Temp\AdbeRdr11000_pt_BR.exe => movido com sucesso

C:\Users\Usuario\AppData\Local\Temp\GURB817.exe => movido com sucesso

C:\Users\Usuario\AppData\Local\Temp\SkypeSetup.exe => movido com sucesso

Ponto de Restauração criado com sucesso.

========= RemoveProxy: =========

HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => valor removido (a) com sucesso.

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.

HKU\S-1-5-21-4088202244-695289871-602143169-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => valor removido (a) com sucesso.

HKU\S-1-5-21-4088202244-695289871-602143169-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => valor removido (a) com sucesso.

HKU\S-1-5-21-4088202244-695289871-602143169-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => valor removido (a) com sucesso.

HKU\S-1-5-21-4088202244-695289871-602143169-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => valor removido (a) com sucesso.

========= Fim de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido com sucesso

Hosts restaurado com sucesso.

EmptyTemp: => 499.7 MB de dados temporários Removidos.

O sistema precisou ser reiniciado.

==== Fim de Fixlog 20:38:59 ====

[DigRam 144]

/!\ Boa Noite! Ionara /!\

 

> Baixe: < > ( ... de Nicolas Coolman )

> Ou |Aqui!| << Mirror!

> Estando na página,clique

> Salve-a no desktop! ( ZHPCleaner.exe )

> Execute ZHPCleaner.exe <<

> Clique "Eu".

> Clique Scanner.

> Aguarde a conclusão!

> Ao concluir,clique Reparar.

> Acesse as guias que estão assinaladas em vermelho.

> Clique Reparar ou desmarque algum ítem que seja Falso Positivo.

> Ao concluir,clique Relatório!

> Poste o log de reparo: ~ Type : Reparo

A+

[Ionara 2]

Bom dia,

segue log.

 

~ ZHPCleaner v2016.1.12.7 by Nicolas Coolman (2016/01/12)

~ Run by Usuario (Administrator) (13/01/2016 07:34:59)

~ Site : http://www.nicolascoolman.fr

~ Facebook : https://www.facebook.com/nicolascoolman1

~ State version : Version OK

~ Type : Reparo

~ Report : C:\Users\Usuario\Desktop\ZHPCleaner.txt

~ Quarantine : C:\Users\Usuario\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt

~ UAC : Deactivate

~ Boot Mode : Normal (Normal boot)

Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)

---\\ Serviços (0)

~ Nenhum ítem malicioso o desnecessários foi encontrado.

---\\ Navegadores de Internet (0)

~ Nenhum ítem malicioso o desnecessários foi encontrado.

---\\ Arquivo hosts (1)

~ O arquivo hosts é legítimo (1)

---\\ Tarefas automáticas agendadas. (0)

~ Nenhum ítem malicioso o desnecessários foi encontrado.

---\\ Explorer ( Arquivos, Pastas) (2)

MOVIDO arquivo: C:\Users\Usuario\AppData\Local\CrashRpt =>.Superfluous.CrashReports

MOVIDO arquivo: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\CrashRpt =>.Superfluous.CrashReports

---\\ Registro ( Chaves, Valores, Dados ) (0)

~ Nenhum ítem malicioso o desnecessários foi encontrado.

---\\ Resumo dos elementos encontrados na sua estação de trabalho (1)

http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.CrashReports

---\\ Dodatkowe oczyszczenie. (129)

~ Chave de registro Tracing Supprimido (129)

~ Remover os relatórios antigos ZHPCleaner. (0)

---\\ Resultado de reparação

Reparação efectuada com sucesso

~ Este navegador está faltando ! (Mozilla Firefox)

~ Este navegador está faltando ! (Opera Software)

---\\ Estatísticas

~ Items scan : 367

~ Items encontrado : 0

~ items cancelados : 0

~ Items réparo : 2

~ End of clean in 00h00mn04s

===================

ZHPCleaner-[R]-13012016-07_35_03.txt

ZHPCleaner--13012016-07_32_32.txt

[DigRam 144]

/!\ Bom Dia! Ionara /!\

> Baixe: < PrivaZer >

> Salve-o ao desktop!

> Assista à este vídeo,que lhe dará maiores detalhes quanto ao uso ou configuração.

> Baixe-o pelo link que lhe indiquei logo àcima.

> Informe os resultados!

Abs!

[Ionara 2]

Boa tarde,

 

o vídeo é muito ruim, mas rodei o privazer,

limpou dados, liberou espaço, enfim,

só não localizei nenhum log do histórico de atividades,

acho que deve ter funcionado,

att.

[DigRam 144]

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.