moltres_1997

Novato
  • Content count

    17
  • Joined

  • Last visited

Community Reputation

0 Neutral

About moltres_1997

  • Rank
    Novato

Contact Methods

  • ICQ
    0
  1. Ótimo, obrigado Rorro, o site não esta tendo mais redirecionamento. Obrigado Mesmo... Apenas por curiosidade, sei que não apenas minha, mas de todos, qual foi a causa ?
  2. Segue Logo após eu cliquei em deletar fiz outro log e ficou limpo, porém o hotmail e o itau esta do mesmo geito RKreport1.txt
  3. Boa Noite Olha o site ainda continua estranho, ainda esta pedindo dados esquisitos e o hotmail também
  4. Segue C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe a variant of Win32/Hao123.A potentially unwanted application deleted - quarantined C:\Users\iSkatisha\Downloads\FFSetup3.6.0.0.exe a variant of Win32/Hao123.A potentially unwanted application deleted - quarantined D:\ISKATISHA-PC\Backup Set 2015-03-01 202940\Backup Files 2015-03-08 190000\Backup files 3.zip a variant of Win32/Hao123.A potentially unwanted application deleted - quarantined
  5. Boa tarde Rorro estarei postando amanha de manha.. Nao abandonei o topico, estou muito preocupado... ah sobre o arquivo do virus total, ele nao existe.. Ja fui na pasta e ele nao se encontra
  6. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2015 01 Ran by iSkatisha at 2015-02-19 23:14:19 Run:1 Running from C:\Users\iSkatisha\Desktop Loaded Profiles: iSkatisha (Available profiles: iSkatisha) Boot Mode: Normal ============================================== Content of fixlist: ***************** Start HKU\S-1-5-21-1395670632-3958338694-63806247-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X] HOSTS: CMD: bitsadmin /reset /allusers CMD: ipconfig /flushdns EmptyTemp: End ***************** "HKU\S-1-5-21-1395670632-3958338694-63806247-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully. X6va017 => Service deleted successfully. C:\Windows\System32\Drivers\etc\hosts => Moved successfully. Hosts was reset successfully. ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.5.7601 ] BITS administration utility. © Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. 0 out of 0 jobs canceled. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Configura��o de IP do Windows Libera��o do Cache do DNS Resolver bem-sucedida. ========= End of CMD: ========= EmptyTemp: => Removed 787.6 MB temporary data. The system needed a reboot. ==== End of Fixlog 23:14:32 ==== O site ainda continua dando problema
  7. Boa Noite Segue FRST Abaixo e Addition em anexo Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01 Ran by iSkatisha (administrator) on ISKATISHA-PC on 18-02-2015 23:07:04 Running from C:\Users\iSkatisha\Downloads Loaded Profiles: iSkatisha (Available profiles: iSkatisha) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Português (Brasil) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (NVIDIA Corporation) C:\Users\iSkatisha\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation) HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software) HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\e865ace9-2938-4ab4-a828-75f68aac98b5.exe [183232 2015-02-18] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1395670632-3958338694-63806247-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1395670632-3958338694-63806247-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1395670632-3958338694-63806247-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com.br/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1395670632-3958338694-63806247-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\iSkatisha\AppData\Roaming\Mozilla\Firefox\Profiles\i9u5xgs8.default FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-1395670632-3958338694-63806247-1000: gastecnologia.com.br/sf/uni -> C:\Users\iSkatisha\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll No File FF SearchPlugin: C:\Users\iSkatisha\AppData\Roaming\Mozilla\Firefox\Profiles\i9u5xgs8.default\searchplugins\google-avast.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-26] Chrome: ======= CHR Profile: C:\Users\iSkatisha\AppData\Local\Google\Chrome\User Data\Default CHR Profile: C:\Users\iSkatisha\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Slides) - C:\Users\iSkatisha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-07] CHR Extension: (Google Docs) - C:\Users\iSkatisha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07] CHR Extension: (Google Drive) - C:\Users\iSkatisha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-07] CHR Extension: (YouTube) - C:\Users\iSkatisha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-07] CHR Extension: (Google Search) - C:\Users\iSkatisha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-07] CHR Extension: (Google Sheets) - C:\Users\iSkatisha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-07] CHR Extension: (Avast Online Security) - C:\Users\iSkatisha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-07] CHR Extension: (Google Wallet) - C:\Users\iSkatisha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-07] CHR Extension: (Gmail) - C:\Users\iSkatisha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-07] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-26] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-26] (AVAST Software) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation) R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed] R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 npggsvc; C:\Windows\system32\GameMon.des -service [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-26] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-26] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-26] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-26] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-26] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-26] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-26] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-26] () S3 GT72NDISIPXP; C:\Windows\System32\DRIVERS\Gt51Ip.sys [124928 2008-02-18] () [File not signed] S3 GT72UBUS; C:\Windows\System32\DRIVERS\gt72ubus.sys [80896 2008-02-08] (Option N.V.) [File not signed] S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [10624 2007-03-30] (Option N.V.) [File not signed] R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation ) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X] S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X] S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 massfilter; system32\drivers\massfilter.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X] S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-18 23:07 - 2015-02-18 23:07 - 00013529 _____ () C:\Users\iSkatisha\Downloads\FRST.txt 2015-02-18 23:06 - 2015-02-18 23:07 - 00000000 ____D () C:\FRST 2015-02-18 23:05 - 2015-02-18 23:06 - 02086912 _____ (Farbar) C:\Users\iSkatisha\Downloads\FRST64.exe 2015-02-15 23:47 - 2015-02-15 23:48 - 00000000 ____D () C:\Users\iSkatisha\Downloads\Pedro 2015-02-15 00:31 - 2015-02-15 00:31 - 00001253 _____ () C:\Users\iSkatisha\Desktop\MBAM.log 2015-02-15 00:17 - 2015-02-15 00:17 - 00001812 _____ () C:\Users\iSkatisha\Desktop\sc-cleaner.txt 2015-02-15 00:16 - 2015-02-15 00:16 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\iSkatisha\Desktop\sc-cleaner.exe 2015-02-15 00:16 - 2015-02-15 00:16 - 00001812 _____ () C:\sc-cleaner.txt 2015-02-15 00:15 - 2015-02-15 00:15 - 00001519 _____ () C:\Users\iSkatisha\Desktop\AdwCleaner[s5].txt 2015-02-15 00:14 - 2015-02-15 00:14 - 00000759 _____ () C:\Users\iSkatisha\Desktop\JRT.txt 2015-02-15 00:10 - 2015-02-15 00:10 - 01388274 _____ (Thisisu) C:\Users\iSkatisha\Desktop\JRT.exe 2015-02-10 00:35 - 2015-02-10 00:35 - 00009720 _____ () C:\Users\iSkatisha\Desktop\zoek-results.log 2015-02-10 00:34 - 2015-02-10 00:34 - 00009720 _____ () C:\Users\iSkatisha\Downloads\zoek-results.txt 2015-02-10 00:29 - 2015-02-10 00:29 - 00009720 _____ () C:\Users\iSkatisha\Desktop\zoek-results.txt 2015-02-10 00:28 - 2015-02-10 00:28 - 00000008 __RSH () C:\Users\Todos os Usuários\ntuser.pol 2015-02-10 00:28 - 2015-02-10 00:28 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2015-02-10 00:26 - 2015-02-10 00:14 - 00024064 _____ () C:\Windows\zoek-delete.exe 2015-02-10 00:15 - 2015-02-10 00:28 - 00009720 _____ () C:\zoek-results.log 2015-02-07 21:45 - 2015-02-07 21:45 - 00002632 _____ () C:\Users\iSkatisha\Desktop\FSS.txt 2015-02-07 21:44 - 2015-02-07 21:45 - 00000000 ____D () C:\Users\iSkatisha\Desktop\FSS 2015-02-07 21:43 - 2015-02-07 21:45 - 00043174 _____ () C:\Users\iSkatisha\Desktop\MbrScan.log 2015-02-07 21:42 - 2015-02-07 21:43 - 00000000 ____D () C:\Users\iSkatisha\Desktop\MBR 2015-02-07 21:41 - 2015-02-07 21:41 - 00006520 _____ () C:\Users\iSkatisha\Desktop\ZA-Scan.txt 2015-02-07 21:39 - 2015-02-10 00:25 - 00000000 ____D () C:\zoek_backup 2015-02-07 21:38 - 2015-02-10 00:15 - 00000000 ____D () C:\Users\iSkatisha\Desktop\ZaScan 2015-02-07 14:58 - 2015-02-07 14:58 - 00087904 _____ () C:\Users\iSkatisha\AppData\Local\GDIPFONTCACHEV1.DAT 2015-02-07 12:41 - 2015-02-07 12:41 - 00003020 _____ () C:\look.txt 2015-02-07 12:15 - 2015-02-18 22:05 - 00641807 _____ () C:\Windows\WindowsUpdate.log 2015-02-07 12:13 - 2015-02-18 08:46 - 00010772 _____ () C:\Windows\setupact.log 2015-02-07 12:13 - 2015-02-07 12:13 - 00000000 _____ () C:\Windows\setuperr.log 2015-02-07 12:12 - 2015-02-12 20:29 - 00003662 _____ () C:\Windows\PFRO.log 2015-02-07 12:12 - 2015-02-07 12:13 - 00338792 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-07 00:20 - 2015-02-15 00:07 - 00000000 ____D () C:\AdwCleaner 2015-02-07 00:19 - 2015-02-07 00:19 - 02112512 _____ () C:\Users\iSkatisha\Desktop\adwcleaner_4.110.exe 2015-02-06 23:04 - 2015-02-06 23:04 - 00000000 ____D () C:\Users\iSkatisha\Downloads\backups 2015-02-06 23:02 - 2015-02-06 23:02 - 00008372 _____ () C:\Users\iSkatisha\Downloads\hijackthis.log 2015-02-06 22:44 - 2015-02-06 22:53 - 00000000 ____D () C:\Windows\erdnt 2015-02-06 22:41 - 2015-02-15 23:48 - 00000000 ____D () C:\Users\iSkatisha\Downloads\antivirus 2015-02-04 22:45 - 2015-02-04 22:45 - 00000000 ____D () C:\Users\iSkatisha\Downloads\Debi.e.Loide.2.HDRip.Dublado-CDT 2015-02-01 19:16 - 2015-02-01 19:18 - 00000000 ____D () C:\Users\iSkatisha\AppData\Roaming\PhotoScape 2015-02-01 19:15 - 2015-02-01 19:15 - 00000991 _____ () C:\Users\iSkatisha\Desktop\PhotoScape.lnk 2015-02-01 19:15 - 2015-02-01 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape 2015-02-01 19:14 - 2015-02-01 19:15 - 00000000 ____D () C:\Program Files (x86)\PhotoScape 2015-02-01 15:25 - 2015-02-01 15:54 - 00000000 ____D () C:\Users\iSkatisha\Desktop\Casamento David e Andrea 2015-02-01 00:00 - 2015-02-01 02:53 - 00000000 ____D () C:\Users\iSkatisha\Downloads\Malévola (2014) 720p Dublado - Alan_680 2015-01-31 23:46 - 2015-01-31 23:46 - 00051410 _____ () C:\Users\iSkatisha\Downloads\Informações.xlsx 2015-01-28 00:24 - 2015-01-28 00:30 - 00000000 ____D () C:\Users\iSkatisha\AppData\Roaming\.minecraft 2015-01-24 15:46 - 2015-01-24 15:46 - 00000000 ____D () C:\Users\iSkatisha\AppData\Roaming\MPC-HC 2015-01-24 15:44 - 2015-01-24 15:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC 2015-01-24 15:44 - 2015-01-24 15:44 - 00000000 ____D () C:\Program Files (x86)\MPC-HC 2015-01-19 20:46 - 2015-01-19 21:17 - 00014848 _____ () C:\Users\iSkatisha\Documents\Controle Salarial.xlsx ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-18 22:55 - 2014-02-02 14:23 - 00001070 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-18 12:55 - 2014-02-02 14:23 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-18 08:53 - 2009-07-14 02:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-18 08:53 - 2009-07-14 02:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-18 08:45 - 2014-05-12 13:10 - 00065536 _____ () C:\Windows\system32\Ikeext.etl 2015-02-18 08:45 - 2014-02-03 02:29 - 00000000 ____D () C:\Users\Todos os Usuários\NVIDIA 2015-02-18 08:45 - 2014-02-03 02:29 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-02-18 08:45 - 2009-07-14 03:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-17 22:08 - 2014-12-03 20:49 - 00000000 ____D () C:\Users\iSkatisha\Downloads\Dragonball vs. The Others 2015-02-16 23:43 - 2014-12-03 23:29 - 00000000 ____D () C:\Users\iSkatisha\AppData\Roaming\Skype 2015-02-15 23:03 - 2014-12-02 23:34 - 00002223 _____ () C:\Users\iSkatisha\Downloads\vba.ini 2015-02-15 09:12 - 2014-12-26 03:05 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-02-15 00:20 - 2014-12-11 22:51 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-02-14 05:42 - 2011-01-27 21:11 - 00708702 _____ () C:\Windows\system32\prfh0416.dat 2015-02-14 05:42 - 2011-01-27 21:11 - 00148482 _____ () C:\Windows\system32\prfc0416.dat 2015-02-14 05:42 - 2009-07-14 03:13 - 01643718 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-02-10 00:23 - 2009-07-14 01:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2015-02-10 00:23 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2015-02-07 12:37 - 2009-07-14 00:34 - 00000215 _____ () C:\Windows\system.ini 2015-02-06 23:04 - 2014-02-03 01:22 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab 2015-02-06 22:55 - 2009-07-14 01:20 - 00000000 __RHD () C:\Users\Default 2015-02-06 21:56 - 2014-12-13 06:39 - 00000000 ____D () C:\Users\iSkatisha\AppData\Roaming\uTorrent 2015-02-06 21:38 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\Branding 2015-02-05 19:57 - 2014-02-02 14:28 - 00002141 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-02-05 12:50 - 2014-02-02 14:23 - 00004066 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-02-05 12:50 - 2014-02-02 14:23 - 00003814 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-02-01 23:48 - 2014-02-02 14:23 - 00000000 ____D () C:\Users\iSkatisha\AppData\Local\Google 2015-02-01 23:48 - 2014-02-02 14:23 - 00000000 ____D () C:\Program Files (x86)\Google 2015-02-01 10:10 - 2009-07-14 03:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-01-31 10:12 - 2009-07-14 01:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-01-27 09:31 - 2014-05-24 15:10 - 00000000 ____D () C:\Users\iSkatisha\Documents\Pop 2015-01-26 20:00 - 2014-02-03 01:19 - 00000000 ____D () C:\Users\Todos os Usuários\Oracle 2015-01-26 20:00 - 2014-02-03 01:19 - 00000000 ____D () C:\ProgramData\Oracle 2015-01-26 20:00 - 2014-02-03 01:19 - 00000000 ____D () C:\Program Files (x86)\Java 2015-01-26 19:59 - 2014-12-09 20:02 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2015-01-26 19:59 - 2014-12-09 20:02 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2015-01-26 19:59 - 2014-12-09 20:02 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2015-01-26 19:59 - 2014-12-09 20:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-01-26 19:59 - 2014-12-09 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ==================== Files in the root of some directories ======= 2014-12-03 21:01 - 2014-12-26 11:47 - 0032418 _____ () C:\Users\iSkatisha\AppData\Roaming\unins001.dat 2014-12-03 21:09 - 2014-12-03 21:09 - 0000227 _____ () C:\ProgramData\bc.ini Some content of TEMP: ==================== C:\Users\iSkatisha\AppData\Local\Temp\Quarantine.exe C:\Users\iSkatisha\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-13 10:26 ==================== End Of Log ============================ Addition.txt
  8. Boa Noite Segue Logs AdwCleanerS5.txt sc-cleaner.txt MBAM.log JRT.txt
  9. Boa Noite Segue em anexo log e txt zoek-results.txt zoek-results.log
  10. Boa Noite Segue Logs FSS.txt ZA-Scan.txt MbrScan.log
  11. Bom dia Linha defensiva Por favor me ajudem, ontem tentei acessar minha conta do itau, e então começou a pedir vários dados e a pagina esta estranha... O meu host não aparece mais as linhas do itau, porém ainda continua estranho. Já tentei de tudo e estou com medo de terem clonado a minha conta. Segue log do hijack: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:48:05, on 07/02/2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17496) Boot mode: Normal Running processes: C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\iSkatisha\Downloads\antivirus\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehUni.dll (file missing) O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: www.bb.com.br O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: http://www.itau.com.br O20 - Winlogon Notify: GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - Unknown owner - C:\PROGRA~2\GbPlugin\GbpSv.exe (file missing) O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 6109 bytes
  12. Obg pela ajuda... closed akie
  13. Olá, pessoal... Bom a um certo tempo, eu ando com um certo problema no meu pc. O problema é que, eu não consigo iniciar o gerenciador de conexões remotas... Aparace um erro 1068 e um 711... Eu estou tentando cria uma nova conexão e não da por causa disso. Ja tentei iniciar manualmente, mas não da... Sempre da o mardito erro. Ajuda awe Ps: win 7 64bit core i3 4gb ram
  14. Mesmo assim não está dando certo... e agora ele esta trocando o nome da pessoa q me liga... e de vez em quando o numero '-'
  15. Ai galera, o meu e71 quando eu vo executar musicas ele as misturam... tipo se eu for colocar um rock (link park) ele mistura com um pop e entra uma par de musica junto... troquei o cel e peguei um M6-TV que as skins são indenticas ao e71... e está dando no msm... ajudem Ps: Card memory 2GB micro SD