[Resolvido] &nbspWindows Explorer/Meu computador - comportamento estra

[Cassiano Designer 0]

Boa tarde Pessoal,

 

Não sei se tem algo a ver, mas após atualizar meu Windows 8 para o Windows 8.1, o Windows Explorer/Meu computador passou a ter um comportamento estranho.

Ao abri-lo (quando abre) a barra de endereço fica sempre "carregando" e não exibe meus discos/partições. Só consigo acessar digitando a unidade correspondente manualmente na barra de endereços. Outra coisa, meu HD externo fica sempre desconectando sozinho, notei isso durante uma tentativa de restaurar um backup do Windows 7, porém, em outro equipamento, na mesma tarefa, não ocorreu problema alguma. Já mexi no cabo usb e aparentemente não há mau contato.

 

Meu Windows 8 é original e o Windows 8.1 baixei diretamente do site da Microsoft.

 

Podem me ajudar a verificar se há malware em meu ultrabook?

[wings 22]

Olá Cassiano Designer

 

 

:seta: Baixe o http://oldtimer.geekstogo.com/OTL.exe'>OTL (...de OldTimer) e salve-o no Desktop (Área de Trabalho)

*Execute-o e selecione:

Verificar All Users
Ignorar Arquivos Microsoft
Verificar Lop
Verificar Purity


*Clique [Verificar] e aguarde o término


:seta: Acesse http://cjoint.com/'>este link

*Clique [selecionar arquivo...]

*Localize o relatório OTL.txt, no Desktop, e clique [Abrir]

*Selecione 4 jours

*Clique [Créer le lien Cjoint]

http://imgbox.com/aby4NIZG'>

*Cole o link criado ao lado de Le lien a été créé:

http://imgbox.com/acrVh6GY'>

*Repita o procedimento para o relatório Extras.txt e cole o link

[Cassiano Designer 0]

Olá Wings,

 

Seguem os links:

 

http://cjoint.com/?3GlxZGWza36 - OTL.txt

http://cjoint.com/?3Gmag77rPiq - extras.txt

Desde já agradeço sua colaboração.

[wings 22]

:seta: Faça um scan online com o NOD32

http://i1158.photobucket.com/albums/p604/slackwings/Nod32.gif

 

*Ao término cole o relatório criado em C:\Program Files (x86)\ESET\ESET Online Scanner\log

[Cassiano Designer 0]

Bom dia,

 

Segue relatório do ESET SCAN ONLINE.

 

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=3d9445fcb2ee7a42861ffa4e779a80f7

# engine=14358

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2013-07-12 03:26:21

# local_time=2013-07-12 12:26:21 (-0300, Hora oficial do Brasil)

# country="Brazil"

# lang=1033

# osver=6.2.9200 NT

# compatibility_mode=5893 16776573 100 94 0 2179305 0 0

# scanned=472246

# found=17

# cleaned=15

# scan_time=15581

sh=078FB2A3E5DE54C3737A4541242A4725C02C6B9C ft=1 fh=d760d12103e04038 vn="a variant of Win32/Adware.MultiPlug.I application" ac=I fn="C:\Users\All Users\seafee saveo\51d78addd9d7d.dll"

sh=078FB2A3E5DE54C3737A4541242A4725C02C6B9C ft=1 fh=d760d12103e04038 vn="a variant of Win32/Adware.MultiPlug.I application" ac=I fn="C:\Users\Todos os Usuários\seafee saveo\51d78addd9d7d.dll"

sh=078FB2A3E5DE54C3737A4541242A4725C02C6B9C ft=1 fh=d760d12103e04038 vn="a variant of Win32/Adware.MultiPlug.I application (cleaned by deleting - quarantined)" ac=C fn="C:\ProgramData\seafee saveo\51d78addd9d7d.dll"

sh=DC9648BD3AD078251F07EBFE9F9F083BFEE72844 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\SystemRestore\FRStaging\Users\Cassiano\AppData\Local\Google\Chrome\User Data\Default\Extensions\meapmlhldiljmbccngegaememnkjbfoj\1\51d78addd9b4f0.67266346.js"

sh=79C90869A9AF2F4A0B2DF84776AA32BB240DB749 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\SystemRestore\FRStaging\Users\Cassiano\AppData\Roaming\Mozilla\Firefox\Profiles\hu39ep4z.default\extensions\staged\ayytsx@ivef-.edu\content\bg.js"

sh=9F84D9C803EC735A70F6CA7F7EE66A205DBE4CF9 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen virus (deleted - quarantined)" ac=C fn="C:\Users\Cassiano\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001a94"

sh=A8855E82B90FFAB00C9372600AAB014451FAA3A7 ft=1 fh=a0eaba3a73cbad4c vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Cassiano\AppData\Local\Microsoft\Windows\INetCache\IE\U49FOXPK\51d78addf2210[1].exe"

sh=5721880B4BF2158E070AC6EB150BB4BCBC9AABF4 ft=1 fh=78a06804226e04f7 vn="a variant of Win32/SProtector.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Cassiano\AppData\Local\Temp\down.2556.assistant_v3.exe"

sh=D53DEAFC49427F7A9DE03D4B74CE8BC78B4E5219 ft=1 fh=e232b46ad449c7d0 vn="a variant of Win32/InstallCore.BY application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Cassiano\AppData\Local\Temp\ICReinstall_folderdefence-free-32-bits.exe"

sh=FBBC16F995CBCAEA718B731C670458F63E348930 ft=1 fh=d0d0804ad449c7d0 vn="a variant of Win32/InstallCore.BY application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Cassiano\AppData\Local\Temp\ICReinstall_k-lite-codec-pack-full-995-32-bits.exe"

sh=0BA170D6F70C6BCAF7B27FB20710A70A3CB980C4 ft=1 fh=54342fe3d449c7d0 vn="a variant of Win32/InstallCore.BY application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Cassiano\AppData\Local\Temp\ICReinstall_my-lockbox-298-32-bits.exe"

sh=5A94C463BDD2507E59809301EB251F70D0C0BFFB ft=1 fh=57ec67d8d449c7d0 vn="a variant of Win32/InstallCore.BY application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Cassiano\AppData\Local\Temp\ICReinstall_subtitle-workshop-251-32-bits.exe"

sh=DD69359D8538D6ED2E086340E477159B6AC7F679 ft=1 fh=ee4c8407d449c7d0 vn="a variant of Win32/InstallCore.BY application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Cassiano\AppData\Local\Temp\ICReinstall_visualsubsync-100-build-1155-32-bits.exe"

sh=84DE32DDEF77C8848649F56D840A3EA0D4DA5CF9 ft=1 fh=74fea49bac1d5350 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Cassiano\AppData\Local\Temp\is701137889\7588940_Setup.EXE"

sh=79C90869A9AF2F4A0B2DF84776AA32BB240DB749 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Cassiano\AppData\Roaming\Mozilla\Firefox\Profiles\hu39ep4z.default\extensions\ayytsx@ivef-.edu\content\bg.js"

sh=5CB63520E85D88CE419E04A1533C8FEDC01B220F ft=1 fh=82c470e1f2175c0d vn="Win32/ELEX.E application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Cassiano\Downloads\FoxitReader605.06181_enu_Setup.exe"

sh=A191AC57329818F477B78C446E8FD8392CDEE754 ft=1 fh=83bbc67a4405bf61 vn="a variant of Win32/Bundled.Toolbar.Ask.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Cassiano\Downloads\SFInstaller_SFFZ_filezilla_8706467_.exe"

[wings 22]

Boa tarde Cassiano Designer

 

 

Até o momento não há relação com malwares.

 

Vamos a última pesquisa.

 

 

:seta: Baixe o aswMBR (...de Przemyslaw Gmerek) e salve-o no Desktop

*Mantenha-se conectado a internet

*Clique com o botão direito do mouse no arquivo e selecione Executar como administrador

*Clique [sim] e aguarde o término

 

*Clique [scan] e aguarde o término

*Clique [save log] e salve no Desktop

*Cole o relatório aswmbr.txt salvo no Desktop

[Cassiano Designer 0]

Segue o log:

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software

Run date: 2013-07-12 15:43:17

-----------------------------

15:43:17.258 OS Version: Windows x64 6.2.9200

15:43:17.259 Number of processors: 4 586 0x3A09

15:43:17.260 ComputerName: ULTRACASSIANO UserName: Cassiano

15:43:17.293 Initialze error 1

17:44:31.545 AVAST engine defs: 13071201

18:18:10.594 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000003d

18:18:10.596 Disk 0 Vendor: AY1M Size: 476937MB BusType: 8

18:18:10.599 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000003e

18:18:10.601 Disk 1 Vendor: H2Q1 Size: 8192MB BusType: 8

18:18:10.605 Disk 0 MBR read successfully

18:18:10.607 Disk 0 MBR scan

18:18:10.614 Disk 0 unknown MBR code

18:18:10.617 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1

18:18:10.624 Disk 0 scanning C:\WINDOWS\system32\drivers

18:18:10.627 Service scanning

18:18:11.199 Modules scanning

18:18:11.202 Disk 0 trace - called modules:

18:18:11.207 ntoskrnl.exe fltsrv.sys tdrpman.sys CLASSPNP.SYS disk.sys hpdskflt.sys storport.sys hal.dll iaStorAV.sys

18:18:11.213 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe00002dfe060]

18:18:11.217 3 CLASSPNP.SYS[fffff80000e94a87] -> nt!IofCallDriver -> [0xffffe00002dff7d0]

18:18:11.220 5 hpdskflt.sys[fffff8000138d379] -> nt!IofCallDriver -> \Device\0000003d[0xffffe000010e5060]

18:18:11.226 AVAST engine scan C:\WINDOWS

18:18:11.231 AVAST engine scan C:\WINDOWS\system32

18:18:11.235 AVAST engine scan C:\WINDOWS\system32\drivers

18:18:11.240 AVAST engine scan C:\Users\Cassiano

18:18:11.245 AVAST engine scan C:\ProgramData

18:18:11.249 Scan finished successfully

18:19:01.247 Disk 0 MBR has been saved successfully to "C:\Users\Cassiano\Desktop\MBR.dat"

18:19:01.356 The log file has been saved successfully to "C:\Users\Cassiano\Desktop\aswMBR.txt"

[wings 22]

Boa noite Cassiano Designer

 

 

O PC está limpo.

 

Seu problema não está relacionado com malwares.

 

Sugiro que crie um tópico nesta sala:

 

http://forum.imasters.com.br/forum/43-servidores-windows-e-windows-azure/

 

 

 

Vamos desinstalar as ferramentas usadas:

 

 

:seta: Delete o aswMBR e seu relatório

 

 

:seta: Execute o OTL

*Clique [Limpeza] > [OK]

*O PC será reiniciado

 

 

Um abraço....:bye:

[Cassiano Designer 0]

Boa noite Wings,

 

Muito obrigado pela ajuda.

[wings 22]

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.