Kamila. Novo Membro Registrado
9 Mensagens 4 Curtidas

[Resolvido] Não consigo atualizar Avast! Será que meu PC está com vírus que impede a atualização??

#1 Por Kamila. 29/12/2014 - 20:04
Olá pessoal! Desde o dia 26/12 não consigo atualizar o Avast pois aparece a seguinte mensagem de erro: Host Inatingível. Entretanto, quando abro o programa aparece na faixa verde a mensagem de que está tudo atualizado. Porém, entre alguns intervalos de tempo, aparece uma mensagem do próprio Avast no canto inferior da tela dizendo que meu antivírus está desatualizado. Assim, quando clico em "atualizar" aparece a mensagem de erro dita anteriormente.
Será que meu PC está com algum vírus que impede a atualização do antivírus? Suspeito que posso ter baixado um vírus em um arquivo .zip cujo download demorou quase uma hora e quando abri continha apenas um arquivo pdf com algumas páginas em branco. Algum tempo após esse download que o problema começou, mas não tenho certeza se ele é malicioso pois o baixei de um site confiável (http://www.cesgranrio.org.br/)
Além do Avast uso o Malwarebytes versão Free.
O Malwarebytes não acusou nada, porém alguns anos atrás ele já deixou passar um vírus que atingiu o Avast.

- Meu sistema operacional é o windows 8.1. Uso o firewall do windows e já verifiquei se ele estaria impedindo a atualização do Avast mas não está.
- Já desinstalei e reinstalei novamente o programa mas o problema persistiu
- Tentei restaurar o sistema mas apareceu a seguinte mensagem de erro:
#Leandro# Super Participante Registrado
235 Mensagens 103 Curtidas
#2 Por #Leandro#
29/12/2014 - 23:57
Baixe o Farbar Recovery Scan Tool(...de Farbar) e salve-o no Desktop

Duplo clique em FRST.exe..., Caso seja Windows 7, Clique com o botão direito do mouse no FRST e selecione Imagem

Aceite o contrato, desmarque a opção Addition.txt, clique [Scan] e ao término clique [OK]

*Cole ou anexe o relatório FRST.txt criado no Desktop


Faça o Download do Farbar Service Scanner (...de Farbar) e salve-o no Desktop (Área de Trabalho)

2) Execute-o, selecione todas as opções e clique [Scan].., Aguarde o termino..
*Ao finalizar abrirá um relatório chamado FSS.txt copie todo o conteúdo e cole aqui em seu tópico.


1) Baixe o RogueKiller e salve no Desktop.
*Execute o arquivo RogueKiller.exe.

* Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo RogueKiller.exe, depois clique em (Executar como Administrador)

2) Clique no botão Verificar e aguarde o exame finalizar.
*Clique no botão Report Abrirá um relatório em bloco de notas.

Este log é salvo no desktop com o nome de RKreport[1].txt.
Selecione, copie e cole o conteúdo deste log na sua próxima resposta.
#3 Por Kamila.
30/12/2014 - 20:15
#Leandro# disse:

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-30 19:06 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\tracing
2014-12-30 19:04 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-30 18:57 - 2014-01-29 14:46 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1741631494-2679940660-858574640-1001
2014-12-30 18:01 - 2014-01-29 14:02 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-30 17:44 - 2014-03-24 03:32 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-12-30 15:18 - 2014-01-21 15:20 - 00003966 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1B96391F-CF31-4BF8-9F4A-C219550DDDF1}
2014-12-30 15:14 - 2014-01-30 13:41 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-12-30 15:11 - 2014-03-23 18:46 - 00000000 ___DO () C:\Users\Kamila\SkyDrive
2014-12-30 15:10 - 2014-01-29 14:02 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-30 15:09 - 2014-09-25 10:13 - 00065536 _____ () C:\WINDOWS\system32\Ikeext.etl
2014-12-30 15:09 - 2013-08-22 12:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-30 15:08 - 2013-08-22 11:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-29 20:36 - 2014-05-26 22:35 - 00494592 ___SH () C:\Users\Kamila\Downloads\Thumbs.db
2014-12-29 18:49 - 2014-05-03 02:21 - 00574976 ___SH () C:\Users\Kamila\Desktop\Thumbs.db
2014-12-29 18:46 - 2014-03-23 18:22 - 00000000 ____D () C:\Users\Kamila
2014-12-29 18:31 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\registration
2014-12-29 05:05 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-19 03:02 - 2012-07-26 05:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-17 03:47 - 2014-06-28 20:36 - 00000000 ____D () C:\Users\Kamila\AppData\Roaming\PhotoScape
2014-12-11 15:54 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-11 15:15 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-11 15:15 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-11 03:21 - 2013-08-22 11:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI(29)
2014-12-11 03:20 - 2014-07-13 22:12 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-11 03:20 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-11 03:20 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2014-12-11 03:18 - 2014-02-09 03:06 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-11 03:14 - 2014-02-09 03:05 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-10 00:05 - 2014-01-29 14:59 - 00002168 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-09 20:20 - 2014-01-21 16:09 - 00000000 ____D () C:\Users\Kamila\Documents\Youcam
2014-12-09 14:11 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-09 02:54 - 2014-08-10 13:19 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-08 22:26 - 2014-08-10 13:18 - 00001081 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-08 22:26 - 2014-08-10 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-08 22:26 - 2014-08-10 13:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-08 19:09 - 2013-11-14 05:26 - 01992186 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-08 19:09 - 2013-11-14 05:14 - 00843834 _____ () C:\WINDOWS\system32\prfh0416.dat
2014-12-08 19:09 - 2013-11-14 05:14 - 00188036 _____ () C:\WINDOWS\system32\prfc0416.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-29 21:19

==================== End Of Log ============================

Farbar Service Scanner Version: 21-07-2014
Ran by Kamila (administrator) on 30-12-2014 at 19:40:54
Running from "C:\Users\Kamila\Downloads"
Microsoft Windows 8.1 Single Language (X64)
Boot Mode: Normal

Internet Services:

Connection Status:
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:

Firewall Disabled Policy:

System Restore:

System Restore Disabled Policy:

Action Center:

Windows Update:
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

Windows Autoupdate Disabled Policy:

Windows Defender:
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".

Windows Defender Disabled Policy:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

Other Services:

File Check:
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

RogueKiller V10.1.1.0 [Dec 23 2014] por Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Site : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Sistema Operacional : Windows 8.1 (6.3.9200 ) 64 bits version
Iniciou : Modo normal
Usuário : Kamila [Administrador]
Modo : Escanear -- Data : 12/30/2014 20:09:30

¤¤¤ Processos : 0 ¤¤¤

¤¤¤ Registro : 4 ¤¤¤
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Encontrado
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Encontrado
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Encontrado
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Encontrado

¤¤¤ Tarefas : 0 ¤¤¤

¤¤¤ Arquivos : 0 ¤¤¤

¤¤¤ Arquivos de hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Não carregado [0xc000036b]) ¤¤¤

¤¤¤ Navegadores : 0 ¤¤¤

¤¤¤ Verificação da MBR : ¤¤¤
+++++ PhysicalDrive0: ST500LT012-9WS142 +++++
--- User ---
[MBR] 12ca817c04f93272c6036ee54d12164f
[BSP] 9ff1f81f03584be304e631045924300e : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097151 MB
User = LL1 ... OK
User = LL2 ... OK
DaniF Super Participante Registrado
343 Mensagens 137 Curtidas
#4 Por DaniF
30/12/2014 - 22:44
Siga estas instruções:

. Baixe o AdwCleaner (clique sobre o texto)
. Salve-o na sua Área de Trabalho
. Feche todos os programas e navegadores de internet
. Desabilite seu antivírus e execute o AdwCleaner como administrador
. Clique em "Examinar" para iniciar o escaneamento
. Ao término, clique em "Limpar"
. Acesse "C:\AdwCleaner"
. Anexe o arquivo "AdwCleaner [SO].txt" na próxima resposta

