Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14412 usuários registrados
O último usuário registrado atende pelo nome de LucasDrBr

Os nossos membros postaram um total de 35075 mensagens em 3551 assuntos
Quem está conectado
1 usuário online :: Nenhum usuário registrado, Nenhum Invisível e 1 Visitante :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Julho 2017
SegTerQuaQuiSexSabDom
     12
3456789
10111213141516
17181920212223
24252627282930
31      

Calendário Calendário

Palavras chave


CE_UmbrellaCert

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

CE_UmbrellaCert

Mensagem por Fernando Diego em Seg 26 Maio 2014, 06:11

Surgiu em meu Pc esse certificado de segurança para ser instalado, como faço para me livra dessas mensagens.
avatar
Fernando Diego
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Power Max em Seg 26 Maio 2014, 10:07

  Olá Fernando.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

Remova adwares e toolbars maliciosas com o Adwcleaner

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Fernando Diego em Seg 26 Maio 2014, 11:53

# AdwCleaner v3.211 - Relatório criado 26/05/2014 às 11:45:56
# Atualizado 26/05/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate  (32 bits)
# Usuário : lourinaldo - LOURINALDO-PC
# Executando de : C:\Users\lourinaldo\Downloads\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****

[#] Serviço Deletada : IePluginService
[#] Serviço Deletada : WajamUpdaterV2
[#] Serviço Deletada : winzipersvc
[#] Serviço Deletada : Wpm

***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\Ask
Pasta Deletada : C:\ProgramData\Babylon
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\BitGuard
Pasta Deletada : C:\ProgramData\BonanzaDealsLive
Pasta Deletada : C:\ProgramData\eSafe
Pasta Deletada : C:\ProgramData\FreeRIP
Pasta Deletada : C:\ProgramData\IePluginService
Pasta Deletada : C:\ProgramData\SaveSenseLive
Pasta Deletada : C:\ProgramData\VisualBee
Pasta Deletada : C:\ProgramData\WPM
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Pasta Deletada : C:\Program Files\iSafe
Pasta Deletada : C:\Program Files\SaveSenseLive
Pasta Deletada : C:\Program Files\SupTab
Pasta Deletada : C:\Program Files\WinZipper
Pasta Deletada : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Pasta Deletada : C:\Users\lourinaldo\AppData\Local\Beamrise
Pasta Deletada : C:\Users\lourinaldo\AppData\Local\DownloadGuide
Pasta Deletada : C:\Users\lourinaldo\AppData\Local\emaze
Pasta Deletada : C:\Users\lourinaldo\AppData\Local\SaveSenseLive
Pasta Deletada : C:\Users\lourinaldo\AppData\Local\VisualBeeClient
Pasta Deletada : C:\Users\lourinaldo\AppData\Local\VisualBeeExe
Pasta Deletada : C:\Users\lourinaldo\AppData\LocalLow\BabylonToolbar
Pasta Deletada : C:\Users\lourinaldo\AppData\LocalLow\DataMngr
Pasta Deletada : C:\Users\lourinaldo\AppData\LocalLow\Funmoods
Pasta Deletada : C:\Users\lourinaldo\AppData\LocalLow\VisualBee
Pasta Deletada : C:\Users\lourinaldo\AppData\Roaming\eCyber
Pasta Deletada : C:\Users\lourinaldo\AppData\Roaming\eIntaller
Pasta Deletada : C:\Users\lourinaldo\AppData\Roaming\eUpdate
Pasta Deletada : C:\Users\lourinaldo\AppData\Roaming\iSafe
Pasta Deletada : C:\Users\lourinaldo\AppData\Roaming\OpenCandy
Pasta Deletada : C:\Users\lourinaldo\AppData\Roaming\VisualBee
Pasta Deletada : C:\Users\lourinaldo\AppData\Roaming\WinZipper
Pasta Deletada : C:\Program Files\Mozilla Firefox\Extensions\quickstores@quickstores.de
Pasta Deletada : C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\iefogiieekeeeeaiklglonbockmhmkgd
Pasta Deletada : C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec
Arquivo Deletada : C:\Windows\system32\roboot.exe
Arquivo Deletada : C:\Users\lourinaldo\AppData\Local\funmoods.crx
Arquivo Deletada : C:\Users\lourinaldo\AppData\Local\funmoods-speeddial.crx
Arquivo Deletada : C:\Program Files\Mozilla Firefox\browser\searchplugins\Ask.xml
Arquivo Deletada : C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Arquivo Deletada : C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Arquivo Deletada : C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Arquivo Deletada : C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletada : C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal
Arquivo Deletada : C:\Windows\System32\Tasks\Dealply
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-2.3-codedownloader
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-2.3-enabler.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-2.3-enabler
Arquivo Deletada : C:\Windows\Tasks\Plus-HD-2.3-updater.job
Arquivo Deletada : C:\Windows\System32\Tasks\Plus-HD-2.3-updater
Arquivo Deletada : C:\Windows\System32\Tasks\RunAsStdUser
Arquivo Deletada : C:\Windows\Tasks\VisualBee-enabler.job
Arquivo Deletada : C:\Windows\System32\Tasks\VisualBee-enabler

***** [ Atalhos ] *****

Atalho Desinfectada : C:\Users\lourinaldo\Desktop\Favoritos\Corinthians x Rio Claro  brcast.com.lnk

***** [ Registro ] *****

Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\cloikdolicapcipfoncopeialjfhabgf
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ijblflkdjdopkpdgllkmlbgcffjbnfda
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2A7E07AE-2FD4-4EBD-B063-8DC43ACBA3E0}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A7E07AE-2FD4-4EBD-B063-8DC43ACBA3E0}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FE77E063-088F-40A1-8E54-3A720241F762}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE77E063-088F-40A1-8E54-3A720241F762}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{948D75C6-9204-4EA2-8F09-9B0B9EEF75CF}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{948D75C6-9204-4EA2-8F09-9B0B9EEF75CF}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B81069EA-D89A-4EDD-B1F7-5FA3485FE75A}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B81069EA-D89A-4EDD-B1F7-5FA3485FE75A}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47D539FD-8231-45D4-A0A7-F86F97977AEC}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47D539FD-8231-45D4-A0A7-F86F97977AEC}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4DFE8426-9218-43C3-80E4-FDDA5683D115}
[#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DFE8426-9218-43C3-80E4-FDDA5683D115}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\f
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Chave Deletedo : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FreeRIP3_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FreeRIP3_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\plus-hd-2_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\plus-hd-2_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wpm_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wpm_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Valor Deletedo : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Valor Deletedo : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Chave Deletedo : HKCU\Software\5f28ddab43ce514
Chave Deletedo : HKLM\SOFTWARE\5f28ddab43ce514
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F386E548-C533-472E-8C61-C026FB14FEA9}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4A7AAC3-D9C2-4D61-8892-5DD64B6F2078}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Chave Deletedo : HKCU\Software\APN PIP
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\BrowserMngr
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\Microsoft\Babylon
Chave Deletedo : HKCU\Software\PIP
Chave Deletedo : HKCU\Software\visualbee
Chave Deletedo : HKCU\Software\AppDataLow\Software
Chave Deletedo : HKLM\Software\hdcode
Chave Deletedo : HKLM\Software\iSafe
Chave Deletedo : HKLM\Software\PIP
Chave Deletedo : HKLM\Software\qone8Software
Chave Deletedo : HKLM\Software\SafetyNut
Chave Deletedo : HKLM\Software\SupTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\V9
Chave Deletedo : HKLM\Software\winzipersvc
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveSenseLive.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Navegadores ] *****

-\\ Internet Explorer v9.0.8112.16457

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v29.0.1 (pt-BR)

[ Arquivo : C:\Users\lourinaldo\AppData\Roaming\Mozilla\Firefox\Profiles\kzh3385q.default-1400810480442\prefs.js ]


-\\ Google Chrome v35.0.1916.114

[ Arquivo : C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Startup_urls] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Extension] : aaaaojmikegpiepcfdkkjaplodkpfmlo
Deletedo [Extension] : amfclgbdpgndipgoegfpkkgobahigbcl
Deletedo [Extension] : bbjciahceamgodcoidkjpchnokgfpphh
Deletedo [Extension] : cjpglkicenollcignonpgiafdgfeehoj
Deletedo [Extension] : iefogiieekeeeeaiklglonbockmhmkgd
Deletedo [Extension] : ijblflkdjdopkpdgllkmlbgcffjbnfda
Deletedo [Extension] : omfoidjpeklpjhlhabhcomekbkclkbec

*************************

AdwCleaner[R0].txt - [24299 octets] - [26/05/2014 11:44:46]
AdwCleaner[S0].txt - [22222 octets] - [26/05/2014 11:45:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22283 octets] ##########
avatar
Fernando Diego
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Power Max em Seg 26 Maio 2014, 11:54

Qual antivirus você usa?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Fernando Diego em Seg 26 Maio 2014, 12:00

Avast
avatar
Fernando Diego
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Power Max em Seg 26 Maio 2014, 12:01

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Seg 26 Maio 2014, 13:46, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Fernando Diego em Seg 26 Maio 2014, 12:41

Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by lourinaldo on 26/05/2014 at 12:19:42,43.
Microsoft Windows 7 Ultimate  6.1.7600  x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\lourinaldo\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-26-151032.log 279 bytes
C:\zoek-results2014-05-26-151208.log 1383 bytes

==== System Restore Info ======================

26/05/2014 12:21:41 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1       localhost
::1             localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\LOURIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\kzh3385q.default-1400810480442\prefs.js:

Added to C:\Users\LOURIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\kzh3385q.default-1400810480442\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\LOURIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\kzh3385q.default-1400810480442

user.js not found
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 3);
---- FireFox user.js and prefs.js backups ----

prefs_052014_1231_.backup

==== Deleting Files \ Folders ======================

C:\Program Files\GUT5EC.tmp deleted
C:\Program Files\GUM5EB.tmp deleted
C:\Program Files\Browser Tab Search by Ask deleted
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\22find.lnk deleted
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.lnk deleted
C:\Users\lourinaldo\AppData\Roaming\AutoGK.ini deleted
C:\Windows\system32\config\systemprofile\AppData\Roaming\DealPly deleted
C:\PROGRA~2\FileSplitUpLoad.dll deleted
C:\PROGRA~2\boost_interprocess deleted
C:\PROGRA~2\InstallMate deleted
C:\Users\lourinaldo\AppData\Local\avgchrome deleted
C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\novo_price_comparison.crx deleted
C:\Windows\wininit.ini deleted
C:\Windows\tasks\Plus-HD-2.3-chromeinstaller.job deleted
C:\Windows\tasks\Plus-HD-2.3-firefoxinstaller.job deleted
C:\Windows\tasks\Plus-HD-2.5-chromeinstaller.job deleted
C:\Windows\tasks\Plus-HD-2.5-codedownloader.job deleted
C:\Windows\tasks\Plus-HD-2.5-enabler.job deleted
C:\Windows\tasks\Plus-HD-2.5-firefoxinstaller.job deleted
C:\Windows\tasks\Plus-HD-2.5-updater.job deleted
C:\Windows\system32\tasks\Plus-HD-2.3-chromeinstaller deleted
C:\Windows\system32\tasks\Plus-HD-2.3-firefoxinstaller deleted
C:\Windows\system32\tasks\Plus-HD-2.5-chromeinstaller deleted
C:\Windows\system32\tasks\Plus-HD-2.5-codedownloader deleted
C:\Windows\system32\tasks\Plus-HD-2.5-enabler deleted
C:\Windows\system32\tasks\Plus-HD-2.5-firefoxinstaller deleted
C:\Windows\system32\tasks\Plus-HD-2.5-updater deleted
C:\Windows\system32\tasks\Baidu PC Faster Update deleted
C:\Windows\System32\InstallUtil.InstallLog deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted
C:\Users\LOURIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\kzh3385q.default-1400810480442\extensions\firefox@mega.co.nz.xpi deleted
C:\Users\lourinaldo\AppData\Roaming\unins000.exe deleted

==== Folders Found ======================

2014-05-26 14:46:09 2014-05-26 14:46:09 -------- dc----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2013-09-28 18:01:09 2013-09-28 18:01:27 -------- dc----w- C:\ProgramData\Baidu Security
2013-09-28 18:01:09 2013-09-28 18:01:27 -------- dc----w- C:\Users\All Users\Baidu Security

==== Files Found ======================


--- C:\zoek_backup\C_Windows_system32_tasks_Baidu PC Faster Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: -c--a-w-
File size: 3372
Created time: 2014-05-26 15:31:11
Modified time: 2013-09-28 18:01:26
MD5: 97671618836954BA395E84791DC664A6
SHA1: 6184BF18DB0B6AD12628AA2D08AED996E0B0A5E4


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3038395E-5F0F-47F3-888F-65E00CDE5A66}]
"Path"="\\Baidu PC Faster Update"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu PC Faster Update]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"="Baidu Hook Base"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files\\Baidu Security\\Baidu Antivirus"

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\101013-15662-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata\\2013-09-29 10_14_24_0849rpdata.dat"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\101013-15662-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata\\2013-09-29 10_14_24_0849rpdata.dat"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [21/10/2013 10:46]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{87F8774F-B485-47E2-A755-A40A8A5E886C}"="C:\Users\lourinaldo\AppData\Local\GAS Tecnologia\GBBD\bb\xpi" [19/05/2014 23:30]

==== Firefox Extensions ======================

ProfilePath: C:\Users\LOURIN~1\AppData\Roaming\Mozilla\Firefox\Profiles\kzh3385q.default-1400810480442
- YouTube Center - %ProfilePath%\extensions\jid1-cwbvBTE216jjpg@jetpack.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\lourinaldo\AppData\Roaming\Mozilla\Firefox\Profiles\kzh3385q.default-1400810480442
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
B52EFEC8EEF9A7809376795ED3699826 - C:\Users\lourinaldo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll - Módulo de Proteção - Banco do Brasil
14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
14365399E83D7BC15760E8676E890C87 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
785105A23650755A8F7A72405EB0D923 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll - Google Update
025BBEF5A248B09BDC6684747F6EB5BC - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U55
290A0130C74ADCD4546BC6900D1665D9 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.550.14
3A9E1940B4459CC97FDCBB24FCB69004 - c:\program files\real\realplayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
0FCEAA7D12B7B0BA825E5C770B1DCA48 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin
BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit)
EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit)
96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit)
F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin
60F0C2286E9DED9F049E00D60A21ECAE - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eoccbpoodnckjdnackiffhjfkogfhnhh - C:\Program Files\VDownloader\Addons\Chrome.crx[]
gbdabnfmdemcjjadpkpjibhhacggangd - C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\novo_price_comparison.crx[]
gmbbbaglfppalppkhidkpibfjnobmgkn - C:\Program Files\Google\Chrome\User Data\Default\Extensions\chrome.crx[]
hedkbjmpogijaikjjdmnfjpkohboikjg - C:\ProgramData\Download and Sa\hedkbjmpogijaikjjdmnfjpkohboikjg.crx[]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 15:24]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\lourinaldo\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[19/05/2014 23:30]

RealDownloader - lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
VisualBee - lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmkdohofefokfmbnlbgebdapndacfklg
Google Wallet - lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
GBBD Banco do Brasil - lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh

==== Chrome Fix ======================

C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.22find.com_0.localstorage-journal deleted successfully
C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmkdohofefokfmbnlbgebdapndacfklg deleted successfully
C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kmkdohofefokfmbnlbgebdapndacfklg_0.localstorage deleted successfully
C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kmkdohofefokfmbnlbgebdapndacfklg_0.localstorage-journal deleted successfully
C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_kmkdohofefokfmbnlbgebdapndacfklg_0 deleted successfully
C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kmkdohofefokfmbnlbgebdapndacfklg deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
"Search Page"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{125FF7AE-1A1C-E442-8F5C-35270E8C1357} Unknown  Url="Not_Found"
{258BC7BE-C72C-4DC3-9D18-E486290EEFFD} Google  Url="https://www.google.com/search?q={searchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3363274120-5957699-924577136-1000\Software\Microsoft\Internet Explorer\SearchScopes\{125FF7AE-1A1C-E442-8F5C-35270E8C1357} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\support@vdownloader.com deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\wrc@avast.com deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\lourinaldo\Desktop\AdwCleaner - Atalho.lnk - C:\Users\lourinaldo\Downloads\AdwCleaner.exe
C:\Users\lourinaldo\Desktop\Continue Internet Explorer 9.0.lnk - C:\Users\lourinaldo\Downloads\Internet%20Explorer%209.0.exe
C:\Users\lourinaldo\Desktop\ConvertXtoDVD 4.lnk - C:\Program Files\VSO\ConvertX\4\ConvertXtoDvd.exe
C:\Users\lourinaldo\Desktop\Debug - Atalho.lnk - C:\Program Files (x86)\Megamanchristian Games\God Of War Version Pc\Debug.exe
C:\Users\lourinaldo\Desktop\Format Factory.lnk - C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe
C:\Users\lourinaldo\Desktop\pes2010 - Atalho.lnk - C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe
C:\Users\lourinaldo\Desktop\Revo Uninstaller.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\lourinaldo\Desktop\Xadrez Master.lnk - C:\Program Files\RkSoft\Xadrez\xadrez.exe
C:\Users\lourinaldo\Desktop\µTorrent.lnk -  
C:\Users\lourinaldo\Desktop\Favoritos\Band SP  brcast.com.lnk - C:\Program Files\Megacubo\megacubo.exe [Você precisa estar registrado e conectado para ver este link.] SP | brcast.com
C:\Users\lourinaldo\Desktop\Favoritos\Band SP Br Futebol.lnk - C:\Program Files\Megacubo\megacubo.exe [Você precisa estar registrado e conectado para ver este link.] SP (Br Futebol)
C:\Users\lourinaldo\Desktop\Favoritos\Corinthians x Rio Claro  brcast.com.lnk - C:\Program Files\Megacubo\megacubo.exe
C:\Users\lourinaldo\Desktop\Favoritos\Corinthians x Santos  brcast.com.lnk - C:\Program Files\Megacubo\megacubo.exe [Você precisa estar registrado e conectado para ver este link.] x Santos | brcast.com
C:\Users\lourinaldo\Desktop\Favoritos\ESPN Brasil Esportes TV.lnk - C:\Program Files\Megacubo\megacubo.exe [Você precisa estar registrado e conectado para ver este link.] Brasil (Esportes TV)
C:\Users\lourinaldo\Desktop\Favoritos\Esporte Interativo Master TV.lnk - C:\Program Files\Megacubo\megacubo.exe [Você precisa estar registrado e conectado para ver este link.] Interativo (Master TV)
C:\Users\lourinaldo\Desktop\Favoritos\Esporte Interativo NE - Nordeste.lnk - C:\Program Files\Megacubo\megacubo.exe [Você precisa estar registrado e conectado para ver este link.] Interativo NE - Nordeste
C:\Users\lourinaldo\Desktop\Favoritos\Futebol Ao Vivo Vertv100antena.lnk - C:\Program Files\Megacubo\megacubo.exe [Você precisa estar registrado e conectado para ver este link.] Ao Vivo (Vertv100antena)
C:\Users\lourinaldo\Desktop\Favoritos\Globo SP 1 GloboAoVivo.TV.lnk - C:\Program Files\Megacubo\megacubo.exe [Você precisa estar registrado e conectado para ver este link.] SP 1 (GloboAoVivo.TV)
C:\Users\lourinaldo\Desktop\Favoritos\PFC - Premiere FC Esportes TV.lnk - C:\Program Files\Megacubo\megacubo.exe [Você precisa estar registrado e conectado para ver este link.] - Premiere FC (Esportes TV)
C:\Users\lourinaldo\Desktop\Favoritos\SporTV TV Brasil.lnk - C:\Program Files\Megacubo\megacubo.exe [Você precisa estar registrado e conectado para ver este link.] (TV Brasil)

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\avast Free Antivirus.lnk -  
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Public\Desktop\Central de Soluções HP.lnk -  
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Users\Public\Desktop\GoPlayer.lnk - C:\Program Files\GoPlayer\goplayer.exe
C:\Users\Public\Desktop\Loja de Suprimentos HP.lnk - C:\Program Files\HP\HPSSUPPLY\hpqSSupply.exe
C:\Users\Public\Desktop\Megacubo.lnk - C:\Program Files\Megacubo\megacubo.exe
C:\Users\Public\Desktop\MiniTuner.lnk - C:\Program Files\Megacubo\megacubo.exe -load:tuner
C:\Users\Public\Desktop\Nero BackItUp 10.lnk - C:\Windows\Installer\{68AB6930-5BFF-4FF6-923B-516A91984FE6}\BackItUp._AB9F1F47710540918A47B78D2BED5DAD.exe
C:\Users\Public\Desktop\Nero Burning ROM 10.lnk - C:\Windows\Installer\{7A5D731D-B4B3-490E-B339-75685712BAAB}\ScBurningROMStartM_7533AE23D677474387D2A66427FA7052.exe
C:\Users\Public\Desktop\Nero StartSmart 10.lnk - C:\Windows\Installer\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}\ScStartSmartDeskto_3AF47A4E14DF4546B1449D27245505A0.exe
C:\Users\Public\Desktop\RealPlayer.lnk - C:\program files\real\realplayer\realplay.exe /launch:desktop
C:\Users\Public\Desktop\Unreal Tournament 2004.lnk - C:\Program Files\Unreal Tournament 2004\System\UT2004.exe

==== shortcuts in Users Start Menu ======================

C:\Users\lourinaldo\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -  
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Grand Theft Auto™ Vice City.lnk -  

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-AB0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -  

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AAA Logo.lnk - C:\Program Files\AAALOGO\alogo.exe
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ConvertXtoDVD 4.lnk - C:\Program Files\VSO\ConvertX\4\ConvertXtoDvd.exe
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Megacubo.lnk - C:\Program Files\Megacubo\megacubo.exe
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -  
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\DAEMON Tools Lite.lnk - C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word 2010.lnk - C:\Windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\pes2010 - Atalho.lnk - C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\µTorrent (2).lnk -  
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Megacubo.lnk - C:\Program Files\Megacubo\megacubo.exe
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk - C:\Windows\system32\notepad.exe
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\lourinaldo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eoccbpoodnckjdnackiffhjfkogfhnhh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gbdabnfmdemcjjadpkpjibhhacggangd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gmbbbaglfppalppkhidkpibfjnobmgkn deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\hedkbjmpogijaikjjdmnfjpkohboikjg deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\VisualBee for Microsoft PowerPoint deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSafeSysTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyDrive deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tok-Cirrhatus deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VDownloader deleted successfully

==== Empty IE Cache ======================

C:\Users\lourinaldo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\lourinaldo\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\lourinaldo\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\lourinaldo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\lourinaldo\AppData\Local\Mozilla\Firefox\Profiles\kzh3385q.default-1400810480442\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=195 folders=27 108554948 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\lourinaldo\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\LOURIN~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\lourinaldo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on 26/05/2014 at 12:39:45,31 ======================
avatar
Fernando Diego
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Power Max em Seg 26 Maio 2014, 13:45

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Seg 26 Maio 2014, 15:50, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Fernando Diego em Seg 26 Maio 2014, 14:32

Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by lourinaldo on 26/05/2014 at 14:25:03,95.
Microsoft Windows 7 Ultimate  6.1.7600  x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\lourinaldo\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-26-151032.log 279 bytes
C:\zoek-results2014-05-26-151208.log 1383 bytes
C:\zoek-results2014-05-26-153945.log 33772 bytes

==== System Restore Info ======================

26/05/2014 14:26:09 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bhbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3038395E-5F0F-47F3-888F-65E00CDE5A66}]
"Path"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3038395E-5F0F-47F3-888F-65E00CDE5A66}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu PC Faster Update]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BHBASE\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bhbase]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\101013-15662-01.dmp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata\\2013-09-29 10_14_24_0849rpdata.dat"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\101013-15662-01.dmp]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata\\2013-09-29 10_14_24_0849rpdata.dat"=-

==== Deleting Files \ Folders ======================

C:\ProgramData\Baidu Security deleted

==== Folders Found ======================

2014-05-26 14:46:09 2014-05-26 14:46:09 -------- dc----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-26 17:28:01 2014-05-26 17:28:01 -------- dc--a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-05-26 17:28:01 2014-05-26 17:28:01 -------- dc--a-w- C:\zoek_backup\C_Users_All Users_Baidu Security

==== Files Found ======================


--- C:\zoek_backup\C_Windows_system32_tasks_Baidu PC Faster Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: -c--a-w-
File size: 3372
Created time: 2014-05-26 15:31:11
Modified time: 2013-09-28 18:01:26
MD5: 97671618836954BA395E84791DC664A6
SHA1: 6184BF18DB0B6AD12628AA2D08AED996E0B0A5E4


==== Registry Search Results for "Baidu" ======================


[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=195 folders=35 108555094 bytes)

==== EOF on 26/05/2014 at 14:30:17,35 ======================
avatar
Fernando Diego
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Power Max em Seg 26 Maio 2014, 14:39

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Seg 26 Maio 2014, 15:50, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Fernando Diego em Seg 26 Maio 2014, 14:58

Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by lourinaldo on 26/05/2014 at 14:53:59,16.
Microsoft Windows 7 Ultimate  6.1.7600  x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\lourinaldo\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-26-151032.log 279 bytes
C:\zoek-results2014-05-26-151208.log 1383 bytes
C:\zoek-results2014-05-26-153945.log 33772 bytes
C:\zoek-results2014-05-26-173017.log 10362 bytes

==== System Restore Info ======================

26/05/2014 14:54:28 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]

==== Registry Search Results for "Baidu" ======================

No instances of string "Baidu" found.

==== C:\zoek_backup content ======================

C:\zoek_backup (files=195 folders=35 108555094 bytes)

==== EOF on 26/05/2014 at 14:55:37,76 ======================
avatar
Fernando Diego
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Power Max em Seg 26 Maio 2014, 15:31

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

Tutorial do Junkware Removal Tool

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Fernando Diego em Seg 26 Maio 2014, 15:46

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by lourinaldo on 26/05/2014 at 15:41:51,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3363274120-5957699-924577136-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3363274120-5957699-924577136-1000\Software\wajam
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311341138}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311391106}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311341126}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\lourinaldo\AppData\Roaming\mozilla\firefox\profiles\kzh3385q.default-1400810480442\minidumps [1 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26/05/2014 at 15:44:37,17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
Fernando Diego
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Power Max em Seg 26 Maio 2014, 15:49

Faça o download do < ZHPDiag2.exe > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

Tutorial de instalação e execução do aplicativo ZHPDiag

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Fernando Diego em Seg 26 Maio 2014, 16:05

~ Relatório do ZHPDiag v2014.5.24.73 - Nicolas Coolman  (24/05/2014)
~ Iniciado por lourinaldo (26/05/2014 16:02:45)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão :
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 29.0.1 (Defaut)
GCIE: Google Chrome v35.0.1916.114

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 32-bit  (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v8.0.1483.0
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v3.14

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader XI
Java 7 Update 55

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2038 MB (45% free)
System Restore: Activé (Enable)
System drive C: has 34 GB (11%) free of 298 GB

---\\ Modo de conexão ao sistema
~ Computer Name: LOURINALDO-PC
~ User Name: lourinaldo
~ All Users Names: lourinaldo, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\lourinaldo\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\lourinaldo\AppData\Roaming\
~ %Desktop% : C:\Users\lourinaldo\Desktop\
~ %Favorites% : C:\Users\lourinaldo\Favorites\
~ %LocalAppData% : C:\Users\lourinaldo\AppData\Local\
~ %StartMenu% : C:\Users\lourinaldo\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 34 Go of 298 Go)
D: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
G: Hard drive, Flash drive, Thumb drive (Free 4 Go of 466 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 46 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.15BC38A7492BEFE831966ADB477CF76F] - (.Microsoft Corporation - Windows Explorer.) (.13/07/2009 - 22:14:20.) -- C:\Windows\Explorer.exe [2613248]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.7FA3A810F383588D46220967DE8B64FF] - (.Microsoft Corporation - Internet Extensions para Win32.) (.28/01/2013 - 20:25:13.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.13/07/2009 - 22:16:15.) -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.DDC040FDB01EF1712A6B13E52AFB104C] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/07/2009 - 20:12:38.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:11:26.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.8E09E52EE2E3CEB199EF3DD99CF9E3FB] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.13/07/2009 - 20:14:17.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 20:50:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.F4A054BE78AF7F410129C4B64B07DC9B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/07/2009 - 20:14:26.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:12:21.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.13/07/2009 - 22:20:44.) -- C:\Windows\system32\Drivers\ntfs.sys [1210432]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:02:58.) -- C:\Windows\system32\Drivers\rdpdr.sys [133120]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:12:11.) -- C:\Windows\system32\Drivers\tdx.sys [74240]
[MD5.58DF9D2481A56EDDE167E51B334D44FD] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.13/07/2009 - 22:19:10.) -- C:\Windows\system32\Drivers\volsnap.sys [245328]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/7
~ Mes musiques (My Musics) : 1/3423
~ Mes Videos (My Videos) : 1/119
~ Mes Favoris (My Favorites) : 1/32
~ Mes Documents (My Documents) : 1/136
~ Mon Bureau (My Desktop) : 1/783
~ Menu demarrer (Programs) : 1/31
~ Hidden Files:  Scanned in 00mn 03s



---\\ Processos lançados
[MD5.FD27F32A38E991E1BC45ABCE247DF382] - (.Beijing Xing Technology Co., Ltd. - Windows Update services.) -- C:\Program Files\Software Plate\svcgdp.exe   [92800] [PID.900]
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe   [45248] [PID.1404]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe   [65432] [PID.1664]
[MD5.96EFEC24346A8EB1157E80523079ADDC] - (...) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe   [39056] [PID.1908]
[MD5.B9FAFB1A036913B493F1E9D0C6324D2D] - (.VIA Technologies, Inc. - Service binary.) -- C:\Windows\system32\viakaraokesrv.exe   [27760] [PID.2028]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe   [4767304] [PID.2876]
[MD5.B5EE33F5A539036E93A806D65968093C] - (.No owner - WYunpeng MFC Application.) -- C:\Windows\USB Vibration\7906\USB Gamepad.exe   [704512] [PID.2892]
[MD5.F6158734F1E24C6C510155CF0D363911] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe   [295512] [PID.2916]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [254336] [PID.2980]
[MD5.60E844AE5920B75399DDBD9F3AE1C7A0] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe   [1272400] [PID.3000]  =>P2P.BitTorrent
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe   [53784] [PID.2308]
[MD5.0DA891CB0703D912CEAFA072F54D002B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   [275568] [PID.1088]
[MD5.28B02EA673489A4EFBB20A9B302D523C] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe   [18544] [PID.3104]
[MD5.038053B5DB6B0DCFB32B7682334B7625] - (.Adobe Systems, Inc. - Adobe Flash Player 13.0 r0.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe   [1863856] [PID.884]
[MD5.4FDF8F99557B275A3B5BF797761C7504] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [7879168] [PID.3772]
[MD5.4C287F9069FEDBD791178876EE9DE536] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Softwa.) -- C:\Windows\system32\sppsvc.exe   [3179520] [PID.2340]
~ Processes Running:  Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\lourinaldo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
~ Firefox Browser: 17 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.GAS Tecnologia - Internet Banking Helper.) (No version) -- (.not file.)
~ IE Browser: 13 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files\GbPlugin\gbieh.dll
~ BHO: 18 Legitimates Filtered in 00mn 00s



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: (no name) - [HKLM]{610AF794-9293-4129-9FAF-A81BBDFBFA14} Chave orfã
~ Toolbar:  Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [lourinaldo]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - GS\Desktop [lourinaldo]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
~ Global Startup: 2 Legitimates Filtered in 00mn 01s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Run: [USB Gamepad] . (.No owner - WYunpeng MFC Application.) -- C:\Windows\USB Vibration\7906\USB Gamepad.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe   =>.RealNetworks, Inc
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (.not file.)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (.not file.)
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3363274120-5957699-924577136-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
~ Application:  Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll  =>.Microsoft Corporation
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll  =>.Microsoft Corporation
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8FAC8FEB-1106-4DB3-9009-440663102F7B}: NameServer = 94.242.222.14
O17 - HKLM\System\CS1\Services\Tcpip\..\{8FAC8FEB-1106-4DB3-9009-440663102F7B}: NameServer = 94.242.222.14
O17 - HKLM\System\CS2\Services\Tcpip\..\{8FAC8FEB-1106-4DB3-9009-440663102F7B}: NameServer = 94.242.222.14
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll  =>.Microsoft Corporation
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify:  GbPluginBb . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files\GbPlugin\gbieh.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: software services (svcgdp) . (.Beijing Xing Technology Co., Ltd. - Windows Update services.) - C:\Program Files\Software Plate\svcgdp.exe
~ Services: 5 Legitimates Filtered in 00mn 03s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [{11B35BCA-B1DE-4D75-AB07-04C101D4B89D}] (...) -- C:\Users\lourinaldo\Office 2013\setup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{293169D1-76F8-48DA-B044-212FD3346266}] (...) -- C:\Users\lourinaldo\Office 2013\setup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{31D893E1-C143-4E62-B0E2-D421892FEB01}] (...) -- C:\Users\lourinaldo\Fernando\Fastboot - aj\Drivers LG P350F\Driver - 01.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{B29FC4FB-D1E8-4CF9-9662-28934C717AC2}] (...) -- C:\Users\lourinaldo\Office 2013\setup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{C4720945-5B71-42EF-BF1C-C482B7D1DF35}] (...) -- C:\Users\lourinaldo\Office 2013\setup.exe (.not file.)   [0]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [902]
O39 - APT:  - (..) -- C:\Windows\Tasks\AutoKMS.job   [210]  =>Trojan.Keygen
O39 - APT:  - (..) -- C:\Windows\Tasks\AutoKMSDaily.job   [204]  =>Trojan.Keygen
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1060]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1064]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\VisualBee-chromeinstaller   [1948]  =>PUP.CrossRider
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\VisualBee-codedownloader   [1256]  =>PUP.CrossRider
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\VisualBee-firefoxinstaller   [1872]  =>PUP.CrossRider
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\VisualBee-updater   [1250]  =>PUP.CrossRider
~ Scheduled Task: 38 Legitimates Filtered in 00mn 03s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver:  (Ndisrd) . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) - C:\Windows\System32\DRIVERS\gbpndisrdn.sys
~ Drivers: 69 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: GBBD Banco do Brasil - (...) [HKCU] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: GoPlayer versão 3.6.3 - (.My Company, Inc..) [HKLM] -- {CE67AE10-CBE9-44ED-80C3-80044B560676}_is1
O42 - Logiciel: Xadrez Master 5.8.6 - (.RkSoft Desenvolvimentos.) [HKLM] -- Xadrez Master_is1
~ Logic: 16 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\GbAs]
[HKCU\Software\GoPlayer]
[HKCU\Software\Install]
[HKCU\Software\RkSoft]
[HKLM\Software\360Safe]
[HKLM\Software\GoPlayer]
[HKLM\Software\VBMZ]  =>PUP.Duuqu
~ Key Software: 229 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 26/05/2014 - 16:02:35 - [] ----D C:\Program Files\GoPlayer
O43 - CFD: 05/10/2012 - 22:02:50 - [] ----D C:\Program Files\RkSoft
O43 - CFD: 26/05/2014 - 16:02:35 - [] ----D C:\Users\lourinaldo\AppData\Roaming\GoPlayer
O43 - CFD: 06/05/2014 - 15:51:33 - [] ----D C:\Users\lourinaldo\AppData\Roaming\MailUpdate
O43 - CFD: 23/08/2012 - 15:28:59 - [0] ----D C:\Users\lourinaldo\AppData\Local\Bron.tok-12-23  =>Worm.Brontok
O43 - CFD: 23/08/2012 - 19:43:01 - [] ----D C:\Users\lourinaldo\AppData\Local\Loc.Mail.Bron.Tok  =>Worm.Brontok
O43 - CFD: 23/08/2012 - 15:39:12 - [0] ----D C:\Users\lourinaldo\AppData\Local\Ok-SendMail-Bron-tok  =>Worm.Brontok
~ Program Folder: 161 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.58BA4FCB6F95B8F3DF221637B1B4CA00] - 14/05/2014 - 19:28:06 ---A- . (...) -- C:\Windows\IE11_main.log   [1218]
O44 - LFC:[MD5.7C08F4F0617AC7D6A989555AEF526EFE] - 15/05/2014 - 15:07:52 ---A- . (...) -- C:\Windows\DirectX.log   [1744]
O44 - LFC:[MD5.C505B7488EB5794FBDCF69DEED2D330B] - 23/05/2014 - 21:24:44 ---A- . (...) -- C:\Windows\System32\jupdate-1.7.0_55-b14.log   [5428]
O44 - LFC:[MD5.473C7D8B8CAE6A67C6487B1D1BD7F3FB] - 25/05/2014 - 11:33:59 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [145668]
O44 - LFC:[MD5.4B4A3B1FC5691B208E2E33B7E5B0C6D7] - 25/05/2014 - 11:33:59 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [702882]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 26/05/2014 - 11:45:28 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll   [536576]
O44 - LFC:[MD5.51B2FD02E5BFFC5938E14833996A87D2] - 26/05/2014 - 12:10:32 ---A- . (...) -- C:\zoek-results2014-05-26-151032.log   [279]
O44 - LFC:[MD5.23773F32306AEF75218518CD582C9B64] - 26/05/2014 - 12:12:08 ---A- . (...) -- C:\zoek-results2014-05-26-151208.log   [1383]
O44 - LFC:[MD5.0AEC513713FC6CEDB541111C92F6F5DC] - 26/05/2014 - 12:39:45 ---A- . (...) -- C:\zoek-results2014-05-26-153945.log   [33772]
O44 - LFC:[MD5.2178C875925D18E82526778FCE2E1C2C] - 26/05/2014 - 14:30:17 ---A- . (...) -- C:\zoek-results2014-05-26-173017.log   [10362]
O44 - LFC:[MD5.460DF34E9ABED9D39AA0EB8D3D00546F] - 26/05/2014 - 14:55:37 ---A- . (...) -- C:\zoek-results.log   [1613]
~ Files: 24 Legitimates Filtered in 00mn 02s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\NTRedirect  [Key] . (...) -- C:\Users\lourinaldo\AppData\Roaming\BabSolution\Shared\enhancedNT.dll (.not file.)  =>Hijacker.BabSolution
~ SMSR Keys: 12 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 2 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360.cn - 360FileOem.) -- C:\Windows\System32\Drivers\360FileOem.sys   [146304]
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360安全中心 - 360HookOem.) -- C:\Windows\System32\Drivers\360HookOem.sys   [54912]
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360安全中心 - 360RegOem.) -- C:\Windows\System32\Drivers\360RegOem.sys   [23168]
O58 - SDL:21/08/2012 - 19:12:18 R--A- . (.360安全中心 - 360安全卫士 - SelfProtection.) -- C:\Windows\System32\Drivers\360SpOEM.sys   [64048]
O58 - SDL:28/06/2010 - 17:33:13 ---A- . (.ALWIL Software - avast! TDI RDR Driver.) -- C:\Windows\System32\Drivers\aswRdr.sys   [23376]
O58 - SDL:06/03/2013 - 20:33:24 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys   [49248]  =>.ALWIL Software
O58 - SDL:06/03/2013 - 20:33:24 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys   [164736]  =>.ALWIL Software
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [453712]
O58 - SDL:08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\System32\Drivers\gbpkm.sys   [49536]
O58 - SDL:27/02/2014 - 07:52:44 ---A- . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) -- C:\Windows\System32\Drivers\gbpndisrdn.sys   [29400]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [26624]
O58 - SDL:08/05/2014 - 02:41:45 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys   [38912]  =>Trojan.Staser
O58 - SDL:26/12/2006 - 09:30:20 R--A- . (.Windows (R) Codename Longhorn DDK provider - Generic Port I/O.) -- C:\Windows\System32\Drivers\PortIo.sys   [6656]
O58 - SDL:25/08/2012 - 18:54:02 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys   [477240]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [21072]
O58 - SDL:23/08/2012 - 23:17:30 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys   [13024]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]
O58 - SDL:04/10/2010 - 20:59:32 ---A- . (...) -- C:\Windows\System32\StarOpen.sys   [5632]
~ Drivers: 85 Legitimates Filtered in 00mn 12s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 08/05/2013 - C:\Windows\System32\drivers\gbpkm.sys (GbpKm)  .(.GAS Tecnologia - GbPlugin Device Driver.) - LEGACY_GBPKM
O64 - Services: CurCS - 25/08/2012 - C:\Windows\system32\Drivers\sptd.sys (sptd)  .(.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) - LEGACY_SPTD
~ Legacy: 92 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- c:\program files\google\chrome\application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {258BC7BE-C72C-4DC3-9D18-E486290EEFFD} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.254FBCA565E049648B0CCE2CEADF05D2] [SPRF][25/08/2012] (...) -- C:\Users\lourinaldo\AppData\Roaming\inst.exe   [87608]
[MD5.2BA7812EB265CABD4C588C04F82775F2] [SPRF][12/10/2013] (...) -- C:\Users\lourinaldo\AppData\Roaming\unins000.dat   [17551]
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][26/05/2014] (...) -- C:\Users\lourinaldo\Desktop\zoek.exe   [1285120]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{7D324738-6CBA-4AF4-9586-B27CB3A4EE1B}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{51786F39-6D7E-41CF-8830-0502D981059A}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{9B8FEF49-19EB-471D-A128-E5864A3B9DE3}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{6ED38748-3FBE-411D-AD34-41E3732F8F90}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 01s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS:  - {35B6525E-071A-4EA9-B3BD-F6A742572F08}
~ MNS: 1 Legitimates Filtered in 00mn 00s



---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.A91D34375B4647FF0F57E8076EC72B1B] [WIS][08/08/2012] (.Babylon Ltd - BabylonObjectInstaller.) -- C:\Windows\Installer\116d134.msi   [343040]  =>PUP.Babylon
[MD5.9419559E26D53CC34862DF9B558A2917] [WIS][30/10/2012] (.Babylon Ltd - Babylon Chrome Toolbar.) -- C:\Windows\Installer\e9a943.msi   [354816]  =>PUP.Babylon
~ WIS: 2 Legitimates Filtered in 00mn 03s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BeamriseSetup_RASAPI32  =>Hijacker.Beamrise
HKLM\SOFTWARE\Microsoft\Tracing\BeamriseSetup_RASMANCS  =>Hijacker.Beamrise
HKLM\SOFTWARE\Microsoft\Tracing\biSetup35361_RASAPI32  =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\biSetup35361_RASMANCS  =>Adware.MegaSearch
HKLM\SOFTWARE\Microsoft\Tracing\delta-homes_RASAPI32  =>Toolbar.DeltaSearch
HKLM\SOFTWARE\Microsoft\Tracing\delta-homes_RASMANCS  =>Toolbar.DeltaSearch
HKLM\SOFTWARE\Microsoft\Tracing\deskSvc_RASAPI32  =>Hijacker.22Find
HKLM\SOFTWARE\Microsoft\Tracing\deskSvc_RASMANCS  =>Hijacker.22Find
HKLM\SOFTWARE\Microsoft\Tracing\DiVapton_Setup_RASAPI32  =>PUP.DiVapton
HKLM\SOFTWARE\Microsoft\Tracing\DiVapton_Setup_RASMANCS  =>PUP.DiVapton
HKLM\SOFTWARE\Microsoft\Tracing\DiVapton_sm_RASAPI32  =>PUP.DiVapton
HKLM\SOFTWARE\Microsoft\Tracing\DiVapton_sm_RASMANCS  =>PUP.DiVapton
HKLM\SOFTWARE\Microsoft\Tracing\googletoolbarinstaller_full_signed_RASAPI32  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\googletoolbarinstaller_full_signed_RASMANCS  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarManager_8CA8B41417E66DEB_RASAPI32  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarManager_8CA8B41417E66DEB_RASMANCS  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\iSafeSvc2_RASAPI32  =>Trojan.Staser
HKLM\SOFTWARE\Microsoft\Tracing\iSafeSvc2_RASMANCS  =>Trojan.Staser
HKLM\SOFTWARE\Microsoft\Tracing\iSafeUpdate_RASAPI32  =>Trojan.Staser
HKLM\SOFTWARE\Microsoft\Tracing\iSafeUpdate_RASMANCS  =>Trojan.Staser
HKLM\SOFTWARE\Microsoft\Tracing\iSafe_RASAPI32  =>Trojan.Staser
HKLM\SOFTWARE\Microsoft\Tracing\iSafe_RASMANCS  =>Trojan.Staser
HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_BrowserTabSearch_RASAPI32  =>PUP.Datamngr
HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_BrowserTabSearch_RASMANCS  =>PUP.Datamngr
HKLM\SOFTWARE\Microsoft\Tracing\updateDiVapton_RASAPI32  =>PUP.DiVapton
HKLM\SOFTWARE\Microsoft\Tracing\updateDiVapton_RASMANCS  =>PUP.DiVapton
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-32-build-27708-baixaki-32-bits_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-32-build-27708-baixaki-32-bits_RASMANCS  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASMANCS  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\vbmz11_RASAPI32  =>PUP.Duuqu
HKLM\SOFTWARE\Microsoft\Tracing\vbmz11_RASMANCS  =>PUP.Duuqu
HKLM\SOFTWARE\Microsoft\Tracing\VisualBee-codedownloader_RASAPI32  =>Adware.VisualBeeToolbar
HKLM\SOFTWARE\Microsoft\Tracing\VisualBee-codedownloader_RASMANCS  =>Adware.VisualBeeToolbar
HKLM\SOFTWARE\Microsoft\Tracing\VisualBee-updater_RASAPI32  =>Adware.VisualBeeToolbar
HKLM\SOFTWARE\Microsoft\Tracing\VisualBee-updater_RASMANCS  =>Adware.VisualBeeToolbar
HKLM\SOFTWARE\Microsoft\Tracing\visualbee_RASAPI32  =>Adware.VisualBeeToolbar
HKLM\SOFTWARE\Microsoft\Tracing\visualbee_RASMANCS  =>Adware.VisualBeeToolbar
HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdaterV2_RASAPI32  =>PUP.Wajam
HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdaterV2_RASMANCS  =>PUP.Wajam
~ BTK: 516 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 25/05/2014 257712 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 23/08/2012 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 23/08/2012 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 09/05/2014 119408 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 25/03/2010 490280 |  (NAUpdate) . (.Nero AG.) - C:\Program Files\Nero\Update\NASvc.exe
SR - | Auto 21/12/2013 65432 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 06/03/2013 45248 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Demand 13/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/08/2013 39056 |  (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 24/09/2012 92800 |  (svcgdp) . (.Beijing Xing Technology Co., Ltd..) - C:\Program Files\Software Plate\svcgdp.exe
SR - | Auto 04/05/2012 27760 |  (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 09s



---\\ Lista dos emuladores de CD/DVD (MBR Hook)
O58 - SDL:25/08/2012 - 18:54:02 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys   [477240]
~ Emulateurs:  Scanned in 00mn 09s



---\\ Scâner Aditional (088)
Database Version : 13029 - (24/05/2014)
Clés trouvées (Keys found) : 8
Valeurs trouvées (Values found) : 3
Dossiers trouvés  (Folders found) : 4
Fichiers trouvés  (Files found) : 9

[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\NTRedirect]   =>Hijacker.BabSolution^
[HKLM\Software\VBMZ]   =>Toolbar.Conduit
[HKLM\Software\360Safe]   =>Trojan.Lozavita
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{66F57190-01EB-45A6-8260-7895267209F7}]   =>Adware.VisualBeeToolbar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{610AF794-9293-4129-9FAF-A81BBDFBFA14}]   =>Adware.VisualBeeToolbar
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311341126}]   =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311341138}]   =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311391106}]   =>PUP.CrossRider
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent   =>P2P.BitTorrent^
C:\Users\lourinaldo\AppData\Local\Bron.tok-12-23   =>Worm.Brontok^
C:\Users\lourinaldo\AppData\Local\Loc.Mail.Bron.Tok   =>Worm.Brontok^
C:\Users\lourinaldo\AppData\Local\Ok-SendMail-Bron-tok   =>Worm.Brontok^
C:\Users\lourinaldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec   =>PUP.CrossRider
C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent^
C:\Windows\Tasks\AutoKMS.job   =>Trojan.Keygen^
C:\Windows\Tasks\AutoKMSDaily.job   =>Trojan.Keygen^
C:\Windows\System32\Tasks\VisualBee-chromeinstaller   =>PUP.CrossRider^
C:\Windows\System32\Tasks\VisualBee-codedownloader   =>PUP.CrossRider^
C:\Windows\System32\Tasks\VisualBee-firefoxinstaller   =>PUP.CrossRider^
C:\Windows\System32\Tasks\VisualBee-updater   =>PUP.CrossRider^
C:\Windows\Installer\116d134.msi   =>PUP.Babylon^
C:\Windows\Installer\e9a943.msi   =>PUP.Babylon^
~ Additionnel Scan: 251122 Items scanned in 00mn 23s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.CrossRider
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.Duuqu
[Você precisa estar registrado e conectado para ver este link.]  =>Worm.Brontok
[Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.BabSolution
[Você precisa estar registrado e conectado para ver este link.]  =>Trojan.Staser
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.Babylon
[Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.Beamrise
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.MegaSearch
[Você precisa estar registrado e conectado para ver este link.]  =>Toolbar.DeltaSearch
[Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.22Find
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.DiVapton
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.Datamngr
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.VisualBeeToolbar
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.Wajam
[Você precisa estar registrado e conectado para ver este link.]  =>Toolbar.Conduit
[Você precisa estar registrado e conectado para ver este link.]  =>Trojan.Lozavita
~ MSI: 16 link(s) detected in 00mn 00s



~ 763 Legitimates filtered by white list
End of the scan (582 lines in 01mn 15s)(0)
avatar
Fernando Diego
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Power Max em Seg 26 Maio 2014, 16:24

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

Escolhendo Programas que Iniciam com o PC

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
_____________________________________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Seg 26 Maio 2014, 17:59, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Fernando Diego em Seg 26 Maio 2014, 16:43

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by lourinaldo at 26/05/2014 16:42:11
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 32-bit  (Build 7600)

Reciclagem vazia (00mn 06s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ: HKLM\Software\360Safe
ELIMINÉ: HKLM\Software\VBMZ
ELIMINÉ:  StartupReg: NTRedirect
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\BeamriseSetup_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\BeamriseSetup_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\biSetup35361_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\biSetup35361_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\deskSvc_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\deskSvc_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\DiVapton_Setup_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\DiVapton_Setup_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\DiVapton_sm_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\DiVapton_sm_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\iSafeSvc2_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\iSafeSvc2_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\iSafeUpdate_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\iSafeUpdate_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\iSafe_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\iSafe_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_BrowserTabSearch_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_BrowserTabSearch_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\updateDiVapton_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\updateDiVapton_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\vbmz11_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\vbmz11_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\VisualBee-codedownloader_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\VisualBee-codedownloader_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\VisualBee-updater_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\VisualBee-updater_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\visualbee_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\visualbee_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdaterV2_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdaterV2_RASMANCS
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{66F57190-01EB-45A6-8260-7895267209F7}
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{610AF794-9293-4129-9FAF-A81BBDFBFA14}
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311341126}
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311341138}
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311391106}

========== Valores do Registo ==========
ELIMINÉ: Toolbar: {610AF794-9293-4129-9FAF-A81BBDFBFA14}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\windows\system32\tasks\visualbee-chromeinstaller
ELIMINÉ: c:\windows\system32\tasks\visualbee-codedownloader
ELIMINÉ: c:\windows\system32\tasks\visualbee-firefoxinstaller
ELIMINÉ: c:\windows\system32\tasks\visualbee-updater
ELIMINÉ: c:\windows\system32\drivers\isafekrnlboot.sys
ELIMINÉ: C:\Windows\Installer\116d134.msi
ELIMINÉ: C:\Windows\Installer\e9a943.msi
ELIMINÉ Temporários windows (118) (1.910.878 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: {11B35BCA-B1DE-4D75-AB07-04C101D4B89D}
ELIMINÉ: {293169D1-76F8-48DA-B044-212FD3346266}
ELIMINÉ: {31D893E1-C143-4E62-B0E2-D421892FEB01}
ELIMINÉ: {B29FC4FB-D1E8-4CF9-9662-28934C717AC2}
ELIMINÉ: {C4720945-5B71-42EF-BF1C-C482B7D1DF35}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
38 : Chaves do Registo
7 : Valores do Registo
1 : Pastas
9 : Ficheiros
5 : Tarefa planificada
1 : Restauração Sistema


End of clean in 00mn 59s

========== Caminho do ficheiro do relatório ==========
C:\Users\lourinaldo\AppData\Roaming\ZHP\ZHPFix[R1].txt - 26/05/2014 16:42:17 [4487]
avatar
Fernando Diego
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Power Max em Seg 26 Maio 2014, 16:44

 Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Fernando Diego em Seg 26 Maio 2014, 16:59

~ Relatório do ZHPDiag v2014.5.24.73 - Nicolas Coolman  (24/05/2014)
~ Iniciado por lourinaldo (26/05/2014 16:56:36)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão :
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 29.0.1 (Defaut)
GCIE: Google Chrome v35.0.1916.114

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 32-bit  (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v8.0.1483.0
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v3.14

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader XI
Java 7 Update 55

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2038 MB (58% free)
System Restore: Activé (Enable)
System drive C: has 32 GB (10%) free of 298 GB

---\\ Modo de conexão ao sistema
~ Computer Name: LOURINALDO-PC
~ User Name: lourinaldo
~ All Users Names: lourinaldo, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\lourinaldo\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\lourinaldo\AppData\Roaming\
~ %Desktop% : C:\Users\lourinaldo\Desktop\
~ %Favorites% : C:\Users\lourinaldo\Favorites\
~ %LocalAppData% : C:\Users\lourinaldo\AppData\Local\
~ %StartMenu% : C:\Users\lourinaldo\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 32 Go of 298 Go)
D: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
G: Hard drive, Flash drive, Thumb drive (Free 4 Go of 466 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 46 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.15BC38A7492BEFE831966ADB477CF76F] - (.Microsoft Corporation - Windows Explorer.) (.13/07/2009 - 22:14:20.) -- C:\Windows\Explorer.exe [2613248]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.7FA3A810F383588D46220967DE8B64FF] - (.Microsoft Corporation - Internet Extensions para Win32.) (.28/01/2013 - 20:25:13.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.13/07/2009 - 22:16:15.) -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.DDC040FDB01EF1712A6B13E52AFB104C] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/07/2009 - 20:12:38.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:11:26.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.8E09E52EE2E3CEB199EF3DD99CF9E3FB] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.13/07/2009 - 20:14:17.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 20:50:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.F4A054BE78AF7F410129C4B64B07DC9B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/07/2009 - 20:14:26.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:12:21.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.13/07/2009 - 22:20:44.) -- C:\Windows\system32\Drivers\ntfs.sys [1210432]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:02:58.) -- C:\Windows\system32\Drivers\rdpdr.sys [133120]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:12:11.) -- C:\Windows\system32\Drivers\tdx.sys [74240]
[MD5.58DF9D2481A56EDDE167E51B334D44FD] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.13/07/2009 - 22:19:10.) -- C:\Windows\system32\Drivers\volsnap.sys [245328]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/7
~ Mes musiques (My Musics) : 1/3423
~ Mes Videos (My Videos) : 1/119
~ Mes Favoris (My Favorites) : 1/32
~ Mes Documents (My Documents) : 1/136
~ Mon Bureau (My Desktop) : 1/784
~ Menu demarrer (Programs) : 1/31
~ Hidden Files:  Scanned in 00mn 01s



---\\ Processos lançados
[MD5.FD27F32A38E991E1BC45ABCE247DF382] - (.Beijing Xing Technology Co., Ltd. - Windows Update services.) -- C:\Program Files\Software Plate\svcgdp.exe   [92800] [PID.900]
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe   [45248] [PID.1404]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe   [65432] [PID.1664]
[MD5.96EFEC24346A8EB1157E80523079ADDC] - (...) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe   [39056] [PID.1908]
[MD5.B9FAFB1A036913B493F1E9D0C6324D2D] - (.VIA Technologies, Inc. - Service binary.) -- C:\Windows\system32\viakaraokesrv.exe   [27760] [PID.2028]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe   [4767304] [PID.2876]
[MD5.B5EE33F5A539036E93A806D65968093C] - (.No owner - WYunpeng MFC Application.) -- C:\Windows\USB Vibration\7906\USB Gamepad.exe   [704512] [PID.2892]
[MD5.F6158734F1E24C6C510155CF0D363911] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe   [295512] [PID.2916]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [254336] [PID.2980]
[MD5.60E844AE5920B75399DDBD9F3AE1C7A0] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe   [1272400] [PID.3000]  =>P2P.BitTorrent
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe   [53784] [PID.2308]
[MD5.0DA891CB0703D912CEAFA072F54D002B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   [275568] [PID.4372]
[MD5.4FDF8F99557B275A3B5BF797761C7504] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [7879168] [PID.5008]
[MD5.4C287F9069FEDBD791178876EE9DE536] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Softwa.) -- C:\Windows\system32\sppsvc.exe   [3179520] [PID.5488]
~ Processes Running:  Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/bb] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\lourinaldo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll
~ Firefox Browser: 17 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.GAS Tecnologia - Internet Banking Helper.) (No version) -- (.not file.)
~ IE Browser: 13 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects do navegador (02)
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files\GbPlugin\gbieh.dll
~ BHO: 18 Legitimates Filtered in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [lourinaldo]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - GS\Desktop [lourinaldo]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.)  -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
~ Global Startup: 2 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (.not file.)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (.not file.)
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3363274120-5957699-924577136-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent
~ Application:  Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll  =>.Microsoft Corporation
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll  =>.Microsoft Corporation
O9 - Extra button: Exibir ou ocultar HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8FAC8FEB-1106-4DB3-9009-440663102F7B}: NameServer = 94.242.222.14
O17 - HKLM\System\CS1\Services\Tcpip\..\{8FAC8FEB-1106-4DB3-9009-440663102F7B}: NameServer = 94.242.222.14
O17 - HKLM\System\CS2\Services\Tcpip\..\{8FAC8FEB-1106-4DB3-9009-440663102F7B}: NameServer = 94.242.222.14
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll  =>.Microsoft Corporation
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify:  GbPluginBb . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files\GbPlugin\gbieh.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: software services (svcgdp) . (.Beijing Xing Technology Co., Ltd. - Windows Update services.) - C:\Program Files\Software Plate\svcgdp.exe
~ Services: 5 Legitimates Filtered in 00mn 03s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [902]
O39 - APT:  - (..) -- C:\Windows\Tasks\AutoKMS.job   [210]  =>Trojan.Keygen
O39 - APT:  - (..) -- C:\Windows\Tasks\AutoKMSDaily.job   [204]  =>Trojan.Keygen
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1060]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1064]
~ Scheduled Task: 25 Legitimates Filtered in 00mn 01s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver:  (Ndisrd) . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) - C:\Windows\System32\DRIVERS\gbpndisrdn.sys
~ Drivers: 69 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: GBBD Banco do Brasil - (...) [HKCU] -- {36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1
O42 - Logiciel: GoPlayer versão 3.6.3 - (.My Company, Inc..) [HKLM] -- {CE67AE10-CBE9-44ED-80C3-80044B560676}_is1
O42 - Logiciel: Xadrez Master 5.8.6 - (.RkSoft Desenvolvimentos.) [HKLM] -- Xadrez Master_is1
~ Logic: 16 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\GbAs]
[HKCU\Software\GoPlayer]
[HKCU\Software\Install]
[HKCU\Software\RkSoft]
[HKLM\Software\GoPlayer]
~ Key Software: 227 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 26/05/2014 - 16:56:38 - [] ----D C:\Program Files\GoPlayer
O43 - CFD: 05/10/2012 - 22:02:50 - [] ----D C:\Program Files\RkSoft
O43 - CFD: 26/05/2014 - 16:56:38 - [] ----D C:\Users\lourinaldo\AppData\Roaming\GoPlayer
O43 - CFD: 06/05/2014 - 15:51:33 - [] ----D C:\Users\lourinaldo\AppData\Roaming\MailUpdate
~ Program Folder: 158 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.58BA4FCB6F95B8F3DF221637B1B4CA00] - 14/05/2014 - 19:28:06 ---A- . (...) -- C:\Windows\IE11_main.log   [1218]
O44 - LFC:[MD5.7C08F4F0617AC7D6A989555AEF526EFE] - 15/05/2014 - 15:07:52 ---A- . (...) -- C:\Windows\DirectX.log   [1744]
O44 - LFC:[MD5.C505B7488EB5794FBDCF69DEED2D330B] - 23/05/2014 - 21:24:44 ---A- . (...) -- C:\Windows\System32\jupdate-1.7.0_55-b14.log   [5428]
O44 - LFC:[MD5.473C7D8B8CAE6A67C6487B1D1BD7F3FB] - 25/05/2014 - 11:33:59 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [145668]
O44 - LFC:[MD5.4B4A3B1FC5691B208E2E33B7E5B0C6D7] - 25/05/2014 - 11:33:59 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [702882]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 26/05/2014 - 11:45:28 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll   [536576]
O44 - LFC:[MD5.51B2FD02E5BFFC5938E14833996A87D2] - 26/05/2014 - 12:10:32 ---A- . (...) -- C:\zoek-results2014-05-26-151032.log   [279]
O44 - LFC:[MD5.23773F32306AEF75218518CD582C9B64] - 26/05/2014 - 12:12:08 ---A- . (...) -- C:\zoek-results2014-05-26-151208.log   [1383]
O44 - LFC:[MD5.0AEC513713FC6CEDB541111C92F6F5DC] - 26/05/2014 - 12:39:45 ---A- . (...) -- C:\zoek-results2014-05-26-153945.log   [33772]
O44 - LFC:[MD5.2178C875925D18E82526778FCE2E1C2C] - 26/05/2014 - 14:30:17 ---A- . (...) -- C:\zoek-results2014-05-26-173017.log   [10362]
O44 - LFC:[MD5.460DF34E9ABED9D39AA0EB8D3D00546F] - 26/05/2014 - 14:55:37 ---A- . (...) -- C:\zoek-results.log   [1613]
~ Files: 24 Legitimates Filtered in 00mn 01s



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 2 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360.cn - 360FileOem.) -- C:\Windows\System32\Drivers\360FileOem.sys   [146304]
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360安全中心 - 360HookOem.) -- C:\Windows\System32\Drivers\360HookOem.sys   [54912]
O58 - SDL:31/05/2012 - 21:21:04 R--A- . (.360安全中心 - 360RegOem.) -- C:\Windows\System32\Drivers\360RegOem.sys   [23168]
O58 - SDL:21/08/2012 - 19:12:18 R--A- . (.360安全中心 - 360安全卫士 - SelfProtection.) -- C:\Windows\System32\Drivers\360SpOEM.sys   [64048]
O58 - SDL:28/06/2010 - 17:33:13 ---A- . (.ALWIL Software - avast! TDI RDR Driver.) -- C:\Windows\System32\Drivers\aswRdr.sys   [23376]
O58 - SDL:06/03/2013 - 20:33:24 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys   [49248]  =>.ALWIL Software
O58 - SDL:06/03/2013 - 20:33:24 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys   [164736]  =>.ALWIL Software
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [453712]
O58 - SDL:08/05/2013 - 09:52:48 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\System32\Drivers\gbpkm.sys   [49536]
O58 - SDL:27/02/2014 - 07:52:44 ---A- . (.GAS Tecnologia - GAS Tecnologia - LWF Helper Driver.) -- C:\Windows\System32\Drivers\gbpndisrdn.sys   [29400]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [26624]
O58 - SDL:26/12/2006 - 09:30:20 R--A- . (.Windows (R) Codename Longhorn DDK provider - Generic Port I/O.) -- C:\Windows\System32\Drivers\PortIo.sys   [6656]
O58 - SDL:25/08/2012 - 18:54:02 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys   [477240]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [21072]
O58 - SDL:23/08/2012 - 23:17:30 ---A- . (...) -- C:\Windows\System32\Drivers\SWDUMon.sys   [13024]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]
O58 - SDL:04/10/2010 - 20:59:32 ---A- . (...) -- C:\Windows\System32\StarOpen.sys   [5632]
~ Drivers: 84 Legitimates Filtered in 00mn 00s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 08/05/2013 - C:\Windows\System32\drivers\gbpkm.sys (GbpKm)  .(.GAS Tecnologia - GbPlugin Device Driver.) - LEGACY_GBPKM
O64 - Services: CurCS - 25/08/2012 - C:\Windows\system32\Drivers\sptd.sys (sptd)  .(.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) - LEGACY_SPTD
~ Legacy: 92 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- c:\program files\google\chrome\application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {258BC7BE-C72C-4DC3-9D18-E486290EEFFD} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.254FBCA565E049648B0CCE2CEADF05D2] [SPRF][25/08/2012] (...) -- C:\Users\lourinaldo\AppData\Roaming\inst.exe   [87608]
[MD5.2BA7812EB265CABD4C588C04F82775F2] [SPRF][12/10/2013] (...) -- C:\Users\lourinaldo\AppData\Roaming\unins000.dat   [17551]
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][26/05/2014] (...) -- C:\Users\lourinaldo\Desktop\zoek.exe   [1285120]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{7D324738-6CBA-4AF4-9586-B27CB3A4EE1B}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{51786F39-6D7E-41CF-8830-0502D981059A}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{9B8FEF49-19EB-471D-A128-E5864A3B9DE3}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{6ED38748-3FBE-411D-AD34-41E3732F8F90}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe  =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 00s



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS:  - {35B6525E-071A-4EA9-B3BD-F6A742572F08}
~ MNS: 1 Legitimates Filtered in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\delta-homes_RASAPI32  =>Toolbar.DeltaSearch
HKLM\SOFTWARE\Microsoft\Tracing\delta-homes_RASMANCS  =>Toolbar.DeltaSearch
HKLM\SOFTWARE\Microsoft\Tracing\googletoolbarinstaller_full_signed_RASAPI32  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\googletoolbarinstaller_full_signed_RASMANCS  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarManager_8CA8B41417E66DEB_RASAPI32  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarManager_8CA8B41417E66DEB_RASMANCS  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-32-build-27708-baixaki-32-bits_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\utorrent-32-build-27708-baixaki-32-bits_RASMANCS  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASMANCS  =>P2P.µTorrent
~ BTK: 486 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 25/05/2014 257712 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 23/08/2012 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 23/08/2012 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 09/05/2014 119408 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 25/03/2010 490280 |  (NAUpdate) . (.Nero AG.) - C:\Program Files\Nero\Update\NASvc.exe
SR - | Auto 21/12/2013 65432 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 06/03/2013 45248 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Demand 13/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/08/2013 39056 |  (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 24/09/2012 92800 |  (svcgdp) . (.Beijing Xing Technology Co., Ltd..) - C:\Program Files\Software Plate\svcgdp.exe
SR - | Auto 04/05/2012 27760 |  (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 07s



---\\ Lista dos emuladores de CD/DVD (MBR Hook)
O58 - SDL:25/08/2012 - 18:54:02 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys   [477240]
~ Emulateurs:  Scanned in 00mn 07s



---\\ Scâner Aditional (088)
Database Version : 13029 - (24/05/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 3
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 3

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent   =>P2P.BitTorrent^
C:\Users\lourinaldo\AppData\Roaming\uTorrent\uTorrent.exe   =>P2P.BitTorrent^
C:\Windows\Tasks\AutoKMS.job   =>Trojan.Keygen^
C:\Windows\Tasks\AutoKMSDaily.job   =>Trojan.Keygen^
~ Additionnel Scan: 250852 Items scanned in 00mn 18s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.]  =>Toolbar.DeltaSearch
~ MSI: 1 link(s) detected in 00mn 00s



~ 744 Legitimates filtered by white list
End of the scan (479 lines in 00mn 47s)(0)
avatar
Fernando Diego
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Power Max em Seg 26 Maio 2014, 17:19

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Seg 26 Maio 2014, 17:59, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Fernando Diego em Seg 26 Maio 2014, 17:35

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by lourinaldo at 26/05/2014 17:35:19
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 32-bit  (Build 7600)

Reciclagem vazia (00mn 02s)

========== Chaves do Registo ==========
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\delta-homes_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\delta-homes_RASMANCS

========== Valores do Registo ==========
ELIMINÉ RunValue: Sidebar

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ Temporários windows (1) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
2 : Chaves do Registo
1 : Valores do Registo
1 : Pastas
2 : Ficheiros
1 : Restauração Sistema


End of clean in 00mn 14s

========== Caminho do ficheiro do relatório ==========
C:\Users\lourinaldo\AppData\Roaming\ZHP\ZHPFix[R1].txt - 26/05/2014 16:42:17 [4572]
C:\Users\lourinaldo\AppData\Roaming\ZHP\ZHPFix[R2].txt - 26/05/2014 17:35:22 [1098]
avatar
Fernando Diego
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Power Max em Seg 26 Maio 2014, 17:40

Como está o PC?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Fernando Diego em Seg 26 Maio 2014, 17:47

O pc está visielmente melhor, as mensagens do  CE_UmbrellaCert desaparecem e o computador está mais rápido e até agora não está travando quando acesso a internet. Muito obrigado mesmo, vc me ajudou muito.
avatar
Fernando Diego
Iniciante
Iniciante

Mensagens : 12
Reputação : 0
Data de inscrição : 26/05/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Power Max em Seg 26 Maio 2014, 17:58

isso aí! Fico feliz que o problema tenha sido resolvido.

Só para finalizar siga estes tutoriais abaixo, por gentileza:

Excluindo erros e otimizando seu PC com o CCleaner

Elimine arquivos inúteis de seu PC com o PureRa
_______________________________________________________________________________________________________________________

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas deste tutorial.
_______________________________________________________________________________________________________________________

Foi um prazer ajudar. Conte sempre conosco!

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Danii em Seg 26 Maio 2014, 18:28

CASO RESOLVIDO

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da Equipe da Moderação solicitando o desbloqueio.
avatar
Danii
Membro Pleno
Membro Pleno

Mensagens : 562
Reputação : 77
Data de inscrição : 04/04/2014
Localização : Brasil

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum