Logo Hardware.com.br
KillerGhost667
KillerGhost6... Novo Membro Registrado
7 Mensagens 1 Curtida

Janelas de navegador abrindo sozinhas sem parar

#1 Por KillerGhost6... 24/09/2013 - 10:31
Olá, pessoal.

Venho relatar um problema que venho passando há um determinado tempo com o Windows 7.

Independente do navegador que está definido como padrão no momento, janelas começam a ser abertas instantaneamente uma atrás da outra na página padrão, ele não leva a nenhuma página específica, apenas fica abrindo janelas do navegador sem parar, a home page.

Se estou navegando numa determinada guia, ele simplesmente me redireciona para a Home Page. Se não estou navegando, ou com o navegador minimizado, ele abre uma nova janela na Home Page, independe da página definida por ela. (Em branco, Google, etc., não importa).

Passei todo tipo de anti-vírus aqui, NOD32, AVG, Avast e nada. Todos os cinco principais anti-spyware e nada. Tentei outros procedimentos parecidos utilizando alguns softwares específicos para remoção de malware e nada também, procurei casos parecidos e fiz o procedimento de solução parecido e não obtive êxito.

Resolvi instalar o Windows 7 em outra pasta (não formatei), após um ou dois dias começou novamente o problema.

Alguém poderia me dar uma luz, por favor?

Aqui estão os logs do FRST.

Esse é o txt FRST.txt que o programa gera.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-09-2013
Ran by M3nynw Bolada1 (administrator) on M3NYNWBOLADA1 on 21-09-2013 21:46:08
Running from C:\Users\M3nynw Bolada1\Desktop\anti-malware FRST
Microsoft Windows 7 Home Premium (X86) OS Language: Portuguese Brazilian
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(S3 Graphics Co., Ltd.) C:\Program Files\s3graphics\chrome3\s3funkey.svc
(S3 Graphics Co., Inc.) C:\Program Files\s3graphics\chrome3\s3loadsv.svc
(S3 Graphics Co., Inc.) C:\Program Files\s3graphics\chrome3\s3loadsv.svc
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(S3 Graphics Co., Ltd.) C:\Program Files\s3graphics\chrome3\s3funkey.svc
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5078504 2013-03-21] (ESET)
HKLM\...\Run: [SDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3830224 2013-05-16] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x02A342DB31B0CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\M3nynw Bolada1\AppData\Roaming\Mozilla\Firefox\Profiles\jp1hwau3.default
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

========================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1341664 2013-03-21] (ESET)
R2 S3Funkey; C:\Program Files\s3graphics\chrome3\s3funkey.svc [462848 2010-07-22] (S3 Graphics Co., Ltd.)
R2 S3LoadSv; C:\Program Files\s3graphics\chrome3\s3loadsv.svc [418304 2010-07-22] (S3 Graphics Co., Inc.)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-13] (Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [171680 2013-02-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [122240 2013-01-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [105760 2013-01-10] (ESET)
R3 FETNDIS; C:\Windows\System32\DRIVERS\fetn62.sys [53872 2011-04-25] (VIA Technologies, Inc. )
R3 S3GIGP; C:\Windows\System32\DRIVERS\VTGKModeDX32.sys [1101312 2010-09-27] (S3 Graphics Co., Ltd.)
R0 videX32; C:\Windows\System32\DRIVERS\videX32.sys [13976 2010-02-11] (VIA Technologies, Inc.)
R0 xfilt; C:\Windows\System32\DRIVERS\xfilt.sys [23192 2010-02-11] (VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-21 21:46 - 2013-09-21 21:46 - 00000000 ____D C:\FRST
2013-09-21 21:36 - 2013-09-21 21:45 - 00000000 ____D C:\Users\M3nynw Bolada1\Desktop\anti-malware FRST
2013-09-21 20:22 - 2012-06-02 19:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-21 20:22 - 2012-06-02 19:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-21 20:22 - 2012-06-02 19:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-21 20:22 - 2012-06-02 19:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-21 20:21 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-21 20:21 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-21 20:16 - 2013-09-21 20:28 - 00000112 _____ C:\Windows\setupact.log
2013-09-21 20:16 - 2013-09-21 20:16 - 00278096 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-21 20:16 - 2013-09-21 20:16 - 00000000 _____ C:\Windows\setuperr.log
2013-09-19 16:58 - 2013-09-19 16:58 - 00002012 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2013-09-19 16:58 - 2013-06-09 21:59 - 00216064 _____ C:\Windows\system32\gcapi_dll.dll
2013-09-19 16:57 - 2013-09-19 16:59 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Roaming\Foxit Software
2013-09-19 16:57 - 2013-09-19 16:57 - 00000000 ____D C:\Program Files\Foxit Software
2013-09-19 16:54 - 2013-09-19 16:54 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-19 16:54 - 2013-09-19 16:54 - 00000000 ____D C:\Program Files\CCleaner
2013-09-19 16:34 - 2013-09-19 16:35 - 00002082 _____ C:\Users\M3nynw Bolada1\Desktop\Senhas NOD32.txt
2013-09-19 16:22 - 2013-09-19 16:33 - 11468800 _____ (Foxit Corporation ) C:\Users\M3nynw Bolada1\Desktop\FoxitReader604.07191_L10N_Setup.exe
2013-09-18 18:41 - 2013-09-21 13:11 - 00000000 ____D C:\Users\Todos os Usuários\Spybot - Search & Destroy
2013-09-18 18:41 - 2013-09-21 13:11 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-09-18 18:40 - 2013-09-18 18:40 - 00002123 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-09-18 18:40 - 2013-09-18 18:40 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-09-18 18:40 - 2009-01-25 13:14 - 00015224 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2013-09-18 18:39 - 2013-09-03 17:36 - 36271144 _____ (Safer-Networking Ltd. ) C:\Users\M3nynw Bolada1\Desktop\spybot-2.1.exe
2013-09-18 12:30 - 2013-09-18 12:36 - 04454952 _____ (Piriform Ltd) C:\Users\M3nynw Bolada1\Desktop\ccsetup405.exe
2013-09-18 12:29 - 2013-09-18 12:56 - 36047576 _____ (Foxit Corporation ) C:\Users\M3nynw Bolada1\Desktop\FoxitReader604.0719_L10N_Setup.exe
2013-09-18 12:28 - 2013-09-18 12:28 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Local\ESET
2013-09-18 12:24 - 2013-09-18 12:25 - 02564608 _____ C:\Users\M3nynw Bolada1\Desktop\Stallings_cap3_DAN.ppt
2013-09-18 12:00 - 2013-09-18 12:01 - 00339257 _____ C:\Users\M3nynw Bolada1\Desktop\CleanUp452.exe
2013-09-18 11:48 - 2013-09-18 11:49 - 00000000 ____D C:\Users\M3nynw Bolada1\Desktop\backups
2013-09-18 11:40 - 2013-09-18 11:40 - 00002663 _____ C:\Users\M3nynw Bolada1\Desktop\hijackthis.log
2013-09-18 11:40 - 2013-09-18 11:40 - 00000000 ____D C:\Users\Todos os Usuários\ESET
2013-09-18 11:40 - 2013-09-18 11:40 - 00000000 ____D C:\ProgramData\ESET
2013-09-18 11:40 - 2013-09-18 11:40 - 00000000 ____D C:\Program Files\ESET
2013-09-18 11:39 - 2013-09-18 11:39 - 00388608 _____ (Trend Micro Inc.) C:\Users\M3nynw Bolada1\Desktop\HijackThis.exe
2013-09-17 18:24 - 2013-09-17 18:53 - 51130368 _____ C:\Users\M3nynw Bolada1\Desktop\eav_nt32_ptb.msi
2013-09-17 00:32 - 2013-09-21 13:10 - 00000000 ____D C:\Windows\Minidump
2013-09-16 23:02 - 2013-09-16 23:02 - 00000000 ____D C:\Users\M3nynw Bolada1\Documents\RPGVXAce
2013-09-16 23:01 - 2013-09-16 23:01 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Roaming\Enterbrain
2013-09-16 23:00 - 2013-09-16 23:00 - 00002727 _____ C:\Users\Public\Desktop\RPG Maker VX Ace v1.0 BR.lnk
2013-09-16 23:00 - 2013-09-16 23:00 - 00000000 ____D C:\Program Files\Enterbrain
2013-09-16 22:55 - 2013-09-16 22:55 - 00000000 ____D C:\Program Files\Common Files\Enterbrain
2013-09-16 22:54 - 2013-09-16 22:54 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Roaming\WinRAR
2013-09-14 13:05 - 2013-09-14 13:05 - 01069288 _____ (Solid State Networks) C:\Users\M3nynw Bolada1\Desktop\install_flashplayer11x32_mssd_aaa_aih.exe
2013-09-14 12:29 - 2013-09-14 12:29 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Roaming\Mozilla
2013-09-14 12:29 - 2013-09-14 12:29 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Local\Mozilla
2013-09-14 12:18 - 2013-09-14 12:18 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-14 12:18 - 2013-09-14 12:18 - 00000000 ____D C:\Users\Todos os Usuários\Mozilla
2013-09-14 12:18 - 2013-09-14 12:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-09-14 12:18 - 2013-09-14 12:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-14 12:18 - 2013-09-14 12:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-14 12:09 - 2013-09-14 12:09 - 00000866 _____ C:\Users\M3nynw Bolada1\Desktop\Mauricio Nunes - Atalho.lnk
2013-09-14 12:02 - 2013-09-14 12:02 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-14 12:02 - 2013-09-14 12:02 - 00000000 ____D C:\Program Files\WinRAR
2013-09-14 11:56 - 2013-09-03 18:16 - 22388640 _____ (Mozilla) C:\Users\M3nynw Bolada1\Desktop\Firefox Setup 23.0.1.exe
2013-09-14 11:53 - 2013-09-14 11:53 - 00000000 ____D C:\Users\M3nynw Bolada1\Desktop\Rpg Maker VX Ace e Arquivos de Projetos
2013-09-13 18:27 - 2013-09-13 18:27 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Roaming\Macromedia
2013-09-13 18:25 - 2013-09-13 18:25 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Roaming\Adobe
2013-09-13 18:24 - 2013-08-30 04:47 - 00229648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-09-13 18:23 - 2013-09-13 18:23 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-13 18:22 - 2013-09-21 12:49 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2013-09-13 18:22 - 2013-09-21 12:49 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-13 03:59 - 2013-09-21 13:10 - 00000000 ____D C:\Windows\Panther
2013-09-13 03:45 - 2013-09-13 03:45 - 00000000 ____D C:\Windows.old
2013-09-13 00:50 - 2013-09-13 00:50 - 00000728 _____ C:\Users\M3nynw Bolada1\Desktop\Windows.old - Atalho.lnk
2013-09-13 00:48 - 2013-09-13 00:48 - 00000000 ____D C:\Users\M3nynw Bolada1\Desktop\Drivers Itautec
2013-09-13 00:46 - 2013-09-13 00:46 - 00000000 ____D C:\Program Files\InstallShield Installation Information
2013-09-13 00:45 - 2013-09-13 00:45 - 00000000 ____D C:\Program Files\VIA
2013-09-13 00:40 - 2013-09-21 21:18 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-13 00:40 - 2013-09-19 16:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-13 00:40 - 2013-09-19 16:00 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-13 00:40 - 2013-09-13 00:40 - 00000000 ____D C:\Windows\system32\Macromed
2013-09-13 00:30 - 2013-09-13 00:30 - 00000000 ____D C:\Users\Todos os Usuários\s3graphics
2013-09-13 00:30 - 2013-09-13 00:30 - 00000000 ____D C:\ProgramData\s3graphics
2013-09-13 00:30 - 2013-09-13 00:30 - 00000000 ____D C:\Program Files\s3graphics
2013-09-13 00:30 - 2013-09-13 00:30 - 00000000 ____D C:\Program Files\S3
2013-09-13 00:19 - 2013-08-07 04:22 - 00238872 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-09-13 00:13 - 2013-09-13 00:13 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-09-13 00:08 - 2013-09-13 00:44 - 00000424 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2013-09-13 00:08 - 2013-09-13 00:08 - 00001124 _____ C:\Users\Public\Desktop\DriverEasy.lnk
2013-09-13 00:08 - 2013-09-13 00:08 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Roaming\Easeware
2013-09-13 00:08 - 2013-09-13 00:08 - 00000000 ____D C:\Program Files\Easeware
2013-09-12 23:28 - 2013-09-21 20:35 - 01491932 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-12 23:23 - 2013-09-12 23:23 - 00001393 _____ C:\Users\M3nynw Bolada1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-12 23:22 - 2013-09-12 23:23 - 00000000 ____D C:\Users\M3nynw Bolada1
2013-09-12 23:22 - 2013-09-12 23:22 - 00000020 ___SH C:\Users\M3nynw Bolada1\ntuser.ini
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Usuário Padrão
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Todos os Usuários
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Modelos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Meus documentos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Menu Iniciar
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Documents\Minhas músicas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Documents\Minhas imagens
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Documents\Meus vídeos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Dados de aplicativos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Configurações locais
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\AppData\Local\Histórico
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\AppData\Local\Dados de aplicativos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Ambiente de rede
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Ambiente de impressão
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Modelos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Meus documentos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Configurações locais
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\ProgramData\Modelos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\ProgramData\Favoritos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\ProgramData\Documentos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 __SHD C:\Recovery
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Local\VirtualStore
2013-09-12 23:22 - 2009-07-14 01:42 - 00000000 ___RD C:\Users\M3nynw Bolada1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-12 23:22 - 2009-07-14 01:37 - 00000000 ___RD C:\Users\M3nynw Bolada1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-12 23:03 - 2013-09-21 21:42 - 00527785 _____ C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

2013-09-21 21:46 - 2013-09-21 21:46 - 00000000 ____D C:\FRST
2013-09-21 21:45 - 2013-09-21 21:36 - 00000000 ____D C:\Users\M3nynw Bolada1\Desktop\anti-malware FRST
2013-09-21 21:44 - 2009-07-14 01:34 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-21 21:44 - 2009-07-14 01:34 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-21 21:42 - 2013-09-12 23:03 - 00527785 _____ C:\Windows\WindowsUpdate.log
2013-09-21 21:18 - 2013-09-13 00:40 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-21 21:14 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\rescache
2013-09-21 21:08 - 2009-07-14 01:56 - 00000000 ____D C:\Windows\system32\WCN
2013-09-21 21:08 - 2009-07-14 01:56 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-09-21 21:08 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\Speech
2013-09-21 20:35 - 2013-09-12 23:28 - 01491932 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-21 20:35 - 2009-07-29 15:31 - 00654470 _____ C:\Windows\system32\prfh0416.dat
2013-09-21 20:35 - 2009-07-29 15:31 - 00124922 _____ C:\Windows\system32\prfc0416.dat
2013-09-21 20:28 - 2013-09-21 20:16 - 00000112 _____ C:\Windows\setupact.log
2013-09-21 20:28 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-21 20:23 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\pt-BR
2013-09-21 20:16 - 2013-09-21 20:16 - 00278096 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-21 20:16 - 2013-09-21 20:16 - 00000000 _____ C:\Windows\setuperr.log
2013-09-21 13:11 - 2013-09-18 18:41 - 00000000 ____D C:\Users\Todos os Usuários\Spybot - Search & Destroy
2013-09-21 13:11 - 2013-09-18 18:41 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-09-21 13:10 - 2013-09-17 00:32 - 00000000 ____D C:\Windows\Minidump
2013-09-21 13:10 - 2013-09-13 03:59 - 00000000 ____D C:\Windows\Panther
2013-09-21 12:49 - 2013-09-13 18:22 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2013-09-21 12:49 - 2013-09-13 18:22 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-19 16:59 - 2013-09-19 16:57 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Roaming\Foxit Software
2013-09-19 16:58 - 2013-09-19 16:58 - 00002012 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2013-09-19 16:57 - 2013-09-19 16:57 - 00000000 ____D C:\Program Files\Foxit Software
2013-09-19 16:54 - 2013-09-19 16:54 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-19 16:54 - 2013-09-19 16:54 - 00000000 ____D C:\Program Files\CCleaner
2013-09-19 16:35 - 2013-09-19 16:34 - 00002082 _____ C:\Users\M3nynw Bolada1\Desktop\Senhas NOD32.txt
2013-09-19 16:33 - 2013-09-19 16:22 - 11468800 _____ (Foxit Corporation ) C:\Users\M3nynw Bolada1\Desktop\FoxitReader604.07191_L10N_Setup.exe
2013-09-19 16:00 - 2013-09-13 00:40 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-19 16:00 - 2013-09-13 00:40 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-18 18:40 - 2013-09-18 18:40 - 00002123 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-09-18 18:40 - 2013-09-18 18:40 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-09-18 17:22 - 2013-01-17 02:32 - 00000000 ____D C:\Backup PenDrive Data Byte 17.01.2013
2013-09-18 12:56 - 2013-09-18 12:29 - 36047576 _____ (Foxit Corporation ) C:\Users\M3nynw Bolada1\Desktop\FoxitReader604.0719_L10N_Setup.exe
2013-09-18 12:36 - 2013-09-18 12:30 - 04454952 _____ (Piriform Ltd) C:\Users\M3nynw Bolada1\Desktop\ccsetup405.exe
2013-09-18 12:28 - 2013-09-18 12:28 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Local\ESET
2013-09-18 12:25 - 2013-09-18 12:24 - 02564608 _____ C:\Users\M3nynw Bolada1\Desktop\Stallings_cap3_DAN.ppt
2013-09-18 12:01 - 2013-09-18 12:00 - 00339257 _____ C:\Users\M3nynw Bolada1\Desktop\CleanUp452.exe
2013-09-18 11:49 - 2013-09-18 11:48 - 00000000 ____D C:\Users\M3nynw Bolada1\Desktop\backups
2013-09-18 11:40 - 2013-09-18 11:40 - 00002663 _____ C:\Users\M3nynw Bolada1\Desktop\hijackthis.log
2013-09-18 11:40 - 2013-09-18 11:40 - 00000000 ____D C:\Users\Todos os Usuários\ESET
2013-09-18 11:40 - 2013-09-18 11:40 - 00000000 ____D C:\ProgramData\ESET
2013-09-18 11:40 - 2013-09-18 11:40 - 00000000 ____D C:\Program Files\ESET
2013-09-18 11:39 - 2013-09-18 11:39 - 00388608 _____ (Trend Micro Inc.) C:\Users\M3nynw Bolada1\Desktop\HijackThis.exe
2013-09-17 18:53 - 2013-09-17 18:24 - 51130368 _____ C:\Users\M3nynw Bolada1\Desktop\eav_nt32_ptb.msi
2013-09-16 23:02 - 2013-09-16 23:02 - 00000000 ____D C:\Users\M3nynw Bolada1\Documents\RPGVXAce
2013-09-16 23:01 - 2013-09-16 23:01 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Roaming\Enterbrain
2013-09-16 23:00 - 2013-09-16 23:00 - 00002727 _____ C:\Users\Public\Desktop\RPG Maker VX Ace v1.0 BR.lnk
2013-09-16 23:00 - 2013-09-16 23:00 - 00000000 ____D C:\Program Files\Enterbrain
2013-09-16 22:55 - 2013-09-16 22:55 - 00000000 ____D C:\Program Files\Common Files\Enterbrain
2013-09-16 22:54 - 2013-09-16 22:54 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Roaming\WinRAR
2013-09-14 13:05 - 2013-09-14 13:05 - 01069288 _____ (Solid State Networks) C:\Users\M3nynw Bolada1\Desktop\install_flashplayer11x32_mssd_aaa_aih.exe
2013-09-14 12:29 - 2013-09-14 12:29 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Roaming\Mozilla
2013-09-14 12:29 - 2013-09-14 12:29 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Local\Mozilla
2013-09-14 12:18 - 2013-09-14 12:18 - 00001109 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-14 12:18 - 2013-09-14 12:18 - 00000000 ____D C:\Users\Todos os Usuários\Mozilla
2013-09-14 12:18 - 2013-09-14 12:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-09-14 12:18 - 2013-09-14 12:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-14 12:18 - 2013-09-14 12:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-14 12:09 - 2013-09-14 12:09 - 00000866 _____ C:\Users\M3nynw Bolada1\Desktop\Mauricio Nunes - Atalho.lnk
2013-09-14 12:02 - 2013-09-14 12:02 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-14 12:02 - 2013-09-14 12:02 - 00000000 ____D C:\Program Files\WinRAR
2013-09-14 11:53 - 2013-09-14 11:53 - 00000000 ____D C:\Users\M3nynw Bolada1\Desktop\Rpg Maker VX Ace e Arquivos de Projetos
2013-09-13 18:27 - 2013-09-13 18:27 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Roaming\Macromedia
2013-09-13 18:25 - 2013-09-13 18:25 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Roaming\Adobe
2013-09-13 18:24 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-09-13 18:24 - 2009-07-13 23:04 - 00002577 _____ C:\Windows\system32\config.nt
2013-09-13 18:23 - 2013-09-13 18:23 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-13 03:58 - 2011-08-16 05:27 - 00008192 __RSH C:\BOOTSECT.BAK
2013-09-13 03:58 - 2009-07-14 01:57 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2013-09-13 03:58 - 2009-07-14 01:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2013-09-13 03:58 - 2008-11-11 11:59 - 00000355 __RSH C:\Boot.ini.saved
2013-09-13 03:45 - 2013-09-13 03:45 - 00000000 ____D C:\Windows.old
2013-09-13 00:50 - 2013-09-13 00:50 - 00000728 _____ C:\Users\M3nynw Bolada1\Desktop\Windows.old - Atalho.lnk
2013-09-13 00:48 - 2013-09-13 00:48 - 00000000 ____D C:\Users\M3nynw Bolada1\Desktop\Drivers Itautec
2013-09-13 00:46 - 2013-09-13 00:46 - 00000000 ____D C:\Program Files\InstallShield Installation Information
2013-09-13 00:45 - 2013-09-13 00:45 - 00000000 ____D C:\Program Files\VIA
2013-09-13 00:44 - 2013-09-13 00:08 - 00000424 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2013-09-13 00:40 - 2013-09-13 00:40 - 00000000 ____D C:\Windows\system32\Macromed
2013-09-13 00:30 - 2013-09-13 00:30 - 00000000 ____D C:\Users\Todos os Usuários\s3graphics
2013-09-13 00:30 - 2013-09-13 00:30 - 00000000 ____D C:\ProgramData\s3graphics
2013-09-13 00:30 - 2013-09-13 00:30 - 00000000 ____D C:\Program Files\s3graphics
2013-09-13 00:30 - 2013-09-13 00:30 - 00000000 ____D C:\Program Files\S3
2013-09-13 00:13 - 2013-09-13 00:13 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-09-13 00:13 - 2009-07-14 01:52 - 00000000 ____D C:\Windows\system32\restore
2013-09-13 00:08 - 2013-09-13 00:08 - 00001124 _____ C:\Users\Public\Desktop\DriverEasy.lnk
2013-09-13 00:08 - 2013-09-13 00:08 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Roaming\Easeware
2013-09-13 00:08 - 2013-09-13 00:08 - 00000000 ____D C:\Program Files\Easeware
2013-09-12 23:23 - 2013-09-12 23:23 - 00001393 _____ C:\Users\M3nynw Bolada1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-12 23:23 - 2013-09-12 23:22 - 00000000 ____D C:\Users\M3nynw Bolada1
2013-09-12 23:22 - 2013-09-12 23:22 - 00000020 ___SH C:\Users\M3nynw Bolada1\ntuser.ini
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Usuário Padrão
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Todos os Usuários
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Modelos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Meus documentos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Menu Iniciar
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Documents\Minhas músicas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Documents\Minhas imagens
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Documents\Meus vídeos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Dados de aplicativos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Configurações locais
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\AppData\Local\Histórico
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\AppData\Local\Dados de aplicativos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Ambiente de rede
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\M3nynw Bolada1\Ambiente de impressão
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Modelos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Meus documentos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Configurações locais
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\ProgramData\Modelos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\ProgramData\Favoritos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\ProgramData\Documentos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 __SHD C:\Recovery
2013-09-12 23:22 - 2013-09-12 23:22 - 00000000 ____D C:\Users\M3nynw Bolada1\AppData\Local\VirtualStore
2013-09-12 23:22 - 2009-07-13 23:37 - 00000000 __RHD C:\Users\Default
2013-09-12 23:22 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\Recovery
2013-09-12 23:22 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Windows NT
2013-09-12 23:07 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-03 18:16 - 2013-09-14 11:56 - 22388640 _____ (Mozilla) C:\Users\M3nynw Bolada1\Desktop\Firefox Setup 23.0.1.exe
2013-09-03 17:36 - 2013-09-18 18:39 - 36271144 _____ (Safer-Networking Ltd. ) C:\Users\M3nynw Bolada1\Desktop\spybot-2.1.exe
2013-08-30 04:47 - 2013-09-13 18:24 - 00229648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-21 20:59

==================== End Of Log ============================
Esse é o Addition.txt que o programa gera.


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-09-2013
Ran by M3nynw Bolada1 at 2013-09-21 21:46:52
Running from C:\Users\M3nynw Bolada1\Desktop\anti-malware FRST
Boot Mode: Normal
==========================================================


==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (Version: 11.8.800.175)
CCleaner (Version: 4.05)
DriverEasy 4.5.4 (Version: 4.5.4.0)
ESET NOD32 Antivirus (Version: 6.0.316.1)
Foxit Reader (Version: 6.0.4.719)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 23.0.1 (x86 pt-BR) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
Platform (Version: 1.34)
RPG MAKER VX Ace RTP (Version: 1.00)
RPG Maker VX Ace v1.0 BR (Version: 1.00.0000)
S3 Graphics Utilities (Version: 3.3201.25c23-0722)
Spybot - Search & Destroy (Version: 2.1.19)
VIA Gerenciador de dispositivo de plataforma (Version: 1.34)
VIA Rhine Family Fast Ethernet Adapter
WinRAR 5.00 (32-bit) (Version: 5.00.0)

==================== Restore Points =========================

13-09-2013 03:13:13 Installed Platform
13-09-2013 03:18:44 Windows Update
13-09-2013 03:45:08 Installed Platform
13-09-2013 21:23:08 Configuração do(a) avast! Free Antivirus
17-09-2013 01:59:21 Installed RPG Maker VX Ace v1.0 BR.
18-09-2013 14:33:27 Configuração do(a) avast! Free Antivirus
18-09-2013 14:37:37 Instalado ESET NOD32 Antivirus
21-09-2013 23:20:18 Windows Update
22-09-2013 00:05:01 Remoção do Pacote de Idioma

==================== Hosts content: ==========================

2009-07-13 23:04 - 2009-06-10 18:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0D04847E-54ED-4A25-B6D9-28ADE759EA5A} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2009-07-13] (Microsoft Corporation)
Task: {0D9B5D92-3A22-486D-A887-3AA21597CF27} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {1B962AB5-DDF7-4B63-8C0F-DB551DBAFCCB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {3ABA9C42-A8AF-49E1-8E9B-9325CC1CBC3E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {799F5DD2-6846-4B7B-81A2-370C6F552EB3} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2013-08-28] (Easeware)
Task: {7D8CC70E-FFB8-4AE6-AC6B-F6BC5ED28496} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {8878AC62-B26B-48DF-B4DF-2A73EEB90EF0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-19] (Adobe Systems Incorporated)
Task: {9B04E43B-1566-4EB3-A187-21A797708D09} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {B76A9D2E-17F4-40C7-982B-5706220CB22B} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Loaded Modules (whitelisted) =============

2009-07-13 21:07 - 2009-07-13 22:14 - 00064000 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2010-09-27 16:20 - 2010-09-27 16:20 - 04169728 _____ (S3 Graphics Co., Ltd.) C:\Windows\system32\VTGUModeDX32.dll
2013-09-14 12:02 - 2013-08-22 19:01 - 00185432 _____ (Alexander Roshal) C:\Program Files\WinRAR\rarext.dll
2013-03-21 15:20 - 2013-03-21 15:20 - 00188064 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiHips.dll
2013-03-21 15:20 - 2013-03-21 15:20 - 00488824 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll
2013-03-21 15:19 - 2013-03-21 15:19 - 00249864 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll
2013-03-21 15:19 - 2013-03-21 15:19 - 00101544 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll
2013-03-21 15:19 - 2013-03-21 15:19 - 00097424 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll
2013-03-21 15:19 - 2013-03-21 15:19 - 01049144 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll
2013-03-21 15:20 - 2013-03-21 15:20 - 00694824 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll
2013-03-21 15:20 - 2013-03-21 15:20 - 00093304 _____ (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll
2013-09-18 18:40 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-09-18 18:40 - 2013-05-16 10:55 - 03643800 _____ (Project JEDI) C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl
2013-09-18 18:40 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2013-09-18 18:40 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl

==================== Alternate Data Streams (whitelisted) ======


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/19/2013 06:42:14 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{92147EEA-7C84-4055-9E6A-F32CD6A609C0}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}HB_System_Logoff

Error: (09/19/2013 03:57:24 PM) (Source: Application Error) (User: )
Description: Nome de aplicativo com falha: svchost.exe_SysMain, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bc100
Nome do módulo de falhas: sysmain.dll, versão: 6.1.7600.16385, carimbo de hora: 0x4a5bdb23
Código de exceção: 0xc0000005
Deslocamento com falha: 0x00004e2a
Identificação do processo com falha: 0x330
Hora de início do aplicativo com falha: 0xsvchost.exe_SysMain0
Caminho do aplicativo com falha: svchost.exe_SysMain1
FCaminho do módulo de falhas: svchost.exe_SysMain2
Identificação do Relatório: svchost.exe_SysMain3

Error: (09/18/2013 11:37:38 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswVmm.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (09/18/2013 11:37:38 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..


Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! Network Shield Support.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (09/18/2013 11:37:38 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (09/18/2013 11:37:38 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (09/18/2013 11:37:38 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRvrt.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (09/18/2013 11:37:38 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRdr.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (09/18/2013 11:37:38 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (09/18/2013 11:37:38 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..


Details:
AddLegacyDriverFiles: Unable to back up image of binary aswFsBlk.

System Error:
O sistema não pode encontrar o arquivo especificado.
.


System errors:
=============
Error: (09/21/2013 08:28:17 PM) (Source: EventLog) (User: )
Description: O desligamento anterior do sistema em 20:25:56 às ‎21/‎09/‎2013 não era esperado.

Error: (09/21/2013 08:16:27 PM) (Source: EventLog) (User: )
Description: O desligamento anterior do sistema em 13:18:20 às ‎21/‎09/‎2013 não era esperado.

Error: (09/19/2013 03:57:49 PM) (Source: Service Control Manager) (User: )
Description: O serviço Configuração Automática de WLAN foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço.

Error: (09/19/2013 03:57:49 PM) (Source: Service Control Manager) (User: )
Description: O serviço Gerenciador de Sessão do Gerenciador de Janelas da Área de Trabalho foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço.

Error: (09/19/2013 03:57:49 PM) (Source: Service Control Manager) (User: )
Description: O serviço Cliente de rastreamento de link distribuído foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 120000 milissegundos: Reiniciar o serviço.

Error: (09/19/2013 03:57:49 PM) (Source: Service Control Manager) (User: )
Description: O serviço Superfetch foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.

Error: (09/19/2013 03:57:49 PM) (Source: Service Control Manager) (User: )
Description: O serviço Serviço Auxiliar de Compatibilidade de Programas foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.

Error: (09/19/2013 03:57:49 PM) (Source: Service Control Manager) (User: )
Description: O serviço Conexões de Rede foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 100 milissegundos: Reiniciar o serviço.

Error: (09/19/2013 03:57:49 PM) (Source: Service Control Manager) (User: )
Description: O serviço Construtor de Pontos de Extremidade de Áudio do Windows foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.

Error: (09/19/2013 03:56:38 PM) (Source: Service Control Manager) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço Wlansvc.


Microsoft Office Sessions:
=========================
Error: (09/19/2013 06:42:14 PM) (Source: EventSystem)(User: )
Description: 80070005EventSystem.EventSubscription{92147EEA-7C84-4055-9E6A-F32CD6A609C0}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}HB_System_Logoff

Error: (09/19/2013 03:57:24 PM) (Source: Application Error)(User: )
Description: svchost.exe_SysMain6.1.7600.163854a5bc100sysmain.dll6.1.7600.163854a5bdb23c000000500004e2a33001ceb47b833f1690C:\Windows\System32\svchost.exec:\windows\system32\sysmain.dll51be9f74-215d-11e3-85d7-00140b37aa70

Error: (09/18/2013 11:37:38 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswVmm.

System Error:
O sistema não pode encontrar o arquivo especificado.

Error: (09/18/2013 11:37:38 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! Network Shield Support.

System Error:
O sistema não pode encontrar o arquivo especificado.

Error: (09/18/2013 11:37:38 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:
O sistema não pode encontrar o arquivo especificado.

Error: (09/18/2013 11:37:38 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.

System Error:
O sistema não pode encontrar o arquivo especificado.

Error: (09/18/2013 11:37:38 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRvrt.

System Error:
O sistema não pode encontrar o arquivo especificado.

Error: (09/18/2013 11:37:38 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswRdr.

System Error:
O sistema não pode encontrar o arquivo especificado.

Error: (09/18/2013 11:37:38 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.

System Error:
O sistema não pode encontrar o arquivo especificado.

Error: (09/18/2013 11:37:38 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswFsBlk.

System Error:
O sistema não pode encontrar o arquivo especificado.


==================== Memory info ===========================

Percentage of memory in use: 41%
Total physical RAM: 1918.17 MB
Available physical RAM: 1130.07 MB
Total Pagefile: 3836.34 MB
Available Pagefile: 2869.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1890.6 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.88 GB) (Free:28.03 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:51.17 GB) (Free:6.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 00B400B3)
Partition 1: (Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=51 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Esse é o log do HijackThis


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:29:09, on 24/09/2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\notepad.exe
C:\Users\M3nynw Bolada1\Desktop\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:21320
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: S3Funkey - Unknown owner - C:\Program.exe (file missing)
O23 - Service: S3LoadSv - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

--
End of file - 2155 bytes

Desde já agradeço.
navegador pagina padrao abrindo venho janelas determinado parar sozinhas
Wings
Wings Cyber Highlander Registrado
20.3K Mensagens 1.2K Curtidas
#2 Por Wings
24/09/2013 - 10:46
Olá KillerGhost667



veja.png Baixe o Zoek (...de Smeenk) e salve-o no Desktop (Área de Trabalho)

*Clique com o botão direito do mouse no Zoek e selecione Imagem

*Cole as linhas em marrom no espaço

startupall;
autoclean;
emptyalltemp;

*Feche o seu navegador e clique [Run Script]

*Durante o scan a mensagem abaixo será apresentada. Aguarde o término...pode demorar!

Zoek.exe is running now.
Do not start any browser windows, they will be closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log


*Caso a reinicialização do PC seja solicitada, clique [OK]


veja.png Acesse este link

*Clique [Selecionar arquivo...], localize o relatório C:\zoek-results.txt e clique [Abrir]

*Selecione 4 jours e clique [Créer le lien Cjoint]

Imagem

*Cole o link criado ao lado de Le lien a été créé:

Imagem
KillerGhost667
KillerGhost6... Novo Membro Registrado
7 Mensagens 1 Curtida
#3 Por KillerGhost6...
24/09/2013 - 13:31
Wings disse:
Olá KillerGhost667



veja.png Baixe o Zoek (...de Smeenk) e salve-o no Desktop (Área de Trabalho)

*Clique com o botão direito do mouse no Zoek e selecione Imagem

*Cole as linhas em marrom no espaço

startupall;
autoclean;
emptyalltemp;

*Feche o seu navegador e clique [Run Script]

*Durante o scan a mensagem abaixo será apresentada. Aguarde o término...pode demorar!


*Caso a reinicialização do PC seja solicitada, clique [OK]


veja.png Acesse este link

*Clique [Selecionar arquivo...], localize o relatório C:\zoek-results.txt e clique [Abrir]

*Selecione 4 jours e clique [Créer le lien Cjoint]

Imagem

*Cole o link criado ao lado de Le lien a été créé:

Imagem



O link é esse: http://cjoint.com/?3IysBKoM8sD

Contendo:


Zoek.exe Version 4.0.0.4 Updated 19-September-2013
Tool run by M3nynw Bolada1 on 24/09/2013 at 13:07:16,83.
Microsoft Windows 7 Home Premium 6.1.7600 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\M3nynw Bolada1\Desktop\zoek.exe [Script inserted]

==== System Restore Info ======================

24/09/2013 13:09:48 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Startup Registry Enabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice"
"SDTray"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [19/09/2013 16:01]
C:\Windows\tasks\DriverEasy Scheduled Scan.job --a------ C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [28/08/2013 09:05]

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Users\M3nynw Bolada1\AppData\Roaming\Mozilla\Firefox\Profiles\jp1hwau3.default
8352E35875F8A69C39550FE991BA23F5 - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll - Foxit Reader Plugin for Mozilla


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\Users\M3nynw Bolada1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\M3nynw Bolada1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\M3nynw Bolada1\AppData\Local\Mozilla\Firefox\Profiles\jp1hwau3.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\M3NYNW~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\M3nynw Bolada1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on 24/09/2013 at 13:24:57,09 ======================


Obrigado pelo suporte, meu amigo.
KillerGhost667
KillerGhost6... Novo Membro Registrado
7 Mensagens 1 Curtida
#5 Por KillerGhost6...
24/09/2013 - 18:36
Não pago não, ele está em versão de testes ainda, o coloquei para tentar remover o malware.

Eu achei vários malwares na outra instalação do Windows, removi e o problema continuou (da outra vez).

O comando que o amigo me passou ali em cima, parece que limpa o cache do navegador para executar no Zoep, parece que o problema foi removido por enquanto.

Na log ali não dá para identificar o arquivo que está "infectado", certo?
Wings
Wings Cyber Highlander Registrado
20.3K Mensagens 1.2K Curtidas
#6 Por Wings
24/09/2013 - 20:24
O log não apresentou grandes novidades. Poderiam estar nos temporários, cache que foram limpos.


veja.png Baixe o DelFix (...de Xplode) e salve-o no Desktop (Área de Trabalho)

*Execute-o, deixe selecionadas as opções Remove disinfection tools e Purge system restore

Imagem

*Clique [Run]

*Um relatório será apresentado. Feche-o.


veja.png Delete o DelFix e o arquivo C:\DelFix.txt


Um abraço...tchau.gif
KillerGhost667
KillerGhost6... Novo Membro Registrado
7 Mensagens 1 Curtida
#7 Por KillerGhost6...
01/10/2013 - 00:40
Amigos, usando esse notebook novamente, pude notar que o problema sumiu por um tempo e depois voltou com grande intensidade.

Como precisava fazer um questionário da faculdade e precisava de garantia que a janela não ia redirecionar sem minha solicitação, resolvi rodar um DISTRO LINUX, esse notebook Itautec (W7635) é meio complicado com Linux, tentei Ubuntu, Mint, e consegui rodar o OpenSUSE com KDE, e quando entro no Facebook, num site de notícias e no site da Faculdade, a surpresa:

As janelas começam a abrir loucamente redirecionando para a página inicial sem parar USANDO LINUX!

Removi todos os periféricos nele (teclado USB, mouse USB, etc.) e removi inclusive o cabo de rede e os comandos continuam a ser executados sem parar numa distro LIVE CD de Linux.

Como isso é possível?
KillerGhost667
KillerGhost6... Novo Membro Registrado
7 Mensagens 1 Curtida
#11 Por KillerGhost6...
01/10/2013 - 22:41
Só que o mais engraçado, é que eu nunca uso o teclado do notebook, só o teclado USB, eu removi o teclado do notebook, o desmontando, já vi que o problema não estava no USB, e o problema sumiu. Não abre mais janelas. Devia estar em curto mesmo ou algo assim, e o mais engraçado é que as vezes ficava até vários minutos sem acontecer...

Estou limpando ele aqui e dando uma olhada melhor.

Obrigadão, Wings.
© 1999-2024 Hardware.com.br. Todos os direitos reservados.
Imagem do Modal