Pacote de malwares

Relatório:

ADWcleaner:

JRT:

Fix result of Farbar Recovery Scan Tool (x64) Version:21-08-2015 Ran by Avell B154 PLUS (2015-08-22 01:29:15) Run:1 Running from C:\Users\Avell B154 PLUS\Desktop Loaded Profiles: Avell B154 PLUS (Available Profiles: Avell B154 PLUS) Boot Mode: Normal ============================================== fixlist content: ***************** start CloseProcesses: HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-2513282143-1149749203-1196791184-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-05-16] (Nero AG) AppInit_DLLs-x32: C:\ProgramData\Kikblaster\Kikblaster32.dll => "C:\ProgramData\Kikblaster\Kikblaster32.dll" File not found SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = S3 catchme; \??\C:\Users\AVELLB~1\AppData\Local\Temp\catchme.sys [X] 2015-08-21 02:09 - 2015-08-21 02:09 - 00001367 _____ C:\Users\Avell B154 PLUS\Desktop\JRT.txt 2015-08-21 02:04 - 2015-08-21 02:04 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Avell B154 PLUS\Desktop\JRT.exe 2015-08-20 22:22 - 2015-08-20 22:22 - 00005852 _____ C:\Users\Avell B154 PLUS\Desktop\ZHPFixReport.txt 2015-08-20 22:15 - 2015-08-20 22:15 - 00001865 _____ C:\Users\Public\Desktop\ZHPFix.lnk 2015-08-20 22:15 - 2015-08-20 22:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP 2015-08-20 22:15 - 2015-08-20 22:15 - 00000000 ____D C:\Program Files (x86)\ZHPFix 2015-08-20 22:13 - 2015-08-20 22:14 - 03522334 _____ (Nicolas Coolman ) C:\Users\Avell B154 PLUS\Desktop\ZHPFix.exe 2015-08-20 20:47 - 2015-08-20 20:47 - 00109256 _____ C:\Users\Avell B154 PLUS\Desktop\ZHPDiag.txt 2015-08-20 20:44 - 2015-08-20 22:22 - 00000000 ____D C:\Users\Avell B154 PLUS\AppData\Roaming\ZHP 2015-08-20 20:44 - 2015-08-20 20:44 - 01895424 _____ C:\Users\Avell B154 PLUS\Desktop\ZHPDiag3.exe 2015-08-20 20:44 - 2015-08-20 20:44 - 00000875 _____ C:\Users\Avell B154 PLUS\Desktop\ZHPDiag.lnk 2015-08-20 13:56 - 2015-08-20 13:56 - 00000000 ____D C:\Users\Public\Documents\Baidu AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm AlternateDataStreams: C:\Users\Todos os Usuários\Reprise:wupeogjxldtlfudivq`qsp`26hfm FirewallRules: [{C87BF4B4-EC0B-47DD-8AA7-B2B9FF9A8113}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{D3DB9B70-B659-4D86-A56B-52277BC3222E}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{DD24A86E-99F2-4DE5-B9BF-14E5CAAAD0C3}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{9D6AA6B9-D1C0-468F-A8BF-3D7A810CD114}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{8CBF61D5-8BFF-46B6-93E4-0A9FA0A79B71}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{0A7816CC-E599-421D-9342-3E7D50CDA579}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{D4C2DA39-BE75-493C-B8DA-3E74351CEAC2}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{35D59AB7-7AF6-4E6B-AD0C-43104E87C13F}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{DA1A14FF-3362-4EB5-A911-77B880B8FEC1}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{7CC01363-9401-4AE7-A3C9-CDD77B2932AD}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe CreateRestorePoint: emptytemp: Reboot: end ***************** Processes closed successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui" => key removed successfully HKU\S-1-5-21-2513282143-1149749203-1196791184-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => value removed successfully "C:\ProgramData\Kikblaster\Kikblaster32.dll" => Value data removed successfully. HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully catchme => service removed successfully C:\Users\Avell B154 PLUS\Desktop\JRT.txt => moved successfully C:\Users\Avell B154 PLUS\Desktop\JRT.exe => moved successfully C:\Users\Avell B154 PLUS\Desktop\ZHPFixReport.txt => moved successfully C:\Users\Public\Desktop\ZHPFix.lnk => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP => moved successfully C:\Program Files (x86)\ZHPFix => moved successfully C:\Users\Avell B154 PLUS\Desktop\ZHPFix.exe => moved successfully C:\Users\Avell B154 PLUS\Desktop\ZHPDiag.txt => moved successfully C:\Users\Avell B154 PLUS\AppData\Roaming\ZHP => moved successfully C:\Users\Avell B154 PLUS\Desktop\ZHPDiag3.exe => moved successfully C:\Users\Avell B154 PLUS\Desktop\ZHPDiag.lnk => moved successfully C:\Users\Public\Documents\Baidu => moved successfully C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully. "C:\Users\Todos os Usuários\Reprise" => ":wupeogjxldtlfudivq`qsp`26hfm" ADS not found. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C87BF4B4-EC0B-47DD-8AA7-B2B9FF9A8113} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D3DB9B70-B659-4D86-A56B-52277BC3222E} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DD24A86E-99F2-4DE5-B9BF-14E5CAAAD0C3} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D6AA6B9-D1C0-468F-A8BF-3D7A810CD114} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8CBF61D5-8BFF-46B6-93E4-0A9FA0A79B71} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A7816CC-E599-421D-9342-3E7D50CDA579} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D4C2DA39-BE75-493C-B8DA-3E74351CEAC2} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{35D59AB7-7AF6-4E6B-AD0C-43104E87C13F} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DA1A14FF-3362-4EB5-A911-77B880B8FEC1} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7CC01363-9401-4AE7-A3C9-CDD77B2932AD} => value removed successfully Error: (0) Failed to create a restore point. EmptyTemp: => 447.1 MB temporary data Removed. The system needed a reboot.. ==== End of Fixlog 01:29:20 ====:

Spoiler:

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Salve-o em Arquivos de programas.
> Após instalar o SB,vá em "Protection Status" >> Clique em "Enable All Protection"
> Atualize o SB,clicando em "Updates" >> "Check for Updates" >> Aguarde!
> Terminando,clique novamente em "Enable All Protection".
> Ps: À cada 10 dias,busque atualizar seu banco de definições.