Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14412 usuários registrados
O último usuário registrado atende pelo nome de LucasDrBr

Os nossos membros postaram um total de 35075 mensagens em 3551 assuntos
Quem está conectado
3 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 3 Visitantes

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Julho 2017
SegTerQuaQuiSexSabDom
     12
3456789
10111213141516
17181920212223
24252627282930
31      

Calendário Calendário

Palavras chave


Redirecionamento de páginas!

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Redirecionamento de páginas!

Mensagem por Underoath em Sex 20 Jun 2014, 03:39

Oi

Eu estou tendo problema com esse virus, sempre sou redirecionado para esse site " [Você precisa estar registrado e conectado para ver este link.] "

passei o AdwCleaner e sempre aparece uma pasta " MovieMode " sempre apago ela, mas sempre volta a aparecer na próxima vez.
---
---
# AdwCleaner v3.212 - Relatório criado 20/06/2014 às 03:26:27
# Atualizado 05/06/2014 por Xplode
# Sistema Operacional : Windows 8.1 Single Language  (64 bits)
# Usuário : Asus - ASUS
# Executando de : C:\Users\Cleberton\Downloads\adwcleaner_3.212.exe
# Opção : Examinar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Encontrado : C:\Users\Cleberton\AppData\Local\MovieMode

***** [ Atalhos ] *****


***** [ Registro ] *****


***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v30.0 (pt-BR)

[ Arquivo : C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\prefs.js ]


[ Arquivo : C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\prefs.js ]


[ Arquivo : C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\prefs.js ]


[ Arquivo : C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\prefs.js ]


[ Arquivo : C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\prefs.js ]


[ Arquivo : C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\prefs.js ]


[ Arquivo : C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\prefs.js ]


[ Arquivo : C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\prefs.js ]


[ Arquivo : C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\prefs.js ]


[ Arquivo : C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\prefs.js ]


[ Arquivo : C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\prefs.js ]


[ Arquivo : C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\prefs.js ]


[ Arquivo : C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ Arquivo : C:\Users\Cleberton\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Arquivo : C:\Users\Cleberton\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Arquivo : C:\Users\Cleberton\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Arquivo : C:\Users\Cleberton\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Arquivo : C:\Users\Cleberton\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Arquivo : C:\Users\Cleberton\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Arquivo : C:\Users\Cleberton\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Arquivo : C:\Users\Cleberton\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Arquivo : C:\Users\Cleberton\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Arquivo : C:\Users\Cleberton\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Arquivo : C:\Users\Cleberton\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Arquivo : C:\Users\Cleberton\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R6].txt - [3304 octets] - [20/06/2014 03:04:32]
AdwCleaner[R7].txt - [3224 octets] - [20/06/2014 03:26:27]

########## EOF - C:\AdwCleaner\AdwCleaner[R7].txt - [3284 octets] ##########
avatar
Underoath
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 20/06/2014
Localização : Curitiba/PR

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Power Max em Sex 20 Jun 2014, 10:47

Olá.

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

Para executá-lo corretamente siga as dicas deste tutorial:

Exclua adwares e outras ameaças de seu PC e browsers com o aplicativo Zoek

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Underoath em Sex 20 Jun 2014, 19:15


Zoek.exe v5.0.0.0 Updated 20-06-2014
Tool run by Asus on 20/06/2014 at 15:58:58,29.
Microsoft Windows 8.1 Single Language 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Cleberton\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

20/06/2014 16:00:45 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3021880120-1401051815-2693949732-1001\Software\Microsoft\Internet Explorer\SearchScopes\{8B724AF6-73D5-4C51-AD7E-7221B25F1485} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\CLEBER~1\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.search.selectedEngine", "Google");

Added to C:\Users\CLEBER~1\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\prefs.js:

ProfilePath: C:\Users\CLEBER~1\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_062014_1706_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\search_the_web.xml deleted
C:\Users\Cleberton\AppData\Roaming\temp.ini deleted
C:\PROGRA~3\SetStretch.VBS deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Cleberton\Searches deleted
C:\Users\Cleberton\AppData\LocalLow\ADSRemoval deleted
C:\Users\Cleberton\AppData\Roaming\unins000.exe deleted
"C:\Users\Cleberton\AppData\Roaming\Piano" deleted
"C:\Users\Cleberton\AppData\Roaming\Plants" deleted
"C:\ProgramData\Phaser" deleted

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{2FABFC3B-70D0-9531-C55C-D3FCE20FC78F}"="C:\Program Files (x86)\SelectionTool-soft\161.xpi" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\CLEBER~1\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default
- Undetermined - C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\extensions\ascsurfingprotection@iobit.com
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default
B52EFEC8EEF9A7809376795ED3699826 - C:\Users\Cleberton\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll - Módulo de Proteção - Banco do Brasil
ABE2E50533899C45DFA03E1D8767648F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll - Shockwave Flash
7B448B2B45428218D0D87376A2FF9FC2 - C:\Users\Cleberton\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll - Módulo de Proteção - Banco do Brasil


==== Chrome Look ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\Cleberton\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[19/05/2014 19:56]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?ocid=iehp"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.msn.com/?ocid=iehp"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Cleberton\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Cleberton\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3021880120-1401051815-2693949732-1001\Software\Mozilla\Firefox\Extensions\{2FABFC3B-70D0-9531-C55C-D3FCE20FC78F} deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Cleberton\Desktop\Any Video Converter.lnk - C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe
C:\Users\Cleberton\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Cleberton\Desktop\Any Video Converter.lnk - C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe
C:\Users\Cleberton\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Cleberton\Desktop\Any Video Converter.lnk - C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe
C:\Users\Cleberton\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Cleberton\Desktop\Any Video Converter.lnk - C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe
C:\Users\Cleberton\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Cleberton\Desktop\Any Video Converter.lnk - C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe
C:\Users\Cleberton\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Cleberton\Desktop\Any Video Converter.lnk - C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe
C:\Users\Cleberton\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Cleberton\Desktop\Any Video Converter.lnk - C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe
C:\Users\Cleberton\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe
C:\Users\Cleberton\Desktop\Any Video Converter.lnk - C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe
C:\Users\Cleberton\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual

==== shortcuts in Users Start Menu ======================

C:\Users\Cleberton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Any Video Converter na Internet.lnk - C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Any Video Converter.lnk - C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Desinstalar Any Video Converter.lnk - C:\Program Files (x86)\AnvSoft\Any Video Converter\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3\Desinstalar Game Booster 3.lnk - C:\Program Files (x86)\IObit\Game Booster 3\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3\Game Booster 3.lnk - C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\The Witcher 2 - Assassins of Kings Enhanced Edition.lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\Launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Uninstall The Witcher 2 - Assassins of Kings Enhanced Edition.lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Beni Oku.lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\readme_TR.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\CzytajTo.lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\readme_PL.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Handbuch.lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\manual_de.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Kilavuz.lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\manual_tr.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Kézikönyv.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Leggimi.lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\readme_IT.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Liesmich.lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\readme_DE.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Lisezmoi.lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\readme_FR.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Léame.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Manual [Chinese].lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\manual_zh.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Manual [Japanese].lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\manual_jp.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Manual [Russian].lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\manual_ru.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Manual [Spanish].lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\manual_es.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Manual.lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\manual_en.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Manuale.lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\manual_it.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Manuel.lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\manual_fr.pdf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Manuál.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Olvassel.lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\readme_HU.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Podrêcznik.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Readme [Chinese].lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\readme_ZH.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Readme [Czech].lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\readme_CZ.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Readme [Japanese].lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\readme_JP.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Readme [Russian].lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\readme_RU.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Witcher 2 - Assassins of Kings Enhanced Edition\Documents\Readme.lnk - C:\Program Files (x86)\GOG.com\The Witcher 2 Enhanced Edition\readme_EN.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter\Desinstalar IObit Malware Fighter.lnk - C:\Program Files (x86)\IObit\IObit Malware Fighter\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter\IObit Malware Fighter.lnk - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tribo Gamer\The Witcher 2 Assassins of Kings\Atualizador Tribo Gamer.lnk - C:\Program Files (x86)\Tribo Gamer\The Witcher 2 Assassins of Kings\Atualizador.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tribo Gamer\The Witcher 2 Assassins of Kings\Créditos da Tradução.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tribo Gamer\The Witcher 2 Assassins of Kings\Desinstalar a Tradução.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tribo Gamer\The Witcher 2 Assassins of Kings\Notas da Tradução.lnk -

==== shortcuts in Quick Launch ======================

C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Game Booster 3.lnk - C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Game Booster 3.lnk - C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Game Booster 3.lnk - C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Game Booster 3.lnk - C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Game Booster 3.lnk - C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Game Booster 3.lnk - C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Game Booster 3.lnk - C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Game Booster 3.lnk - C:\Program Files (x86)\IObit\Game Booster 3\GameBooster.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Cleberton\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=127.0.0.1:13861"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Cleberton\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Cleberton\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Cleberton\AppData\Local\Mozilla\Firefox\Profiles\y476e4js.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=19 folders=9 3873958 bytes)

==== Empty Temp Folders ======================

C:\Users\Cleberton\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\CLEBER~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 20/06/2014 at 19:12:37,22 ======================
avatar
Underoath
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 20/06/2014
Localização : Curitiba/PR

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Power Max em Sex 20 Jun 2014, 19:23

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

Tutorial do Junkware Removal Tool

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Underoath em Sex 20 Jun 2014, 20:13

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Single Language x64
Ran by Asus on 20/06/2014 at 19:45:15,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Cleberton\AppData\Roaming\mozilla\firefox\profiles\y476e4js.default\minidumps [18 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20/06/2014 at 20:09:50,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
Underoath
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 20/06/2014
Localização : Curitiba/PR

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Power Max em Sex 20 Jun 2014, 21:44

Faça o download do < ZHPDiag > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.

|- Execute o ícone do pergaminho. ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Underoath em Sex 20 Jun 2014, 22:26

~ Relatório do ZHPDiag v2014.6.19.94 - Nicolas Coolman (19/06/2014)
~ Iniciado por Asus (20/06/2014 22:24:40)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17126
MFIE: Mozilla Firefox 30.0 (Defaut)
GCIE: Google Chrome v35.0.1916.153

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Single Language, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Windows Defender W8 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.12

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader X MUI
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3917 MB (48% free)
System Restore: Activé (Enable)
System drive C: has 107 GB (57%) free of 186 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ASUS
~ User Name: Asus
~ All Users Names: HomeGroupUser$, Convidado, Asus, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Cleberton\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Cleberton\AppData\Roaming\
~ %Desktop% : C:\Users\Cleberton\Desktop\
~ %Favorites% : C:\Users\Cleberton\Favorites\
~ %LocalAppData% : C:\Users\Cleberton\AppData\Local\
~ %StartMenu% : C:\Users\Cleberton\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 107 Go of 186 Go)
D: Hard drive, Flash drive, Thumb drive (Free 258 Go of 258 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Windows Explorer.) (.16/05/2014 - 17:35:19.) -- C:\Windows\Explorer.exe [2373784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.40BFD9D6EC8E174145F012246CA73CCD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.11/06/2014 - 00:42:20.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.18/03/2014 - 07:18:16.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.18/03/2014 - 07:18:16.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.7C7BE474915166B61B84C025F1F10157] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.16/05/2014 - 17:31:38.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/05/2014 - 17:35:19.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.498288DD5CA42C2D36D125893E968C53] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.16/05/2014 - 17:31:37.) -- C:\Windows\system32\Drivers\HDAudBus.sys [77312]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.18/03/2014 - 07:18:19.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.7A1A3F213CDB3363D179D5014272025D] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.11/06/2014 - 00:44:13.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.16/05/2014 - 17:35:19.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.18/03/2014 - 06:44:42.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.4BB9BC49DEE1A319EC58274A7BBED663] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.16/05/2014 - 17:31:37.) -- C:\Windows\system32\Drivers\volsnap.sys [310616]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/12
~ Mes musiques (My Musics) : 1/22
~ Mes Videos (My Videos) : 1/4
~ Mes Favoris (My Favorites) : 1/7
~ Mes Documents (My Documents) : 2/3055
~ Mon Bureau (My Desktop) : 2/147
~ Menu demarrer (Programs) : 1/29
~ Hidden Files: Scanned in 00mn 01s



---\\ Processos lançados
[MD5.6C856C581ACE1785CE3FC2414E9859A3] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952] [PID.864]
[MD5.43B1125D14E8797FDA9D5E167EB50AE3] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [528424] [PID.76]
[MD5.E40AF754F43E3B44E2D6DE829267AD52] - (.ASUSTek Computer Inc. - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [110976] [PID.1200]
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1236]
[MD5.E38AC5D38C757EE5B6230A0C56791EE4] - (.IObit - IObit Malware Fighter Service.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336] [PID.1452]
[MD5.6A122B4F0E5293CACFA8A5F2CBA9B356] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120] [PID.1560]
[MD5.78ABBE558F57144047F10A0F50FE4B2F] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720] [PID.1728]
[MD5.5DD5D0A2D7D3B3A9A2BCBB8FCFA1B80D] - (.GenTechnologies Apps, LLC - Movie Mode Service.) -- C:\ProgramData\UikkyU\RLCKpEe.exe [2298224] [PID.1856]
[MD5.8969286F44A62758AACBD38F27D59BF5] - (.ASUSTek Computer Inc. - HControl.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [184704] [PID.2748]
[MD5.3A8D1E216D2F16551B37234E6E7341CB] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe [590208] [PID.2760]
[MD5.B07086D59443DAC6A668D691B27B968C] - (.ASUSTeK Computer Inc. - ASUS Color Engine.) -- C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [176240] [PID.2808]
[MD5.97432AB9F1B3B3E63E778C1E69E71E91] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032] [PID.2828]
[MD5.C570FD825751F7805CE226F68C4605DE] - (.ASUS - ACMON.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [54488] [PID.2836]
[MD5.C6D3BB61E24F66EB976C6CC55346B5F2] - (.ASUS - ASUS InstantOn.) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [1196416] [PID.2844]
[MD5.4F870EF9292559AB9DE6F31527A1DCBF] - (.ASUSTek Computer Inc. - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe [113312] [PID.2992]
[MD5.2D32F0EF950AED6AD007D042676FD39E] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [328064] [PID.3024]
[MD5.0B50F07E63EE15383CDFDC26D7A3D3E3] - (.ASUSTek Computer Inc. - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [205184] [PID.2988]
[MD5.397D14958D6C9C2B365469A857B2AC4E] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe [230792] [PID.3196]
[MD5.83FF82FE209E7997067B375DAD6CF23D] - (.Intel Corporation - Intel(R) Integrated Clock Controller Servic.) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752] [PID.1892]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288] [PID.4324]
[MD5.B7995C675014EEBE77A0BEB7AFCCFC08] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432] [PID.4552]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.4624]
[MD5.DB0C938BC311B31CF90C13821AE682B3] - (.ASUSTeK Computer Inc. - ASUS Live Update.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1559936] [PID.4320]
[MD5.1BDAB8A2AD5080027DDA901465803BD7] - (.IObit - IObit Malware Fighter.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1592640] [PID.3424]
[MD5.0C2F9B66D80EE02A51D0CB15E2F61864] - (.No owner - Real-time Protector.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe [1214240] [PID.4584]
[MD5.F7AB23B768E0470EAA01353F7CCCDB4B] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20280] [PID.5108]
[MD5.9656F8E29F6C3161A3E99BCD3A472FF9] - (.Intel Corporation - Intel(R) ME Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856] [PID.1792]
[MD5.2C24DC448DBE8DB9BE1441B824C57E79] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277824] [PID.3408]
[MD5.E1A119AD21F5AFE22EB516C549306D3D] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [365376] [PID.3956]
[MD5.598396AE125095BBEDFAC532854D7EB7] - (.IObit - Game Booster.) -- C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe [609624] [PID.1976]
[MD5.7DCE7A74764EB7C67D21A32BC579453D] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [507264] [PID.244]
[MD5.B1E01D636350983E94171E229C759468] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.59264]
[MD5.4F87179386948D61FBF74B0DDF265170] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.58588]
[MD5.2F777711F4A380AACADBB85A3E7EBFCB] - (.Adobe Systems, Inc. - Adobe Flash Player 13.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe [1864368] [PID.58924]
[MD5.EDBBDEBE0FDF577A647216C452773A90] - (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2288928] [PID.3788]
[MD5.6101A08505E45E1230A67FB8E32A707F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8070656] [PID.60264]
~ Processes Running: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\prefs.js
M3 - MFPP: Plugins - [Asus] -- C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\searchplugins\yahoo_ff.xml
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Cleberton\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
~ Firefox Browser: 6 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbieh.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object [64Bits] - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Adblock Plus - Adblock Plus Module.) -- C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} Chave orfã
~ BHO: 14 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_ECE00F09D270EBDE7FE493E9300A86ED] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [Lync] . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [ASUSPRP] . (.ASUSTek Computer Inc. - ASUS Product Register Program.) -- C:\Program Files (x86)\ASUS\APRP\APRP.exe
O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ASUS Cloud Corporation - ASUS WebStorage Panel.) -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [IObit Malware Fighter] . (.IObit - IObit Malware Fighter.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
O4 - HKUS\S-1-5-21-3021880120-1401051815-2693949732-1001\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKUS\S-1-5-21-3021880120-1401051815-2693949732-1001\..\Run: [GoogleChromeAutoLaunch_ECE00F09D270EBDE7FE493E9300A86ED] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-3021880120-1401051815-2693949732-1001\..\Run: [Lync] . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Clique para Telefonar do Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\Microsoft Office\Office15\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{16F65252-6E84-4D51-A31E-8F16C85BA4BA}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{16F65252-6E84-4D51-A31E-8F16C85BA4BA}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.25.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Asus WebStorage Windows Service (Asus WebStorage Windows Service) . (.No owner - Asus WebStorage Windows Service.) - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: RLCKpEe (RLCKpEe) . (.GenTechnologies Apps, LLC - Movie Mode Service.) - C:\ProgramData\UikkyU\RLCKpEe.exe
O23 - Service: Service KMSELDI (Service KMSELDI) . (.No owner - Service_KMS.) - C:\Program Files\KMSpico\Service_KMS.exe =>PUP.KMSpico
~ Services: 17 Legitimates Filtered in 00mn 03s



---\\ Tarefas planificadas automaticamente (039)
[MD5.E3FEA8060978EAB6FA5D40E74DE6308B] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe [1051416] =>PUP.KMSpico
O39 - APT: - (..) -- C:\Windows\Tasks\ASC7_SkipUac_Asus.job [250]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1070]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1074]
O39 - APT: - (..) -- C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job [286]
~ Scheduled Task: 18 Legitimates Filtered in 00mn 04s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (Bfilter) . (. - .) - C:\WINDOWS\system32\drivers\Bfilter.sys (.not file.)
O41 - Driver: (Bfmon) . (. - .) - C:\WINDOWS\system32\drivers\Bfmon.sys (.not file.)
O41 - Driver: (Bnbase) . (. - .) - C:\Windows\System32\drivers\bnbasex64.sys (.not file.)
O41 - Driver: (Bndef) . (. - .) - C:\WINDOWS\system32\drivers\bndef64.sys (.not file.)
~ Drivers: 44 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: KMSpico v9.1.3 - (...) [HKLM][64Bits] -- KMSpico_is1 =>PUP.KMSpico
~ Logic: 9 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Baidu Security]
[HKCU\Software\CJN]
[HKCU\Software\GbAs]
[HKCU\Software\Tribo Gamer]
[HKLM\Software\Baidu Security]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Baidu_Drp_pos]
[HKLM\Software\Wow6432Node\GameVicio]
[HKLM\Software\Wow6432Node\Universal]
~ Key Software: 244 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/06/2014 - 01:26:35 - [] ----D C:\Program Files (x86)\Baidu Security
O43 - CFD: 04/05/2014 - 00:45:25 - [] ----D C:\Program Files (x86)\GameVicio
O43 - CFD: 13/05/2014 - 16:24:13 - [0] ----D C:\Program Files (x86)\Modern
O43 - CFD: 20/06/2014 - 14:36:34 - [] ----D C:\Program Files (x86)\Tribo Gamer
O43 - CFD: 16/05/2014 - 14:56:49 - [] ----D C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
O43 - CFD: 14/06/2014 - 19:15:15 - [] ----D C:\ProgramData\Baidu Security
O43 - CFD: 10/06/2014 - 22:56:44 - [] ----D C:\ProgramData\UikkyU
O43 - CFD: 02/04/2014 - 20:10:03 - [] ----D C:\Users\Cleberton\AppData\Roaming\Baidu Security
O43 - CFD: 20/06/2014 - 12:49:54 - [] ----D C:\Users\Cleberton\AppData\Local\MovieMode =>PUP.MovieMode
O43 - CFD: 16/05/2014 - 17:51:21 - [] ----D C:\Users\Cleberton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio
~ Program Folder: 170 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.3FD5E0C5323C974F1BEE596D620913F5] - 08/06/2014 - 12:17:30 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [158494]
O44 - LFC:[MD5.5EB3EEE350D391CA3953905763EC68A7] - 08/06/2014 - 12:17:30 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [774900]
O44 - LFC:[MD5.B7CC32E00C5C5152D221DF182827F58E] - 11/06/2014 - 00:44:13 ---A- . (...) -- C:\Windows\System32\srms.dat [50745]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 20/06/2014 - 15:58:49 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.3A8CFEA8579737C6FF731962A37BB1B5] - 20/06/2014 - 19:12:37 ---A- . (...) -- C:\zoek-results.log [30823]
~ Files: 95 Legitimates Filtered in 00mn 10s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 21 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:28/05/2014 - 15:46:24 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [270912]
O58 - SDL:02/08/2012 - 00:22:48 ---A- . (.No owner - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [14992]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 46 Legitimates Filtered in 00mn 02s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.4A93070098539B54FDA391D4D551C880] [SPRF][22/07/2009] (...) -- C:\ProgramData\SetStretch.exe [24576]
[MD5.ED4039AC31D7B2E85AC1373C49C01CD7] [SPRF][20/06/2014] (...) -- C:\Users\Cleberton\AppData\Roaming\sp_data.sys [74]
[MD5.475CDDCD3567B392267749B8E995EF73] [SPRF][23/04/2014] (...) -- C:\Users\Cleberton\AppData\Roaming\unins000.dat [17359]
~ Files: 3 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "UDP Query User{7D34209D-E7D5-46BC-8092-34991B695D06}C:\users\cleberton\desktop\utorrentportable\app\utorrent\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\cleberton\desktop\utorrentportable\app\utorrent\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "TCP Query User{6F868F9C-41DB-4183-83ED-D04AE7B67422}C:\users\cleberton\desktop\utorrentportable\app\utorrent\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\cleberton\desktop\utorrentportable\app\utorrent\utorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Legitimates Filtered in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\trolatunt_RASAPI32 =>PUP.Trolatunt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\trolatunt_RASMANCS =>PUP.Trolatunt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatetrolatunt_RASAPI32 =>PUP.Trolatunt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatetrolatunt_RASMANCS =>PUP.Trolatunt
~ BTK: 25 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 01/10/2013 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 06/04/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 06/04/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Auto 03/12/2013 2151200 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Demand 18/06/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 11/12/2013 1050904 | (Service KMSELDI) . (...) - C:\Program Files\KMSpico\Service_KMS.exe =>PUP.KMSpico
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/01/2014 881952 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 05/10/2012 110976 | (ASLDRService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 13/04/2012 277120 | (ASUS InstantOn) . (.ASUS.) - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
SR - | Auto 19/12/2012 72192 | (Asus WebStorage Windows Service) . (...) - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
SR - | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 06/05/2014 528424 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SR - | Auto 13/09/2012 2466448 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 24/01/2014 342336 | (IMFservice) . (.IObit.) - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 27/06/2012 129856 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 25/06/2012 166720 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/07/2012 277824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 10/06/2014 2298224 | (RLCKpEe) . (.GenTechnologies Apps, LLC.) - C:\ProgramData\UikkyU\RLCKpEe.exe
SR - | Auto 17/07/2012 365376 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Auto 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 08s



---\\ Scâner Aditional (088)
Database Version : 13026 - (19/06/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 1

[HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI] =>PUP.KMSpico^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1] =>PUP.KMSpico^
C:\Users\Cleberton\AppData\Local\MovieMode =>PUP.MovieMode^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUP.KMSpico
C:\Program Files\KMSpico\AutoPico.exe =>PUP.KMSpico^
~ Additionnel Scan: 272849 Items scanned in 00mn 38s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Browser Helper Objects do navegador (02)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 3 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.] =>PUP.KMSpico
~ MSI: 1 link(s) detected in 00mn 00s



~ 736 Legitimates filtered by white list
End of the scan (474 lines in 01mn 27s)(0)
avatar
Underoath
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 20/06/2014
Localização : Curitiba/PR

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Power Max em Sab 21 Jun 2014, 00:07

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

Escolhendo Programas que Iniciam com o PC

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC.
______________________________________________________________________________________

 Acesse o site [Você precisa estar registrado e conectado para ver este link.] e envie este arquivo destacado em negrito abaixo para ser analisado:

C:\ProgramData\UikkyU\RLCKpEe.exe

Assim que a análise dele for concluída, copie o link que aparecerá na barra de endereços de seu navegador e poste este link em sua próxima resposta juntamente com o relatório do ZHPFix pedido abaixo nesta postagem.

Maiores informações de como analisar arquivos no site Virus Total você encontra neste tutorial:

Analise arquivos e links suspeitos de forma online e totalmente gratuita
________________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta juntamente com o link da análise do arquivo no site Virus Total.


Última edição por Power Max em Sab 21 Jun 2014, 01:31, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Underoath em Sab 21 Jun 2014, 00:24

[Você precisa estar registrado e conectado para ver este link.]



Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Asus at 21/06/2014 00:23:24
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)

Reciclagem vazia (00mn 02s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bnbase
ELIMINÉ Driver Key: Bndef
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\trolatunt_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\trolatunt_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatetrolatunt_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatetrolatunt_RASMANCS

========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (25) (831.779 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
11 : Chaves do Registo
6 : Valores do Registo
1 : Pastas
2 : Ficheiros
1 : Restauração Sistema


End of clean in 00mn 08s

========== Caminho do ficheiro do relatório ==========
C:\Users\Cleberton\AppData\Roaming\ZHP\ZHPFix[R1].txt - 21/06/2014 00:23:26 [1645]
avatar
Underoath
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 20/06/2014
Localização : Curitiba/PR

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Power Max em Sab 21 Jun 2014, 00:29

No caso da análise no site Virus Total você tem certeza de que enviou este arquivo abaixo para ser analisado? Porque no link que você postou está informando que outro arquivo foi analisado há três dias atrás.

C:\ProgramData\UikkyU\RLCKpEe.exe

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Underoath em Sab 21 Jun 2014, 00:38

Eu apertei para reanalisar e apareceu isso agora.

[Você precisa estar registrado e conectado para ver este link.]
avatar
Underoath
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 20/06/2014
Localização : Curitiba/PR

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Power Max em Sab 21 Jun 2014, 00:46

Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Underoath em Sab 21 Jun 2014, 00:54

~ Relatório do ZHPDiag v2014.6.19.94 - Nicolas Coolman (19/06/2014)
~ Iniciado por Asus (21/06/2014 00:53:29)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17126
MFIE: Mozilla Firefox 30.0 (Defaut)
GCIE: Google Chrome v35.0.1916.153

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 8.1 Single Language, 64-bit (Build 9600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Windows Defender W8 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.12

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader X MUI
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3917 MB (45% free)
System Restore: Activé (Enable)
System drive C: has 107 GB (57%) free of 186 GB

---\\ Modo de conexão ao sistema
~ Computer Name: ASUS
~ User Name: Asus
~ All Users Names: HomeGroupUser$, Convidado, Asus, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Cleberton\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Cleberton\AppData\Roaming\
~ %Desktop% : C:\Users\Cleberton\Desktop\
~ %Favorites% : C:\Users\Cleberton\Favorites\
~ %LocalAppData% : C:\Users\Cleberton\AppData\Local\
~ %StartMenu% : C:\Users\Cleberton\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 107 Go of 186 Go)
D: Hard drive, Flash drive, Thumb drive (Free 258 Go of 258 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Windows Explorer.) (.16/05/2014 - 17:35:19.) -- C:\Windows\Explorer.exe [2373784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.22/08/2013 - 06:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.40BFD9D6EC8E174145F012246CA73CCD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.11/06/2014 - 00:42:20.) -- C:\Windows\System32\wininet.dll [2266112]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.18/03/2014 - 07:18:16.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.18/03/2014 - 07:18:16.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.7C7BE474915166B61B84C025F1F10157] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.16/05/2014 - 17:31:38.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 09:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 08:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 05:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/05/2014 - 17:35:19.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.498288DD5CA42C2D36D125893E968C53] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.16/05/2014 - 17:31:37.) -- C:\Windows\system32\Drivers\HDAudBus.sys [77312]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Driver de porta i8042.) (.22/08/2013 - 08:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.18/03/2014 - 07:18:19.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.7A1A3F213CDB3363D179D5014272025D] - (.Microsoft Corporation - Minirdr SMB do Windows NT.) (.11/06/2014 - 00:44:13.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 08:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.16/05/2014 - 17:35:19.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Driver de porta paralela.) (.22/08/2013 - 08:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 08:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecionador do Dispositivo RDP da Microsoft.) (.18/03/2014 - 06:44:42.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 10:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.4BB9BC49DEE1A319EC58274A7BBED663] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.16/05/2014 - 17:31:37.) -- C:\Windows\system32\Drivers\volsnap.sys [310616]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/12
~ Mes musiques (My Musics) : 1/22
~ Mes Videos (My Videos) : 1/4
~ Mes Favoris (My Favorites) : 1/7
~ Mes Documents (My Documents) : 2/3055
~ Mon Bureau (My Desktop) : 2/145
~ Menu demarrer (Programs) : 1/29
~ Hidden Files: Scanned in 00mn 00s



---\\ Processos lançados
[MD5.6C856C581ACE1785CE3FC2414E9859A3] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952] [PID.864]
[MD5.43B1125D14E8797FDA9D5E167EB50AE3] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe [528424] [PID.76]
[MD5.E40AF754F43E3B44E2D6DE829267AD52] - (.ASUSTek Computer Inc. - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [110976] [PID.1200]
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1236]
[MD5.E38AC5D38C757EE5B6230A0C56791EE4] - (.IObit - IObit Malware Fighter Service.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336] [PID.1452]
[MD5.6A122B4F0E5293CACFA8A5F2CBA9B356] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120] [PID.1560]
[MD5.78ABBE558F57144047F10A0F50FE4B2F] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720] [PID.1728]
[MD5.5DD5D0A2D7D3B3A9A2BCBB8FCFA1B80D] - (.GenTechnologies Apps, LLC - Movie Mode Service.) -- C:\ProgramData\UikkyU\RLCKpEe.exe [2298224] [PID.1856]
[MD5.8969286F44A62758AACBD38F27D59BF5] - (.ASUSTek Computer Inc. - HControl.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [184704] [PID.2748]
[MD5.3A8D1E216D2F16551B37234E6E7341CB] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe [590208] [PID.2760]
[MD5.B07086D59443DAC6A668D691B27B968C] - (.ASUSTeK Computer Inc. - ASUS Color Engine.) -- C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [176240] [PID.2808]
[MD5.97432AB9F1B3B3E63E778C1E69E71E91] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032] [PID.2828]
[MD5.C570FD825751F7805CE226F68C4605DE] - (.ASUS - ACMON.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [54488] [PID.2836]
[MD5.C6D3BB61E24F66EB976C6CC55346B5F2] - (.ASUS - ASUS InstantOn.) -- C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [1196416] [PID.2844]
[MD5.4F870EF9292559AB9DE6F31527A1DCBF] - (.ASUSTek Computer Inc. - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe [113312] [PID.2992]
[MD5.2D32F0EF950AED6AD007D042676FD39E] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [328064] [PID.3024]
[MD5.0B50F07E63EE15383CDFDC26D7A3D3E3] - (.ASUSTek Computer Inc. - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [205184] [PID.2988]
[MD5.397D14958D6C9C2B365469A857B2AC4E] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe [230792] [PID.3196]
[MD5.83FF82FE209E7997067B375DAD6CF23D] - (.Intel Corporation - Intel(R) Integrated Clock Controller Servic.) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752] [PID.1892]
[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288] [PID.4324]
[MD5.B7995C675014EEBE77A0BEB7AFCCFC08] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432] [PID.4552]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.4624]
[MD5.DB0C938BC311B31CF90C13821AE682B3] - (.ASUSTeK Computer Inc. - ASUS Live Update.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1559936] [PID.4320]
[MD5.1BDAB8A2AD5080027DDA901465803BD7] - (.IObit - IObit Malware Fighter.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1592640] [PID.3424]
[MD5.0C2F9B66D80EE02A51D0CB15E2F61864] - (.No owner - Real-time Protector.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe [1214240] [PID.4584]
[MD5.F7AB23B768E0470EAA01353F7CCCDB4B] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20280] [PID.5108]
[MD5.9656F8E29F6C3161A3E99BCD3A472FF9] - (.Intel Corporation - Intel(R) ME Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856] [PID.1792]
[MD5.2C24DC448DBE8DB9BE1441B824C57E79] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277824] [PID.3408]
[MD5.E1A119AD21F5AFE22EB516C549306D3D] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [365376] [PID.3956]
[MD5.598396AE125095BBEDFAC532854D7EB7] - (.IObit - Game Booster.) -- C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe [609624] [PID.1976]
[MD5.7DCE7A74764EB7C67D21A32BC579453D] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [507264] [PID.244]
[MD5.EDBBDEBE0FDF577A647216C452773A90] - (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2288928] [PID.3788]
[MD5.F9693D45B0F1B346CCDEEC1F341AD389] - (.Intel Corporation - IntelCpHeciSvc Executable.) -- C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [279000] [PID.59376]
[MD5.B1E01D636350983E94171E229C759468] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.61296]
[MD5.4F87179386948D61FBF74B0DDF265170] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.58900]
[MD5.2F777711F4A380AACADBB85A3E7EBFCB] - (.Adobe Systems, Inc. - Adobe Flash Player 13.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe [1864368] [PID.56612]
[MD5.6101A08505E45E1230A67FB8E32A707F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8070656] [PID.56696]
~ Processes Running: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\prefs.js
M3 - MFPP: Plugins - [Asus] -- C:\Users\Cleberton\AppData\Roaming\Mozilla\Firefox\Profiles\y476e4js.default\searchplugins\yahoo_ff.xml
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Cleberton\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
~ Firefox Browser: 6 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense [64Bits] - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files (x86)\GbPlugin\gbieh.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object [64Bits] - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Adblock Plus - Adblock Plus Module.) -- C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} Chave orfã
~ BHO: 14 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKCU\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_ECE00F09D270EBDE7FE493E9300A86ED] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [Lync] . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [ASUSPRP] . (.ASUSTek Computer Inc. - ASUS Product Register Program.) -- C:\Program Files (x86)\ASUS\APRP\APRP.exe
O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ASUS Cloud Corporation - ASUS WebStorage Panel.) -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [IObit Malware Fighter] . (.IObit - IObit Malware Fighter.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
O4 - HKUS\S-1-5-21-3021880120-1401051815-2693949732-1001\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKUS\S-1-5-21-3021880120-1401051815-2693949732-1001\..\Run: [GoogleChromeAutoLaunch_ECE00F09D270EBDE7FE493E9300A86ED] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-3021880120-1401051815-2693949732-1001\..\Run: [Lync] . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
~ Application: Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Clique para Telefonar do Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\Microsoft Office\Office15\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{16F65252-6E84-4D51-A31E-8F16C85BA4BA}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{16F65252-6E84-4D51-A31E-8F16C85BA4BA}: DhcpNameServer = 192.168.25.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.25.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Asus WebStorage Windows Service (Asus WebStorage Windows Service) . (.No owner - Asus WebStorage Windows Service.) - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
O23 - Service: RLCKpEe (RLCKpEe) . (.GenTechnologies Apps, LLC - Movie Mode Service.) - C:\ProgramData\UikkyU\RLCKpEe.exe
O23 - Service: Service KMSELDI (Service KMSELDI) . (.No owner - Service_KMS.) - C:\Program Files\KMSpico\Service_KMS.exe =>PUP.KMSpico
~ Services: 17 Legitimates Filtered in 00mn 02s



---\\ Tarefas planificadas automaticamente (039)
[MD5.E3FEA8060978EAB6FA5D40E74DE6308B] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe [1051416] =>PUP.KMSpico
O39 - APT: - (..) -- C:\Windows\Tasks\ASC7_SkipUac_Asus.job [250]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1070]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1074]
O39 - APT: - (..) -- C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job [286]
~ Scheduled Task: 18 Legitimates Filtered in 00mn 01s



---\\ Software instalados (042)
O42 - Logiciel: KMSpico v9.1.3 - (...) [HKLM][64Bits] -- KMSpico_is1 =>PUP.KMSpico
~ Logic: 9 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\CJN]
[HKCU\Software\GbAs]
[HKCU\Software\Tribo Gamer]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\GameVicio]
[HKLM\Software\Wow6432Node\Universal]
~ Key Software: 240 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/05/2014 - 00:45:25 - [] ----D C:\Program Files (x86)\GameVicio
O43 - CFD: 13/05/2014 - 16:24:13 - [0] ----D C:\Program Files (x86)\Modern
O43 - CFD: 20/06/2014 - 14:36:34 - [] ----D C:\Program Files (x86)\Tribo Gamer
O43 - CFD: 16/05/2014 - 14:56:49 - [] ----D C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
O43 - CFD: 10/06/2014 - 22:56:44 - [] ----D C:\ProgramData\UikkyU
O43 - CFD: 21/06/2014 - 00:23:49 - [] ----D C:\Users\Cleberton\AppData\Local\MovieMode =>PUP.MovieMode
O43 - CFD: 16/05/2014 - 17:51:21 - [] ----D C:\Users\Cleberton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio
~ Program Folder: 167 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.3FD5E0C5323C974F1BEE596D620913F5] - 08/06/2014 - 12:17:30 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [158494]
O44 - LFC:[MD5.5EB3EEE350D391CA3953905763EC68A7] - 08/06/2014 - 12:17:30 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [774900]
O44 - LFC:[MD5.B7CC32E00C5C5152D221DF182827F58E] - 11/06/2014 - 00:44:13 ---A- . (...) -- C:\Windows\System32\srms.dat [50745]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 20/06/2014 - 15:58:49 ---A- . (...) -- C:\Windows\zoek-delete.exe [24064]
O44 - LFC:[MD5.3A8CFEA8579737C6FF731962A37BB1B5] - 20/06/2014 - 19:12:37 ---A- . (...) -- C:\zoek-results.log [30823]
~ Files: 95 Legitimates Filtered in 00mn 01s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 21 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:12/08/2013 - 20:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:28/05/2014 - 15:46:24 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [270912]
O58 - SDL:02/08/2012 - 00:22:48 ---A- . (.No owner - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [14992]
O58 - SDL:22/08/2013 - 09:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 46 Legitimates Filtered in 00mn 00s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.4A93070098539B54FDA391D4D551C880] [SPRF][22/07/2009] (...) -- C:\ProgramData\SetStretch.exe [24576]
[MD5.ED4039AC31D7B2E85AC1373C49C01CD7] [SPRF][20/06/2014] (...) -- C:\Users\Cleberton\AppData\Roaming\sp_data.sys [74]
[MD5.475CDDCD3567B392267749B8E995EF73] [SPRF][23/04/2014] (...) -- C:\Users\Cleberton\AppData\Roaming\unins000.dat [17359]
~ Files: 3 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "UDP Query User{7D34209D-E7D5-46BC-8092-34991B695D06}C:\users\cleberton\desktop\utorrentportable\app\utorrent\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\cleberton\desktop\utorrentportable\app\utorrent\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "TCP Query User{6F868F9C-41DB-4183-83ED-D04AE7B67422}C:\users\cleberton\desktop\utorrentportable\app\utorrent\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\users\cleberton\desktop\utorrentportable\app\utorrent\utorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 00s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 06/04/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 06/04/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Auto 03/12/2013 2151200 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Demand 18/06/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 11/12/2013 1050904 | (Service KMSELDI) . (...) - C:\Program Files\KMSpico\Service_KMS.exe =>PUP.KMSpico
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/01/2014 881952 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 05/10/2012 110976 | (ASLDRService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 13/04/2012 277120 | (ASUS InstantOn) . (.ASUS.) - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
SR - | Auto 19/12/2012 72192 | (Asus WebStorage Windows Service) . (...) - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
SR - | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Demand 01/10/2013 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SR - | Auto 06/05/2014 528424 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files (x86)\GbPlugin\gbpsv.exe
SR - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SR - | Auto 13/09/2012 2466448 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 24/01/2014 342336 | (IMFservice) . (.IObit.) - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 27/06/2012 129856 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 25/06/2012 166720 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/07/2012 277824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 10/06/2014 2298224 | (RLCKpEe) . (.GenTechnologies Apps, LLC.) - C:\ProgramData\UikkyU\RLCKpEe.exe
SR - | Auto 17/07/2012 365376 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Auto 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 07s



---\\ Scâner Aditional (088)
Database Version : 13026 - (19/06/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 1

[HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI] =>PUP.KMSpico^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1] =>PUP.KMSpico^
C:\Users\Cleberton\AppData\Local\MovieMode =>PUP.MovieMode^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUP.KMSpico
C:\Program Files\KMSpico\AutoPico.exe =>PUP.KMSpico^
~ Additionnel Scan: 272232 Items scanned in 00mn 17s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.] =>.Internet Explorer, Gestão do Proxy (R5)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Browser Helper Objects do navegador (02)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Aplicações iniciadas por registo & pastas (04)
~ AMI: 3 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.] =>PUP.KMSpico
~ MSI: 1 link(s) detected in 00mn 00s



~ 721 Legitimates filtered by white list
End of the scan (450 lines in 00mn 43s)(0)
avatar
Underoath
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 20/06/2014
Localização : Curitiba/PR

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Power Max em Sab 21 Jun 2014, 01:05

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta e nos diga como está seu PC depois disto.


Última edição por Power Max em Sab 21 Jun 2014, 01:32, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Underoath em Sab 21 Jun 2014, 01:13

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Asus at 21/06/2014 01:10:30
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)

Reciclagem vazia (00mn 01s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ: Service: RLCKpEe

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\programdata\uikkyu\rlckpee.exe
ELIMINÉ Temporários windows (1) (953 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
1 : Chaves do Registo
1 : Pastas
3 : Ficheiros
1 : Restauração Sistema


End of clean in 00mn 03s

========== Caminho do ficheiro do relatório ==========
C:\Users\Cleberton\AppData\Roaming\ZHP\ZHPFix[R1].txt - 21/06/2014 00:23:26 [1729]
C:\Users\Cleberton\AppData\Roaming\ZHP\ZHPFix[R2].txt - 21/06/2014 01:10:32 [1000]



OI. Mesmo fazendo isso, ainda redireciona para moviehddownloader.com/player/?.

O desemprenho do pc está bom, mas continua com esse problemas em alguns sites, sempre direcionando para moviehddownloader.com/player/?
avatar
Underoath
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 20/06/2014
Localização : Curitiba/PR

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Power Max em Sab 21 Jun 2014, 01:16

Faça o download do Malwarebytes em um destes links abaixo:
[Você precisa estar registrado e conectado para ver este link.]
[Você precisa estar registrado e conectado para ver este link.]

Para instalá-lo e executá-lo corretamente siga, por gentileza, as dicas desta postagem:

Tutorial do Malwarebytes Anti-Malware

Na sua próxima resposta poste este log (relatório) do Malwarebytes.

Ficamos no aguardo.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Underoath em Sab 21 Jun 2014, 01:25

Oi. Eu resolvi reiniciar o pc.
E agora parece não estar mias redirecionando.
Eu preciso baixar esse outro programa ? Ou parece estar tudo certo?

E aqueles outros programas que baixei? Não tem problema de deixa-los no pc?

Obrigado msm.
avatar
Underoath
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 20/06/2014
Localização : Curitiba/PR

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Power Max em Sab 21 Jun 2014, 01:30

Se no futuro for necessário, é só você executar o Malwarebytes como te indiquei no tutorial acima.

isso aí! Fico feliz que o problema tenha sido resolvido.

Só para finalizar siga estes tutoriais abaixo, por gentileza:

Excluindo erros e otimizando seu PC com o CCleaner

Elimine arquivos inúteis de seu PC com o PureRa
_______________________________________________________________________________________________________________________

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas deste tutorial.
_______________________________________________________________________________________________________________________

Foi um prazer ajudar. Conte sempre conosco!

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Underoath em Sab 21 Jun 2014, 01:49

Ok.

Obrigado.
avatar
Underoath
Iniciante
Iniciante

Mensagens : 10
Reputação : 0
Data de inscrição : 20/06/2014
Localização : Curitiba/PR

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Power Max em Sab 21 Jun 2014, 10:33

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da Equipe da Moderação solicitando o desbloqueio.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Redirecionamento de páginas!

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum