Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14428 usuários registrados
O último usuário registrado atende pelo nome de RS_Computadores

Os nossos membros postaram um total de 35114 mensagens em 3558 assuntos
Últimos assuntos
» Pc reinicia ao desligar e vai pra BIOS
por joram Ontem à(s) 14:41

Quem está conectado
Não há nenhum usuário online :: Nenhum usuário registrado, Nenhum Invisível e nenhuma Visita :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Setembro 2017
SegTerQuaQuiSexSabDom
    123
45678910
11121314151617
18192021222324
252627282930 

Calendário Calendário

Palavras chave


CE_UmbrellaCert como remove-lo ?

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

CE_UmbrellaCert como remove-lo ?

Mensagem por speed2050 em Ter 03 Jun 2014, 17:06

Boa tarde meu nome é rodrigo e estou com o problema do CE_UmbrellaCert ,
se me lembro bem foi um dia após eu instalar o Coreldraw x6 no site The Pirate Bay ,  
Eu vi varios casos do " CE_UmbrellaCert" e baixei o Adwcleaner como vi no seu topico ajudando outros membros
com o mesmo problema . e fiz um scan rapido (examinar) e cliquei em limpar , log :
em seguida parei na pagina do zoek , Estou com medo de perder algum arquivo importante , ou alguma coisa
que faça meu windows parar de funcionar , pois esse meu computador é novinho e trabalha com o windows original então eu vim aqui pedir ajuda pra vocês   tongue  espero que possam me ajudar desde já obrigado !
avatar
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max em Ter 03 Jun 2014, 17:08

Olá Rodrigo.

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que está em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) Tamanho

Mensagem por speed2050 em Ter 03 Jun 2014, 17:12

O log é tão grande que eu não consigui anexar , é de 9 mb o anexo :c
avatar
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

(RESOLVIDO) Part1

Mensagem por speed2050 em Ter 03 Jun 2014, 17:19

[#] Serviço Deletada : DefaultTabSearch
[#] Serviço Deletada : FastFreeConverterUpdt
Serviço Deletada : Yontoo Desktop Updater

***** [ Arquivos / Pastas ] *****

[!] Pasta Deletada : C:\ProgramData\Ask
[!] Pasta Deletada : C:\ProgramData\Babylon
[!] Pasta Deletada : C:\ProgramData\Free Ride Games
[!] Pasta Deletada : C:\ProgramData\QuickSet
[!] Pasta Deletada : C:\ProgramData\SuperbApp
[!] Pasta Deletada : C:\ProgramData\Tarma Installer
[!] Pasta Deletada : C:\ProgramData\Trymedia
[!] Pasta Deletada : C:\ProgramData\VisualBee
[!] Pasta Deletada : C:\ProgramData\WeCareReminder
[!] Pasta Deletada : C:\ProgramData\WinFilter
[!] Pasta Deletada : C:\ProgramData\COupExteonsion
[!] Pasta Deletada : C:\ProgramData\RRemoveTheADApp
[!] Pasta Deletada : C:\ProgramData\SearchNewTab
[!] Pasta Deletada : C:\ProgramData\ssurf and  keuep
[!] Pasta Deletada : C:\ProgramData\surf and keEp
[!] Pasta Deletada : C:\ProgramData\surf and kuEEp
[!] Pasta Deletada : C:\ProgramData\YoutubeAdblocker
[!] Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalMediaPlayer
[!] Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
[!] Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
[!] Pasta Deletada : C:\Program Files (x86)\Conduit
[!] Pasta Deletada : C:\Program Files (x86)\DefaultTab
[!] Pasta Deletada : C:\Program Files (x86)\Expat Shield
[!] Pasta Deletada : C:\Program Files (x86)\Fast Free Converter
[!] Pasta Deletada : C:\Program Files (x86)\File Type Helper
[!] Pasta Deletada : C:\Program Files (x86)\FinalMediaPlayer
[!] Pasta Deletada : C:\Program Files (x86)\Free Ride Games
[!] Pasta Deletada : C:\Program Files (x86)\orbitdownloader
[!] Pasta Deletada : C:\Program Files (x86)\RelevantKnowledge
[!] Pasta Deletada : C:\Program Files (x86)\Savings Sidekick
[!] Pasta Deletada : C:\Program Files (x86)\SweetIM
[!] Pasta Deletada : C:\Program Files (x86)\Wajam
[!] Pasta Deletada : C:\Program Files (x86)\WebSearch
[!] Pasta Deletada : C:\Program Files (x86)\Yontoo
[!] Pasta Deletada : C:\Program Files (x86)\SearchNewTab
[!] Pasta Deletada : C:\Program Files (x86)\ssurf and  keuep
[!] Pasta Deletada : C:\Program Files (x86)\surf and keEp
[!] Pasta Deletada : C:\Program Files (x86)\surf and kuEEp
[!] Pasta Deletada : C:\Program Files (x86)\YoutubeAdblocker
[!] Pasta Deletada : C:\Windows\SysWOW64\ARFC
[!] Pasta Deletada : C:\Windows\SysWOW64\jmdp
[!] Pasta Deletada : C:\Windows\SysWOW64\WNLT
[!] Pasta Deletada : C:\Program Files\003
[!] Pasta Deletada : C:\Program Files\SupraSavings
[!] Pasta Deletada : C:\Program Files\Updater By SweetPacks
[!] Pasta Deletada : C:\Windows\System32\ljkb
[!] Pasta Deletada : C:\Users\Public\Documents\baidu
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Conduit
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\DefineExt
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\FilesFrog Update Checker
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\FinalMediaPlayer
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\lollipop
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Savings Sidekick
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\TidyNetwork.com
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\VisualBeeClient
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\VisualBeeExe
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Wajam
[!] Pasta Deletada : C:\Users\User 1\AppData\LocalLow\Claro LTD
[!] Pasta Deletada : C:\Users\User 1\AppData\LocalLow\Conduit
[!] Pasta Deletada : C:\Users\User 1\AppData\LocalLow\Fast Free Converter
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\337
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\Babylon
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\baidu
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\DefaultTab
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\FinalMediaPlayer
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\Optimizer Pro
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\strongvault
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\Yontoo
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\Smartbar
[!] Pasta Deletada : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifoelmjeleeegmjmiibgpkecmccnnoa
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aekjbnlbnhnjhgmpfcdnigifiookfadm
Arquivo Deletada : C:\END
Arquivo Deletada : C:\Windows\System32\dmwu.exe
Arquivo Deletada : C:\Windows\System32\ImhxxpComm.dll
Arquivo Deletada : C:\Windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\User 1\AppData\Local\funmoods.crx
Arquivo Deletada : C:\Users\User 1\AppData\Local\funmoods-speeddial_sf.crx
Arquivo Deletada : C:\Users\User 1\AppData\LocalLow\SkwConfig.bin
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\invalidprefs.js
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\Askcom.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\Babylon.xml
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\funmoods.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\mixidj.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\MyStart Search.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\MyStart.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\search.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\SweetIm.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\Sweetpacks Search.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\WebSearch.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\user.js
Arquivo Deletada : C:\Windows\System32\Tasks\Dealply
Arquivo Deletada : C:\Windows\System32\Tasks\VisualBeeRecovery

***** [ Atalhos ] *****


***** [ Registro ] *****

Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Valor Deletedo : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [lesstabs@lesstabs.com]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ippkomaaonokjnfjoikaemidanojkfmm
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\aekjbnlbnhnjhgmpfcdnigifiookfadm
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\aekjbnlbnhnjhgmpfcdnigifiookfadm
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
Chave Deletedo : HKLM\SOFTWARE\Classes\and
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\b
Chave Deletedo : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Chave Deletedo : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Chave Deletedo : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Chave Deletedo : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Chave Deletedo : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Chave Deletedo : HKLM\SOFTWARE\Classes\GameTreatWidget.GameTreatWidget
Chave Deletedo : HKLM\SOFTWARE\Classes\HssIE.HssIEApp
Chave Deletedo : HKLM\SOFTWARE\Classes\HssIE.HssIEApp.1
Chave Deletedo : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Chave Deletedo : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\S
Chave Deletedo : HKLM\SOFTWARE\Classes\SearchNewTab.SearchNewTab
Chave Deletedo : HKLM\SOFTWARE\Classes\SearchNewTab.SearchNewTab.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\speedupmypc
Chave Deletedo : HKLM\SOFTWARE\Classes\surf
Chave Deletedo : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Chave Deletedo : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Chave Deletedo : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Chave Deletedo : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Chave Deletedo : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Chave Deletedo : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Chave Deletedo : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Chave Deletedo : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\strongvaultapp_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\strongvaultapp_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Chave Deletedo : HKLM\SOFTWARE\Classes\RemoveeTTheAdApp.RemoveeTTheAdApp
Chave Deletedo : HKLM\SOFTWARE\Classes\RemoveeTTheAdApp.RemoveeTTheAdApp.3.5
Chave Deletedo : HKLM\SOFTWARE\Classes\YoutubeAdblocker.YoutubeAdblocker
Chave Deletedo : HKLM\SOFTWARE\Classes\YoutubeAdblocker.YoutubeAdblocker.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\CCoupExtensiono.CCoupExtensiono
Chave Deletedo : HKLM\SOFTWARE\Classes\CCoupExtensiono.CCoupExtensiono.1.3
Chave Deletedo : HKCU\Software\a53d88fb53ced42
Chave Deletedo : HKLM\SOFTWARE\a53d88fb53ced42
Chave Deletedo : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-161304646
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{1a34a8e0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{3e661da}
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT2851643
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT3184310
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT3223702
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_dj-mixer_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_dj-mixer_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_euro-truck-simulator_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_euro-truck-simulator_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_european-bus-simulator (1)_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_european-bus-simulator (1)_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_european-bus-simulator_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_european-bus-simulator_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_flightgear_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_flightgear_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_kaspersky-virus-removal-tool_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_kaspersky-virus-removal-tool_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_responding-heads_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_responding-heads_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_scania-truck-driving-simulator_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_scania-truck-driving-simulator_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_sonic-fan-remix_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_sonic-fan-remix_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_trucks-and-trailers_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_trucks-and-trailers_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1C4CA929-4CFB-4C37-D9CC-AB433C4C10E1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5005715A-6633-E7CD-47E1-38D05CB470FC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9C38C1C8-8C0D-C15A-7C78-9141CB5D2439}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9CEEA65D-26C6-4C81-EE17-93D4BB956F11}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B97022D3-C6F7-E6ED-2385-3F90A46702B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D547F6CD-92C5-1C7D-A576-AC46174A8F40}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D92092F4-CF9E-453E-EB7B-8C67C16422AA}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E9A110C2-6ED5-1217-DDB6-0E92FFF05118}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{18E62C02-0849-44B7-9616-3B2EA01E9E05}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{103DFC4E-147A-5606-9B4E-1C216DF227A1}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{F5A29F21-B121-48A0-A317-737AF8BB106A}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044504460}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7736C7FA-512D-11E2-B871-DEC36088709B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C4CA929-4CFB-4C37-D9CC-AB433C4C10E1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5005715A-6633-E7CD-47E1-38D05CB470FC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9C38C1C8-8C0D-C15A-7C78-9141CB5D2439}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CEEA65D-26C6-4C81-EE17-93D4BB956F11}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B97022D3-C6F7-E6ED-2385-3F90A46702B0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D547F6CD-92C5-1C7D-A576-AC46174A8F40}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D92092F4-CF9E-453E-EB7B-8C67C16422AA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E9A110C2-6ED5-1217-DDB6-0E92FFF05118}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18E62C02-0849-44B7-9616-3B2EA01E9E05}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1C4CA929-4CFB-4C37-D9CC-AB433C4C10E1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5005715A-6633-E7CD-47E1-38D05CB470FC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9C38C1C8-8C0D-C15A-7C78-9141CB5D2439}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CEEA65D-26C6-4C81-EE17-93D4BB956F11}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B97022D3-C6F7-E6ED-2385-3F90A46702B0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D547F6CD-92C5-1C7D-A576-AC46174A8F40}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D92092F4-CF9E-453E-EB7B-8C67C16422AA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E9A110C2-6ED5-1217-DDB6-0E92FFF05118}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18E62C02-0849-44B7-9616-3B2EA01E9E05}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1C4CA929-4CFB-4C37-D9CC-AB433C4C10E1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5005715A-6633-E7CD-47E1-38D05CB470FC}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9C38C1C8-8C0D-C15A-7C78-9141CB5D2439}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9CEEA65D-26C6-4C81-EE17-93D4BB956F11}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B97022D3-C6F7-E6ED-2385-3F90A46702B0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D547F6CD-92C5-1C7D-A576-AC46174A8F40}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D92092F4-CF9E-453E-EB7B-8C67C16422AA}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E9A110C2-6ED5-1217-DDB6-0E92FFF05118}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C1E5833-4F98-46A3-BEF0-4071B802C18A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{997746D6-BD9E-4D1F-B0D7-B54CF27E3287}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{18E62C02-0849-44B7-9616-3B2EA01E9E05}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{18E62C02-0849-44B7-9616-3B2EA01E9E05}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{18E62C02-0849-44B7-9616-3B2EA01E9E05}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{1C4CA929-4CFB-4C37-D9CC-AB433C4C10E1}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{5005715A-6633-E7CD-47E1-38D05CB470FC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C38C1C8-8C0D-C15A-7C78-9141CB5D2439}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{9CEEA65D-26C6-4C81-EE17-93D4BB956F11}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{B97022D3-C6F7-E6ED-2385-3F90A46702B0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{D547F6CD-92C5-1C7D-A576-AC46174A8F40}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{D92092F4-CF9E-453E-EB7B-8C67C16422AA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{E9A110C2-6ED5-1217-DDB6-0E92FFF05118}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE}
Valor Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Orbitdownloader\orbitdm.exe]
Valor Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Orbitdownloader\orbitnet.exe]
Valor Deletedo : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
avatar
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

(RESOLVIDO) Part2

Mensagem por speed2050 em Ter 03 Jun 2014, 17:20

chave Deletedo : HKCU\Software\BabSolution
Chave Deletedo : HKCU\Software\BabylonToolbar
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\Cr_Installer
Chave Deletedo : HKCU\Software\DataMngr
[#] Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\Default Tab
Chave Deletedo : HKCU\Software\DefaultTab
Chave Deletedo : HKCU\Software\Delta
Chave Deletedo : HKCU\Software\IM
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\ImInstaller
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\Optimizer Pro
Chave Deletedo : HKCU\Software\Orbit
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\Somoto
Chave Deletedo : HKCU\Software\visualbee
Chave Deletedo : HKCU\Software\Wajam
Chave Deletedo : HKCU\Software\wecarereminder
Chave Deletedo : HKCU\Software\WNLT
Chave Deletedo : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKCU\Software\AppDataLow\Software
Chave Deletedo : HKCU\Software\AppDataLow\SProtector
Chave Deletedo : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Deletedo : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\BabylonToolbar
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\Default Tab
Chave Deletedo : HKLM\Software\DefaultTab
Chave Deletedo : HKLM\Software\Delta
Chave Deletedo : HKLM\Software\Fast Free Converter
Chave Deletedo : HKLM\Software\Freeze.com
Chave Deletedo : HKLM\Software\hdcode
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\InfoAtoms
Chave Deletedo : HKLM\Software\Orbit
Chave Deletedo : HKLM\Software\SP Global
Chave Deletedo : HKLM\Software\SProtector
Chave Deletedo : HKLM\Software\Trymedia Systems
Chave Deletedo : HKLM\Software\Uniblue
Chave Deletedo : HKLM\Software\Updater By Sweetpacks
Chave Deletedo : HKLM\Software\visualbee
Chave Deletedo : HKLM\Software\Wajam
Chave Deletedo : HKLM\Software\Funloadia_Entertainment
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fast Free Converter
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Chave Deletedo : [x64] HKLM\SOFTWARE\suprasavings
Chave Deletedo : [x64] HKLM\SOFTWARE\Tarma Installer
Chave Deletedo : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Chave Deletedo : [x64] HKLM\SOFTWARE\WNLT
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\suprasavings
Dados Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\winfil~1\winfil~1.dll
Dados Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\assist~1.dll
Dados Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\WINFIL~1\WINFIL~2.DLL
Dados Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\ASSIST~2.DLL
Chave Deletedo : HKLM\Software\Classes\Installer\Features\B01F3F08771A494439EC8990D0180939
Chave Deletedo : HKLM\Software\Classes\Installer\Products\B01F3F08771A494439EC8990D0180939

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.7600.16385

Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs]

-\\ Mozilla Firefox v12.0 (pt-BR)

[ Arquivo : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\prefs.js ]

Linha deletada : user_pref("CT3223702.1000082.isPlayDisplay", "true");
Linha deletada : user_pref("CT3223702.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.asx\"}");
Linha deletada : user_pref("CT3223702.1000234.TWC_TMP_city", "CURITIBA");
Linha deletada : user_pref("CT3223702.1000234.TWC_TMP_country", "BR");
Linha deletada : user_pref("CT3223702.1000234.TWC_country", "BRAZIL");
Linha deletada : user_pref("CT3223702.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Linha deletada : user_pref("CT3223702.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Linha deletada : user_pref("CT3223702.FirstTime", "true");
Linha deletada : user_pref("CT3223702.FirstTimeFF3", "true");
Linha deletada : user_pref("CT3223702.PG_ENABLE", "dHJ1ZQ==");
Linha deletada : user_pref("CT3223702.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Linha deletada : user_pref("CT3223702.SF_STATUS.enc", "RU5BQkxFRA==");
Linha deletada : user_pref("CT3223702.SF_USER_ID.enc", "Y2lkXzI1MTAyMDEzMDU0MTg2MjM3NTkx");
Linha deletada : user_pref("CT3223702.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3223702&SearchSource=2&CUI=UN36851977571396854&UM=2&q=");
Linha deletada : user_pref("CT3223702.TopHitsConfig.enc", "ew0KICAgICJzcHJpdGVVcmwiOiAiaHR0cDovL2NhcDEuY29uZHVpdC1hcHBzLmNvbS9BcHBzL1RvcEhpdHNHZW5lcmljQXBwL2NvbmZpZ3MvVVMtVUstRGFuY2UtUm9jay1SYXAvc3ByaXRlLnBuZyIsDQogIC[...]
Linha deletada : user_pref("CT3223702.UserID", "UN36851977571396854");
Linha deletada : user_pref("CT3223702.addressBarTakeOverEnabledInHidden", "true");
Linha deletada : user_pref("CT3223702.cbfirsttime.enc", "RnJpIE9jdCAyNSAyMDEzIDAwOjU0OjMyIEdNVC0wMjAw");
Linha deletada : user_pref("CT3223702.countryCode", "BR");
Linha deletada : user_pref("CT3223702.embeddedsData", "[{\"appId\":\"10000002\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"instantAlert\":[...]
Linha deletada : user_pref("CT3223702.firstTimeDialogOpened", "true");
Linha deletada : user_pref("CT3223702.fixPageNotFoundErrorByUser", "TRUE");
Linha deletada : user_pref("CT3223702.fixPageNotFoundErrorInHidden", "true");
Linha deletada : user_pref("CT3223702.fixUrls", true);
Linha deletada : user_pref("CT3223702.fullUserID", "UN36851977571396854.IN.2013071222217");
Linha deletada : user_pref("CT3223702.isCheckedStartAsHidden", true);
Linha deletada : user_pref("CT3223702.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Linha deletada : user_pref("CT3223702.isFirstTimeToolbarLoading", "false");
Linha deletada : user_pref("CT3223702.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Linha deletada : user_pref("CT3223702.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Linha deletada : user_pref("CT3223702.keyword", true);
Linha deletada : user_pref("CT3223702.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3223702&octid=CT3223702&SearchSource=15&CUI=UN36851977571396854&SSPV=&Lay=1&UM=2\"}");
Linha deletada : user_pref("CT3223702.lastVersion", "10.16.70.505");
Linha deletada : user_pref("CT3223702.mam_gk_appStateReportTime.enc", "MTM4Mjc2NjQ2ODQ4Ng==");
Linha deletada : user_pref("CT3223702.mam_gk_appState_CouponBuddy.enc", "b24=");
Linha deletada : user_pref("CT3223702.mam_gk_appState_Easytobook.enc", "b24=");
Linha deletada : user_pref("CT3223702.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Linha deletada : user_pref("CT3223702.mam_gk_appState_PriceGong.enc", "b24=");
Linha deletada : user_pref("CT3223702.mam_gk_appState_WindowShopper.enc", "b24=");
Linha deletada : user_pref("CT3223702.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJ1cmwiOiJodHRwOi8vY29uZDAxLmV0YnhtbC5jb20vY29uZHVpdF9idW5kbGUvd2ViL2NoZWFwLmh0bWwiLCJzY3JpcHRVcmwiOm51bGws[...]
Linha deletada : user_pref("CT3223702.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Linha deletada : user_pref("CT3223702.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiIyZDk3NTAwZS0yYzY0LTRjOGUtOGJjOS1hMDBlM2IzZjU0YTIiLCJ[...]
Linha deletada : user_pref("CT3223702.mam_gk_currentVersion.enc", "MS4xMC40LjA=");
Linha deletada : user_pref("CT3223702.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
Linha deletada : user_pref("CT3223702.mam_gk_first_time.enc", "MQ==");
Linha deletada : user_pref("CT3223702.mam_gk_installer_preapproved.enc", "VFJVRQ==");
Linha deletada : user_pref("CT3223702.mam_gk_lastLoginTime.enc", "MTM4Mjc2NjQ2OTYzNg==");
Linha deletada : user_pref("CT3223702.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJQb2zDrXRpY2EgZGUgY29udGXDumRvIn0sImdhZGdldERlc2NyaXB0aW9uUHJpbWFyeSI6eyJUZXh0IjoiVmFsdWUgQXBwcyBlbnJpcXVlY2Vt[...]
Linha deletada : user_pref("CT3223702.mam_gk_new_welcome_experience.enc", "MQ==");
Linha deletada : user_pref("CT3223702.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Linha deletada : user_pref("CT3223702.mam_gk_settings1.10.4.0.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzEwMjYiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6Ijk1XzAiLCJpc1Rlc3QiOnRydWUsIlVzZXJDb3VudHJ5[...]
Linha deletada : user_pref("CT3223702.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Linha deletada : user_pref("CT3223702.mam_gk_userId.enc", "ZWJjNTUwYmEtOTEwMS00ZjA0LWI1OTYtZjMxZDBjMzhhOTU3");
Linha deletada : user_pref("CT3223702.mam_gk_user_approval_interacted.enc", "MQ==");
Linha deletada : user_pref("CT3223702.mam_gk_welcomeDialogMode.enc", "MQ==");
Linha deletada : user_pref("CT3223702.migrateAppsAndComponents", true);
Linha deletada : user_pref("CT3223702.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2F%3Fctid%3DCT3223702%26octid%3DCT3223702%26SearchSource%3D15%26CUI%3DUN3[...]
Linha deletada : user_pref("CT3223702.originalHomepage", "hxxp://searchfunmoods.com/?f=1&a=pcmega1&chnl=pcmega1&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0CyE0C0C0AyCtBtCtDtCtAtN0D0Tzu0CtBzzzztN1L2XzutBtFtBtFtDtFtAyEyE&cr=14734581[...]
Linha deletada : user_pref("CT3223702.originalSearchAddressUrl", "chrome://defaulttab/content/keywordURL.xul?");
Linha deletada : user_pref("CT3223702.originalSearchEngine", "Google");
Linha deletada : user_pref("CT3223702.originalSearchEngineName", "Google");
Linha deletada : user_pref("CT3223702.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"EMAIL_NOTIFIER\\\",\\\"WEATHER\\\",\\\"BROWSER_COMPONENT\\\"]\"}");
Linha deletada : user_pref("CT3223702.revertSettingsEnabled", "false");
Linha deletada : user_pref("CT3223702.search.searchAppId", "10000002");
Linha deletada : user_pref("CT3223702.search.searchCount", "0");
Linha deletada : user_pref("CT3223702.searchFromAddressBarEnabledByUser", "true");
Linha deletada : user_pref("CT3223702.searchInNewTabEnabledByUser", "true");
Linha deletada : user_pref("CT3223702.searchInNewTabEnabledInHidden", "true");
Linha deletada : user_pref("CT3223702.searchSuggestEnabledByUser", "True");
Linha deletada : user_pref("CT3223702.searchUserMode", "2");
Linha deletada : user_pref("CT3223702.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Linha deletada : user_pref("CT3223702.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Linha deletada : user_pref("CT3223702.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Linha deletada : user_pref("CT3223702.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3223702\"}");
Linha deletada : user_pref("CT3223702.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://FunloadiaEntertainment.OurToolbar.com//xpi\"}");
Linha deletada : user_pref("CT3223702.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Funloadia Entertainment\"}");
Linha deletada : user_pref("CT3223702.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Linha deletada : user_pref("CT3223702.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Linha deletada : user_pref("CT3223702.serviceLayer_services_setupAPI_lastUpdate", "1382669645873");
Linha deletada : user_pref("CT3223702.settingsINI", true);
Linha deletada : user_pref("CT3223702.showToolbarPermission", "false");
Linha deletada : user_pref("CT3223702.smartbar.CTID", "CT3223702");
Linha deletada : user_pref("CT3223702.smartbar.Uninstall", "0");
Linha deletada : user_pref("CT3223702.smartbar.homepage", true);
Linha deletada : user_pref("CT3223702.smartbar.toolbarName", "Funloadia Entertainment ");
Linha deletada : user_pref("CT3223702.toolbarBornServerTime", "23-7-2013");
Linha deletada : user_pref("CT3223702.toolbarCurrentServerTime", "23-7-2013");
Linha deletada : user_pref("CT3223702.toolbarLoginClientTime", "Fri Oct 25 2013 00:54:06 GMT-0200");
Linha deletada : user_pref("CT3223702_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1382766460364,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Linha deletada : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?UM=2&ctid=CT3223702&SearchSource=13&CUI=UN36851977571396854");
Linha deletada : user_pref("Smartbar.ConduitSearchEngineList", "Funloadia Entertainment Customized Web Search");
Linha deletada : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3223702&SearchSource=2&CUI=UN36851977571396854&UM=2&q=");
Linha deletada : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "chrome://defaulttab/content/keywordURL.xul?");
Linha deletada : user_pref("Smartbar.keywordURLSelectedCTID", "CT3223702");
Linha deletada : user_pref("browser.startup.homepage", "hxxp://websearch.searchisbestmy.info/?pid=924&r=2013/11/18&hid=4703991600518884597&lg=EN&cc=BR&unqvl=41");
Linha deletada : user_pref("extensions.BabylonToolbar.admin", false);
Linha deletada : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Linha deletada : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Linha deletada : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Linha deletada : user_pref("extensions.BabylonToolbar.excTlbr", false);
Linha deletada : user_pref("extensions.BabylonToolbar.id", "ae6f1013000000000000c89cdc4cca62");
Linha deletada : user_pref("extensions.BabylonToolbar.instlDay", "15627");
Linha deletada : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Linha deletada : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Linha deletada : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Linha deletada : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Linha deletada : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=ae6f1013000000000000c89cdc4cca62&q=");
Linha deletada : user_pref("extensions.BabylonToolbar.vrsn", "1.8.0.7");
Linha deletada : user_pref("extensions.BabylonToolbar.vrsni", "1.8.0.7");
Linha deletada : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Linha deletada : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.0.710:32:03");
Linha deletada : user_pref("extensions.claro.admin", false);
Linha deletada : user_pref("extensions.claro.aflt", "babsst");
Linha deletada : user_pref("extensions.claro.dfltLng", "en");
Linha deletada : user_pref("extensions.claro.excTlbr", false);
Linha deletada : user_pref("extensions.claro.id", "ae6f1013000000000000c89cdc4cca62");
Linha deletada : user_pref("extensions.claro.instlDay", "15625");
Linha deletada : user_pref("extensions.claro.instlRef", "sst");
Linha deletada : user_pref("extensions.claro.prdct", "claro");
Linha deletada : user_pref("extensions.claro.prtnrId", "claro");
Linha deletada : user_pref("extensions.claro.tlbrId", "claro");
Linha deletada : user_pref("extensions.claro.vrsn", "1.6.4.1");
Linha deletada : user_pref("extensions.claro.vrsni", "1.6.4.1");
Linha deletada : user_pref("extensions.claro_i.smplGrp", "none");
Linha deletada : user_pref("extensions.claro_i.vrsnTs", "1.6.4.122:58:57");
Linha deletada : user_pref("extensions.crossrider.bic", "141ed886071f81cb85654fc470e76d07");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.InstallationThankYouPage", true);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.InstallationTime", 1350007106);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.searchUserConifrmation", false);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setHomepage", false);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setNewTab", false);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setSearch", false);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.active", true);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.addressbar", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.addressbarenhanced", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.backgroundjs", "\n\n//\n");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.backgroundver", 43);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.can_run_bg_code", true);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.certdomaininstaller", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.changeprevious", false);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.value", "1350007106");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie.InstallerParams.value", "%7B%22source_id%22%3A%2245990%22%2C%22sub_id%22%3A%22default%22%2C%22uzid%22%3A%2245990%26subid%3D%26pid%3D1265%22%7D");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.value", "1350007106");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_arbitrary_code.expiration", "Sat Oct 26 2013 03:52:44 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_arbitrary_code.value", "%22%28function%28%29%7B_GPL_PLUGIN.st%3D%7B%5C%2274052%26pid%3D1269%5C%22%3A%7Bs%3A%5B%5C%2274052%26pid%3D1695%5C%22%2C[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.expiration", "Sat Oct 26 2013 03:52:44 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.value", "%22facebook.com%2Cnonexistantdomain.com%22");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.expiration", "Fri Nov 01 2013 03:52:08 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.value", "%22BR%22");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.value", "1382766497");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_currenttime.value", "%221381868021%22");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.value", "%221%22");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_delay.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_delay.value", "24");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_disclosure.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_disclosure.value", "1382766468");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_disclosure_tmp.expiration", "Sat Oct 26 2013 03:57:44 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_disclosure_tmp.value", "1382766464");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_list.expiration", "Sat Oct 26 2013 09:47:48 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_list.value", "%7B%22f7610cf2b37067876b694a05c56f32e2%22%3A%7B%22p%22%3A%22/%22%7D%2C%22d763717b4b2e0a17a877cc642fb80ee4%22%3A%7B%22p%22%3A%2[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_list_temp.expiration", "Sat Oct 26 2013 03:57:48 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_list_temp.value", "1382766468.328");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%2245990%22%2C%22sub_id%22%3A%22default%22%2C%22uzid%22%3A%2245990%26subid%3D%26pid%3D1265%22%7D[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installtime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installtime.value", "%221381867954%22");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.value", "%2245990%22");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.value", "1382766462622");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.value", "%221265%22");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.value", "%2292373%22");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.value", "1382680327750");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.description", "Savings Sidekick");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.domain", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.enablesearch", false);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.homepage", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.iframe", false);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22F31C3EB389F54FFD8930B218EAE6BD75IE%22%2C%22installer_verifier%22%3A%22fe9b9f13d509d808[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.value", "94");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.value", "0");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.value", "%7B%7D");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.expiration", "Sat Oct 26 2013 09:47:40 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.value", "true");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.value", "%7B%7D");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.SoftwareDetected.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.SoftwareDetected.value", "%7B%22AnySoftware%22%3Afalse%2C%22Wireshark%22%3Afalse%2C%22VirtualBox%22%3Afalse%2C%22VMWare%22%3Afalse%2C%22InsideVM[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.started||_GPL_PLUGIN.prepare({pid:1224,baseCDN:\"savingsside-a.akamaihd.ne[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.manifesturl", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.name", "Savings Sidekick");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.newtab", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.opensearch", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return appAPI.appInfo.id;}else{return appAPI.appID;}}};$jquery.exte[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.name", "base");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.ver", Cool;
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=function(b){if(void 0===this||null===this)throw new TypeError;var c=Object[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.ver", 16);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.code", "var a=appAPI.db.getList(),cf_ran=!1,_GPL_BG={vars:{},rules:{},started:!1,allowed:!1,log:function(b){console.log(b)},factor:1[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.name", "GPL Background (BG)");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.ver", 39);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSelection();}else{if(document.get[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.name", "CrossriderAppUtils");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.ver", 5);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={};}var CR__bIsIEWindow=false;if(typeof window!==\"undefined\"&&typeof window.navigator[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.name", "CrossriderUtils");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.ver", 9);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _firefoxVersion!==\"undefined\"&&_firefoxVersion>14)&&type[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.name", "FFAppAPIWrapper");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.ver", 12);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * [Você precisa estar registrado e conectado para ver este link.] *\n * Copyright 2010, John [...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.name", "jQuery");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.ver", 4);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.appID(),url:appAPI._cr_config.debug_app};return h.Class.ex[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.name", "debug");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.ver", 5);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.queue.push(b);}};appAPI.ready=function(c,b){a.when.apply(nul[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.name", "resources");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.ver", 5);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_config.appID()},b,g=new e.Deferred(),f;return e.Class.extend[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.name", "initializer");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.ver", 4);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.code", "var jQuery = $jquery_171 = $jquery = null;\n\nif (document && typeof document.getElementById !== \"undefined\") {\n\n/*! jQuery v1[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.name", "jquery_1_7_1");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.ver", 4);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager=(function(){var C={appId:([...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.name", "resources_background");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.ver", 3);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_64.code", "(function(){var j=\"__CR_EMPTY_CHANNEL__\";var d=function(e){return(typeof e===\"object\"&&e!==null);};var b=function(e){return(![...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_64.name", "appApiMessage");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_64.ver", 3);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var d={WRONG_STRICT_VALUE:\"Parameter %PARAM_NAME% value is not supp[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_72.name", "appApiValidation");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_72.ver", 3);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof window.navigator!==\"undefined\"&&typeof window.navigator.userAgent!==\"undefi[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_78.name", "CrossriderInfo");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_78.ver", 5);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_98.code", "(function(){var b={DUMMY_PAGE_URL:\"hxxp://page.our-app.net/blank/resource.html\"};var c=\"cr_\"+appAPI.appID+\"internalMessage\"[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_98.name", "omniCommands");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_98.ver", 3);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98,1000015");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,98,1000014,28");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/5060/plugins/091/ff/plugins.json");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.pluginsversion", 70);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.publisher", "Innovative Apps");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.searchstatus", 0);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.setnewtab", false);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.thankyou", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.updateinterval", 360);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.ver", 94);
Linha deletada : user_pref("extensions.crossriderapp5060.apps", "5060");
Linha deletada : user_pref("extensions.crossriderapp5060.bic", "141ed886071f81cb85654fc470e76d07");
Linha deletada : user_pref("extensions.crossriderapp5060.cid", 5060);
Linha deletada : user_pref("extensions.crossriderapp5060.firstrun", false);
Linha deletada : user_pref("extensions.crossriderapp5060.hadappinstalled", true);
Linha deletada : user_pref("extensions.crossriderapp5060.installationdate", 1382669640);
Linha deletada : user_pref("extensions.crossriderapp5060.lastcheck", 23046108);
Linha deletada : user_pref("extensions.crossriderapp5060.lastcheckitem", 23046109);
Linha deletada : user_pref("extensions.crossriderapp5060.modetype", "production");
Linha deletada : user_pref("extensions.crossriderapp5060.reportInstall", true);
Linha deletada : user_pref("extensions.crossriderapp5060.statsDailyCounter", 2);
Linha deletada : user_pref("extensions.crossriderapp5060@crossrider.com.install-event-fired", true);
Linha deletada : user_pref("extensions.delta.admin", false);
Linha deletada : user_pref("extensions.delta.aflt", "babsst");
Linha deletada : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Linha deletada : user_pref("extensions.delta.autoRvrt", "false");
Linha deletada : user_pref("extensions.delta.dfltLng", "pt");
Linha deletada : user_pref("extensions.delta.excTlbr", false);
Linha deletada : user_pref("extensions.delta.ffxUnstlRst", true);
Linha deletada : user_pref("extensions.delta.id", "ae6f1013000000000000000000000000");
Linha deletada : user_pref("extensions.delta.instlDay", "15925");
Linha deletada : user_pref("extensions.delta.instlRef", "sst");
Linha deletada : user_pref("extensions.delta.newTab", false);
Linha deletada : user_pref("extensions.delta.prdct", "delta");
Linha deletada : user_pref("extensions.delta.prtnrId", "delta");
Linha deletada : user_pref("extensions.delta.rvrt", "false");
Linha deletada : user_pref("extensions.delta.smplGrp", "none");
Linha deletada : user_pref("extensions.delta.tlbrId", "base");
Linha deletada : user_pref("extensions.delta.tlbrSrchUrl", "");
Linha deletada : user_pref("extensions.delta.vrsn", "1.8.22.0");
Linha deletada : user_pref("extensions.delta.vrsnTs", "1.8.22.020:05:06");
Linha deletada : user_pref("extensions.delta.vrsni", "1.8.22.0");
Linha deletada : user_pref("extensions.delta_i.babExt", "");
Linha deletada : user_pref("extensions.delta_i.babTrack", "affID=124046&tt=070813_wc1&tsp=4968");
Linha deletada : user_pref("extensions.delta_i.srcExt", "ss");
Linha deletada : user_pref("extensions.enabledAddons", "ffxtlbr@funmoods.com:1.5.1,testpilot@labs.mozilla.com:1.2.2,crossriderapp5060@crossrider.com:0.91.83,wecarereminder@bryan:4.1.18.1,plugin@yontoo.com:1.20.02,tidy[...]
Linha deletada : user_pref("extensions.ffxtlbr@funmoods.com.install-event-fired", true);
Linha deletada : user_pref("extensions.funmoods.aflt", "pcmega1");
Linha deletada : user_pref("extensions.funmoods.autoRvrt", false);
Linha deletada : user_pref("extensions.funmoods.cntry", "BR");
Linha deletada : user_pref("extensions.funmoods.cv", "cv5");
Linha deletada : user_pref("extensions.funmoods.dfltLng", "");
Linha deletada : user_pref("extensions.funmoods.dfltSrch", true);
Linha deletada : user_pref("extensions.funmoods.dnsErr", true);
Linha deletada : user_pref("extensions.funmoods.envrmnt", "production");
Linha deletada : user_pref("extensions.funmoods.excTlbr", false);
Linha deletada : user_pref("extensions.funmoods.hdrMd5", "336F3FD0AD1FAFB53FD00AE25B25E7BD");
Linha deletada : user_pref("extensions.funmoods.hmpg", true);
Linha deletada : user_pref("extensions.funmoods.hmpgUrl", "hxxp://searchfunmoods.com/?f=1&a=pcmega1&chnl=pcmega1&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0CyE0C0C0AyCtBtCtDtCtAtN0D0Tzu0CtBzzzztN1L2XzutBtFtBtFtDtFtAyEyE&cr=1473458[...]
Linha deletada : user_pref("extensions.funmoods.id", "C89CDC4CCA621013");
Linha deletada : user_pref("extensions.funmoods.instlDay", "15627");
Linha deletada : user_pref("extensions.funmoods.instlRef", "pcmega1");
Linha deletada : user_pref("extensions.funmoods.isdcmntcmplt", true);
Linha deletada : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2216:8:4");
Linha deletada : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
Linha deletada : user_pref("extensions.funmoods.newTab", true);
Linha deletada : user_pref("extensions.funmoods.newTabUrl", "hxxp://searchfunmoods.com/?f=2&a=pcmega1&chnl=pcmega1&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0CyE0C0C0AyCtBtCtDtCtAtN0D0Tzu0CtBzzzztN1L2XzutBtFtBtFtDtFtAyEyE&cr=14734[...]
Linha deletada : user_pref("extensions.funmoods.prdct", "funmoods");
Linha deletada : user_pref("extensions.funmoods.prtnrId", "funmoods");
Linha deletada : user_pref("extensions.funmoods.sg", "none");
Linha deletada : user_pref("extensions.funmoods.smplGrp", "none");
Linha deletada : user_pref("extensions.funmoods.srchPrvdr", "Search");
Linha deletada : user_pref("extensions.funmoods.tlbrId", "base");
Linha deletada : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://searchfunmoods.com/?f=3&a=pcmega1&chnl=pcmega1&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0CyE0C0C0AyCtBtCtDtCtAtN0D0Tzu0CtBzzzztN1L2XzutBtFtBtFtDtFtAyEyE&cr=147[...]
Linha deletada : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
Linha deletada : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2216:8:4");
Linha deletada : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
Linha deletada : user_pref("extensions.funmoods_i.newTab", true);
Linha deletada : user_pref("extensions.funmoods_i.smplGrp", "none");
Linha deletada : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2216:8:4");
Linha deletada : user_pref("extensions.wajam.affiliate_id", "5927");
Linha deletada : user_pref("extensions.wajam.firstrun", "false");
Linha deletada : user_pref("extensions.wajam.log_send_info", "false");
Linha deletada : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"update_interval\":1337,\"base_url\":\"hxxp:\\/\\/www.wajam.com\\/\",\"update_url\":\"hxxp:\\/\\/www.wajam.com\\/addon\\/[...]
Linha deletada : user_pref("extensions.wajam.no_trace", "false");
Linha deletada : user_pref("extensions.wajam.server_current_mapping_version", "0.21087");
Linha deletada : user_pref("extensions.wajam.trace_log", "1382669638144 - processInstallationUpgrade - version set to : 1.26\n1382669638144 - processBrowserLoad - Bad mappingListJsonString: null\n1382669639785 - onFla[...]
Linha deletada : user_pref("extensions.wajam.unique_id", "D7A0AB3D3B9FF60B9BA9F5E603AE3E12");
Linha deletada : user_pref("extensions.wajam.user_current_mapping_version", "0");
Linha deletada : user_pref("extensions.wajam.version", "1.26");
Linha deletada : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
Linha deletada : user_pref("extentions.y2layers.installId", "de1cc5b8-5777-409c-b306-5a2b41947aab");
Linha deletada : user_pref("smartbar.addressBarOwnerCTID", "CT3223702");
Linha deletada : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?UM=2&ctid=CT3223702&SearchSource=13&CUI=UN36851977571396854");
Linha deletada : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3223702&SearchSource=2&CUI=UN36851977571396854&UM=2&q=");
Linha deletada : user_pref("smartbar.defaultSearchOwnerCTID", "CT3223702");
Linha deletada : user_pref("smartbar.homePageOwnerCTID", "CT3223702");

-\\ Google Chrome v35.0.1916.114

[ Arquivo : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Homepage] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Extension] : aekjbnlbnhnjhgmpfcdnigifiookfadm
Deletedo [Extension] : bbjciahceamgodcoidkjpchnokgfpphh
Deletedo [Extension] : cjpglkicenollcignonpgiafdgfeehoj
Deletedo [Extension] : ippkomaaonokjnfjoikaemidanojkfmm
Deletedo [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp
Deletedo [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc
Deletedo [Extension] : mkndcbhcgphcfkkddanakjiepeknbgle
Deletedo [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj

*************************

AdwCleaner[R0].txt - [104448 octets] - [03/06/2014 16:26:07]
AdwCleaner[S0].txt - [98890 octets] - [03/06/2014 16:30:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [98951 octets] ##########
avatar
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max em Ter 03 Jun 2014, 17:26

 No seu PC está constando também o Baidu, você quer removê-lo ou continuar com ele?
_____________________________________________________________________________________

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 04 Jun 2014, 20:18, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO)log zoek part1

Mensagem por speed2050 em Ter 03 Jun 2014, 20:43

Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by User 1 on Tue 06/03/2014 at 17:38:07.62.
Microsoft Windows 7 Ultimate  6.1.7600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User 1\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

6/3/2014 5:40:02 PM Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1       localhost
::1             localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0C5F1B8B-3A6B-4168-978C-EF863188C317} deleted successfully
HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8FEF9F4C-2E93-4E75-83A9-1FD6FDA2E123} deleted successfully
HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C47A8E4C-EE2A-47B1-9915-31112280F5E2} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\USER1~1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\prefs.js:
user_pref("browser.startup.homepage" , "http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal");
user_pref("browser.startup.homepage", "http://br.hao123.com/?tn=fa_pro_hp_01_hao123_br");
user_pref("browser.startup.homepage", "http://br.hao123.com/?tn=pcf_inner_protection_01_hao123_br");
user_pref("browser.search.defaultenginename" , "Web");
user_pref("browser.search.selectedEngine" , "Web");
user_pref("keyword.URL" , "http://br.yhs4.search.yahoo.com/yhs/search");

Added to C:\Users\USER1~1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\prefs.js:

ProfilePath: C:\Users\USER1~1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_20140603_0549_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"bProtectTabs"=-

==== Deleting Files \ Folders ======================

C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\plugin@yontoo.com not found
C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\ffxtlbr@funmoods.com not found
C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\crossriderapp5060@crossrider.com not found
C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\addon@defaulttab.com.xpi not found
C:\PROGRA~3\omdecpgdmhfnenhpgepgooiikcgjffpm deleted
C:\Users\User 1\AppData\LocalLow\{1C4CA929-4CFB-4C37-D9CC-AB433C4C10E1} deleted
C:\Users\User 1\AppData\LocalLow\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE} deleted
C:\Users\User 1\AppData\LocalLow\{5005715A-6633-E7CD-47E1-38D05CB470FC} deleted
C:\Users\User 1\AppData\LocalLow\{9C38C1C8-8C0D-C15A-7C78-9141CB5D2439} deleted
C:\Users\User 1\AppData\LocalLow\{9CEEA65D-26C6-4C81-EE17-93D4BB956F11} deleted
C:\Users\User 1\AppData\LocalLow\{B97022D3-C6F7-E6ED-2385-3F90A46702B0} deleted
C:\Users\User 1\AppData\LocalLow\{CD01958C-255C-B1DF-818B-7E236A915D99} deleted
C:\Users\User 1\AppData\LocalLow\{D547F6CD-92C5-1C7D-A576-AC46174A8F40} deleted
C:\Users\User 1\AppData\LocalLow\{D92092F4-CF9E-453E-EB7B-8C67C16422AA} deleted
C:\Users\User 1\AppData\LocalLow\{E9A110C2-6ED5-1217-DDB6-0E92FFF05118} deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{1C4CA929-4CFB-4C37-D9CC-AB433C4C10E1} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{5005715A-6633-E7CD-47E1-38D05CB470FC} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{9C38C1C8-8C0D-C15A-7C78-9141CB5D2439} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{9CEEA65D-26C6-4C81-EE17-93D4BB956F11} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{B97022D3-C6F7-E6ED-2385-3F90A46702B0} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{CD01958C-255C-B1DF-818B-7E236A915D99} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{D547F6CD-92C5-1C7D-A576-AC46174A8F40} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{D92092F4-CF9E-453E-EB7B-8C67C16422AA} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{E9A110C2-6ED5-1217-DDB6-0E92FFF05118} deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE} deleted
C:\PROGRA~3\ecfad92dac728ceb deleted
C:\PROGRA~3\DeownSaeve deleted
C:\PROGRA~2\Mozilla Firefox\searchplugins\search_the_web.xml deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\autoconfig.js deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\prefs.js deleted
C:\PROGRA~2\Assistant_x64.dll deleted
C:\PROGRA~2\Sk.Enhancer deleted
C:\found.000 deleted
C:\PROGRA~3\DynuEncrypt.dll deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\SummerSoft deleted
C:\Users\User 1\AppData\Local\CRE deleted
C:\Users\User 1\AppData\Local\SevereWeatherAlerts deleted
C:\Users\User 1\AppData\Local\Weather_Notifications,_LL deleted
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle deleted
C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Severe Weather Alerts deleted
C:\Users\User 1\Downloads\SoftonicDownloader_para_kaspersky-virus-removal-tool.exe deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Fast Free Converter deleted
C:\Windows\serviceprofiles\networkservice\AppData\LocalLow\Fast Free Converter deleted
C:\Windows\serviceprofiles\Localservice\AppData\LocalLow\Fast Free Converter deleted
C:\AI_RecycleBin deleted
C:\windows\SysNative\tasks\Baidu PC Faster Service deleted
C:\windows\SysNative\tasks\Baidu PC Faster Update deleted
C:\Windows\tasks\Registry Optimizer_DEFAULT.job deleted
C:\Windows\tasks\Registry Optimizer_UPDATES.job deleted
C:\windows\SysNative\tasks\TidyNetwork Update deleted
C:\user.js deleted
C:\Windows\SysNative\rlls64.dll deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\USER1~1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\funloadia-entertainment-customized-web-search.xml deleted
C:\Users\USER1~1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\staged deleted
C:\Users\USER1~1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\CT3223702 deleted
C:\Users\User 1\Desktop\4K Video Downloader.lnk deleted
C:\Users\User 1\RealPlayer_br.exe deleted
C:\Users\User 1\Setup.exe deleted
C:\Users\User 1\setup_11-0-0-1245-x01_2012_10_31_19_17.exe deleted
C:\Users\User 1\setup_11-0-0-1245-x01_2012_10_31_19_17[1].exe deleted
C:\Users\User 1\Downloads\Queen Of Light 1.0.rar.exe deleted
C:\Users\User 1\Downloads\Clique aqui para baixar.exe deleted
C:\Users\User 1\Downloads\Download.exe deleted
"C:\PROGRA~3\iifoelmjeleeegmjmiibgpkecmccnnoa\iifoelmjeleeegmjmiibgpkecmccnnoa.crx" deleted
"C:\PROGRA~3\iifoelmjeleeegmjmiibgpkecmccnnoa\update.xml" deleted
"C:\PROGRA~3\iifoelmjeleeegmjmiibgpkecmccnnoa" deleted

==== Folders Found ======================

2014-06-03 19:30:27 2014-06-03 19:30:27 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-03-11 02:55:41 2014-03-11 02:55:41 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-06-03 04:13:22 2014-06-03 04:13:22 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\BaiduSafe
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduDefrag
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduExtMgr
2014-06-03 04:13:22 2014-06-03 04:13:22 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\BaiduSafe
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduDefrag
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduExtMgr
2014-06-03 04:13:22 2014-06-03 04:13:22 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\BaiduSafe
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduDefrag
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduExtMgr
2014-06-03 04:13:23 2014-06-03 04:13:23 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\BaiduSafe
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduDefrag
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduExtMgr
2014-06-03 04:13:23 2014-06-03 04:13:23 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\3082\BaiduSafe
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\3082\tools\BaiduDefrag
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\3082\tools\BaiduExtMgr
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduBatteryDoctor
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduDefrag
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduExtMgr
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduWifiSharing
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1033\tools\BaiduDefrag
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1033\tools\BaiduExtMgr
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1046\tools\BaiduDefrag
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1046\tools\BaiduExtMgr
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1054\tools\BaiduDefrag
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1054\tools\BaiduExtMgr
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1057\tools\BaiduDefrag
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1057\tools\BaiduExtMgr
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\3082\tools\BaiduDefrag
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\3082\tools\BaiduExtMgr
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduBatteryDoctor
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduDefrag
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduExtMgr
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduWifiSharing
2014-03-11 02:57:36 2014-06-03 04:13:42 -------- d-----w- C:\ProgramData\Baidu Security
2014-06-03 04:13:41 2014-06-03 04:13:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2014-03-11 02:57:36 2014-06-03 04:13:42 -------- d-----w- C:\Users\All Users\Baidu Security
2014-06-03 04:13:41 2014-06-03 04:13:41 -------- d-----w- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2014-06-03 04:13:18 2014-06-03 04:13:18 -------- d-----w- C:\Users\Public\Documents\Baidu
2014-03-11 02:55:41 2014-06-03 04:26:30 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2013-09-22 05:27:43 2013-09-22 05:27:43 -------- d-----w- C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\QVFXDYVG\cpro.baidu.com
2013-09-22 05:27:43 2013-09-22 05:27:43 -------- d-----w- C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\QVFXDYVG\macromedia.com\support\flashplayer\sys\#cpro.baidu.com
2014-03-11 02:55:41 2014-03-11 02:55:41 -------- d-----w- C:\Users\User 1\AppData\Roaming\Baidu Security
2014-03-11 02:59:16 2014-03-11 02:59:16 -------- d-----w- C:\Users\User 1\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-03-11 02:59:16 2014-03-11 02:59:16 -------- d-----w- C:\Users\User 1\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
2014-06-03 04:13:41 2014-06-03 04:13:41 -------- d-----w- C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster

==== Files Found ======================


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\BaiduStore.dll ---
Company: Baidu Inc.
File Description: PC Faster Interface Plugin Manager
File Version: 4,0,5,68911
Product Name: Baidu PC Faster
Copyright: Copyright (C) 2012 Baidu, Inc. All rights reserved.
Original Filename:
File type: ----a-w-
File size: 1305792
Created time: 2014-05-13 07:05:50
Modified time: 2014-05-13 07:05:50
MD5: FEF4FC95AF8D9AE4BD494DDB7620CBA8
SHA1: 39AD7BAB1235968CD960E32AC42F5AF7DA9D5EC8


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 135715
Created time: 2014-05-13 12:28:40
Modified time: 2014-05-13 12:28:40
MD5: 7AA9FDAE027F50E2613D27443669D920
SHA1: 961560C84257D08F06E81EA100B66C0A0D35D8BF


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 17718
Created time: 2014-06-03 04:20:08
Modified time: 2014-06-03 04:20:08
MD5: CC449CC21360C91BE988FBB7BBC23E62
SHA1: 3DE0B8F290E6F10EC0836AB162369F9C026E9E96


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36814
Created time: 2014-06-03 04:20:10
Modified time: 2014-06-03 04:20:10
MD5: 51002A20C9651142B49E83A58442E1F6
SHA1: B00474C7E8DD528A020DBD6D2459083C1F4DB588


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 135626
Created time: 2014-05-13 12:28:42
Modified time: 2014-05-13 12:28:42
MD5: C82B847F69B582B479D57FA89E4F9903
SHA1: B3F26EE0D7A2B18DD1DC9C9FA7C0A8C9417B2A4D


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 18424
Created time: 2014-06-03 04:20:46
Modified time: 2014-06-03 04:20:46
MD5: 1100F09C60EAC3ECB030489F187FD25D
SHA1: 9A25E2B176919337147A2D7767ADD2337218340D


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 88133
Created time: 2014-06-03 04:20:57
Modified time: 2014-06-03 04:20:57
MD5: E8CE61D8300F7C7D816006D481C14F75
SHA1: B01121641E8239612CD518707D801FDD870AC481


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 221154
Created time: 2014-05-13 12:28:44
Modified time: 2014-05-13 12:28:44
MD5: E4B5B5BA0E1D541519458AE97EB2670C
SHA1: A3FC5D2D88BDB4D0EE4A8AA03BA09F921137520C


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 20232
Created time: 2014-06-03 04:21:27
Modified time: 2014-06-03 04:21:27
MD5: 642BABAF2A3A5B5984314BA10902EB99
SHA1: 2067856B8C0518AB102F157036DCFC55BD86B905


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36325
Created time: 2014-06-03 04:21:28
Modified time: 2014-06-03 04:21:28
MD5: 1F2287DCCFA2B0D461F92217C9165C85
SHA1: 880DD1B39723E5F93C267067DC3818C43974E268


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 244927
Created time: 2014-05-13 12:28:46
Modified time: 2014-05-13 12:28:46
MD5: 5FDB127F3EE34B433B03295D39A47351
SHA1: 4CDCBE65B121381CDF80053FE2C465FB97029F3B


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 18332
Created time: 2014-06-03 04:21:50
Modified time: 2014-06-03 04:21:50
MD5: 484ABABF535F91607C4B1C88827BF4C6
SHA1: D96A0769491524B7E7FD1F882CA94184241CDC01


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36511
Created time: 2014-06-03 04:21:52
Modified time: 2014-06-03 04:21:52
MD5: D19D16CFA1ACBF369052D10388EFDBD5
SHA1: 489AF1A698E43A2B39B190435EEF7C65070C1F67


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\3082\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 193467
Created time: 2014-05-13 12:28:48
Modified time: 2014-05-13 12:28:48
MD5: D8AB3CFEAAEAF2C2E9E5D5054DB20F75
SHA1: D168B14A769846C9E1FE9B48B74310054898E7F7


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\3082\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 15060
Created time: 2014-06-03 04:22:13
Modified time: 2014-06-03 04:22:13
MD5: 926F105F214693CE88603E4B910791F1
SHA1: 5C8F3B582B6B5D8B155A88B2D2FA4745EB6E8C7A


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\3082\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 59520
Created time: 2014-06-03 04:22:15
Modified time: 2014-06-03 04:22:15
MD5: CC0CF05000171F81D9F1C7A51B710A4E
SHA1: E1CC1B5C2750A7D1D95F013181AD89357F040534


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduBatteryDoctor\BaiduBatteryDoctor.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 33232
Created time: 2014-06-03 04:24:19
Modified time: 2014-06-03 04:24:19
MD5: 288919F520EC53516CEF0D2AB1EBCD0B
SHA1: D116239B74B1680BAFA3CEF5D42F7BA75BB8998E


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 26897
Created time: 2014-06-03 04:24:19
Modified time: 2014-06-03 04:24:19
MD5: 8379234A80EA834500E7691C4B2B29A5
SHA1: 2F77D86806E57402A3D2CAD3651AE227EEEF4F05


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5553
Created time: 2014-06-03 04:24:20
Modified time: 2014-06-03 04:24:20
MD5: DD06B3E23DC75FC551AB6C42F10C68A1
SHA1: 3440823F8341269849936B7C81F329011230949E


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduWifiSharing\BaiduWifiSharing.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 221061
Created time: 2014-06-03 04:24:24
Modified time: 2014-06-03 04:24:24
MD5: 9936EE1869F445745848810C566E1665
SHA1: 8B59F5FD14F98470F7D5C91C002D369BCFE24479


--- C:\Users\User 1\AppData\Local\Temp\Baidu_Secure_SystemUp_4.0.1.56634.exe ---
Company: Baidu, Inc.
File Description: PC Faster Setup
File Version: 4.0.1.56634
Product Name: Baidu PC Faster
Copyright: Copyright (C) 2013 Baidu, Inc. All Rights Reserved.
Original Filename:
File type: ----a-w-
File size: 18602568
Created time: 2014-03-11 02:55:42
Modified time: 2014-03-11 02:55:42
MD5: 91B93AA667CDB985925D3C0085B6C6A7
SHA1: 33A16AA6FF48B131021A0482E47C2DDE8E5472EC


--- C:\Users\User 1\AppData\Local\Temp\Baidu_Secure_SystemUp_4.0.5.70512.exe ---
Company: Baidu, Inc.
File Description: PC Faster Setup
File Version: 4.0.5.70512
Product Name: Baidu PC Faster
Copyright: Copyright (C) 2013 Baidu, Inc. All Rights Reserved.
Original Filename:
File type: ----a-w-
File size: 20388656
Created time: 2014-06-03 04:11:21
Modified time: 2014-06-03 04:11:21
MD5: C35AD07330E6AA1F8051D9E1C43079D3
SHA1: 89CCD48581CEF28B3FE4AD25C058E7FED0D4BEC5


--- C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Baidu PC Faster.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1371
Created time: 2014-06-03 04:13:41
Modified time: 2014-06-03 04:13:41
MD5: 09A604A70699558795EC7CBC29E10594
SHA1: 397070B4F4D6CA8E6F0D03BC73ACAA4370EC8887


--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu PC Faster Service.vir ---
avatar
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

(RESOLVIDO)part 2 zoek

Mensagem por speed2050 em Ter 03 Jun 2014, 20:43

Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3670
Created time: 2014-06-03 20:50:23
Modified time: 2014-06-03 04:13:39
MD5: 3DE070D8E41356D4827AF0ECE0F8F6AF
SHA1: C563F231599ED2919F2C03885ED2B5255EC5DA7E


--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu PC Faster Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3726
Created time: 2014-06-03 20:50:24
Modified time: 2014-06-03 04:13:31
MD5: A0C2FF10B1BD2C5689D987A524BC1AD4
SHA1: 09909199221880E4823020D665B9737C0976D840


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFTray-2014-06-03 06-36-58-0710-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-06-03 06-37-16-0760-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu PC Faster 4.0.0.0"="\"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFaster.exe\" -auto -start"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"DisplayName"="Baidu PC Faster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"DisplayIcon"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFaster.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"UninstallString"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\Uninstall.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"Publisher"="Baidu, Inc."

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"InstallDir"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"Description"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"Description"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"Description"="Baidu PC Faster Service 4.0.0.0"

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu\Hao123-international]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu\Hao123-international\hao123desk]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\CleanRecord]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm64]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\Setup]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Avast Software\WRC\SearchRules\baidu.com]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
"url"="^http\\:\\/\\/www\\.baidu\\.com\\/.*"

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}"="C:\Program Files\Updater By SweetPacks\Firefox" []
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"extension@Fast_Free_Converter.com"="C:\Program Files (x86)\Fast Free Converter\FastFreeConverter\extension@Fast_Free_Converter.com" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\USER1~1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default
- Undetermined - C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\ffxtlbr@funmoods.com
- Undetermined - C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\crossriderapp5060@crossrider.com
- Undetermined - C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\wecarereminder@bryan
- Undetermined - C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\plugin@yontoo.com
- Undetermined - C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\tidynetwork@tidynetwork
- Undetermined - C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}
- Undetermined - C:\Program Files (x86)\Fast Free Converter\FastFreeConverter\extension@FastFreeConverter.com
- Undetermined - C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\{18e62c02-0849-44b7-9616-3b2ea01e9e05}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Define Ext - %AppDir%\extensions\umylsm@sqhjcpzmeselzlp.org
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default
6D657ABADF217DBB17CF0A0AF44A7E29 - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll - Nexon Game Controller
53EEEBE57114EE669FBED2EF139D1320 - C:\Users\User 1\AppData\Local\Roblox\Versions\version-3789d377c3ab4ee1\NPRobloxProxy.dll - Roblox Launcher Plugin
5D6E3184DE62B6B681F03DA979F15956 - C:\Users\User 1\AppData\Local\Balanced Worlds\BWGameEngine\npWebLauncher.dll - WebLauncher


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[05/11/2014 12:33 PM]
mdebcffgnijbblbinknkbefciofebcda - C:\Users\User 1\AppData\Local\CRE\mdebcffgnijbblbinknkbefciofebcda.crx[]
ngkdgphikkepnnefheniljdgolldgpld - C:\Users\User 1\AppData\Local\CRE\ngkdgphikkepnnefheniljdgolldgpld.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
mdebcffgnijbblbinknkbefciofebcda - C:\Users\User 1\AppData\Local\CRE\mdebcffgnijbblbinknkbefciofebcda.crx[]
ngkdgphikkepnnefheniljdgolldgpld - C:\Users\User 1\AppData\Local\CRE\ngkdgphikkepnnefheniljdgolldgpld.crx[]

Comodo Drag&Drop Service - User 1\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo
Comodo Web Inspector - User 1\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn
PrivDog - User 1\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Comodo Media Downloader - User 1\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo
Comodo Share Page Service - User 1\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf
Google Wallet - User 1\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Last updated at time on date - User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
AdBlock - User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
avast Online Security - User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Funloadia Entertainment - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aekjbnlbnhnjhgmpfcdnigifiookfadm
DeownSaeve - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmcccjnelakmdekobgnglmfcihkeahik
Savings Sidekick - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
RRemoveTheADApp - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifoelmjeleeegmjmiibgpkecmccnnoa
We-Care.com Reminder - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm
Wajam - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
DefaultTab - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Google Wallet - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
SweetPacks Chrome Extension - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

==== Chrome Fix ======================

C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.searchisbestmy.info_0.localstorage deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.searchisbestmy.info_0.localstorage-journal deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_portugues.babylon.com_0.localstorage deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_portugues.babylon.com_0.localstorage-journal deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_digimon-masters-online.softonic.com.br_0.localstorage deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_digimon-masters-online.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_the-sims-2-create-a-sim.softonic.com.br_0.localstorage deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_the-sims-2-create-a-sim.softonic.com.br_0.localstorage-journal deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmcccjnelakmdekobgnglmfcihkeahik deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cmcccjnelakmdekobgnglmfcihkeahik_0.localstorage deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cmcccjnelakmdekobgnglmfcihkeahik_0.localstorage-journal deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aekjbnlbnhnjhgmpfcdnigifiookfadm deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifoelmjeleeegmjmiibgpkecmccnnoa deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iifoelmjeleeegmjmiibgpkecmccnnoa_0.localstorage deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iifoelmjeleeegmjmiibgpkecmccnnoa_0.localstorage-journal deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iifoelmjeleeegmjmiibgpkecmccnnoa_0.localstorage deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iifoelmjeleeegmjmiibgpkecmccnnoa_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=pcf_inner_protection_01_hao123_br"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=pcf_inner_protection_01_hao123_br"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=pcf_inner_protection_01_hao123_br"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\User 1\AppData\Local\Comodo\Dragon\User Data\Default\Preferences was reset successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\User 1\AppData\Local\Comodo\Dragon\User Data\Default\Web Data was reset successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E37CB5F0-51F5-4395-A808-5FA49E399F83} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E37CB5F0-51F5-4395-A808-5FA49E399F83} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{E37CB5F0-51F5-4395-A808-5FA49E399F83} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{ABDE892B-13A8-4d1b-88E6-365A6E755758} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\extension@Fast_Free_Converter.com deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\User 1\Desktop\AMPED JAPAO.lnk - C:\CyberStep\GetAmpedX\amped.exe
C:\Users\User 1\Desktop\Cheat Engine.lnk - C:\Program Files (x86)\Cheat Engine 6.2\Cheat Engine.exe
C:\Users\User 1\Desktop\Comprar suprimentos - HP Deskjet 1510 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 1510 series\Bin\hpqDTSS.exe
C:\Users\User 1\Desktop\DDTank.lnk - C:\Users\User 1\AppData\Roaming\337\DDTank\gamelogin.exe
C:\Users\User 1\Desktop\Dishonored - Atalho.lnk - C:\Program Files (x86)\Dishonored\Binaries\Win32\Dishonored.exe
C:\Users\User 1\Desktop\fraps - Atalho.lnk - C:\Fraps\fraps.exe
C:\Users\User 1\Desktop\Getamped 2014.lnk - C:\Users\User 1\oni\amped.exe
C:\Users\User 1\Desktop\GetAmped_BR.lnk - C:\CyberStep\GetAmped_BR\amped_launcher.exe
C:\Users\User 1\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\User 1\Desktop\Grand Chase.lnk - C:\Levelup Games\Grand Chase\GrandChase.exe
C:\Users\User 1\Desktop\HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe
C:\Users\User 1\Desktop\lf2 - Atalho.lnk - C:\Program Files (x86)\LittleFighter\lf2.exe
C:\Users\User 1\Desktop\Oracle VM VirtualBox (2).lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe
C:\Users\User 1\Desktop\Play PES 2014.lnk - C:\Games\Pro Evolution Soccer 2014\pes2014.exe
C:\Users\User 1\Desktop\PointBlank.lnk - C:\ongame\Pointblank\PBLauncher.exe
C:\Users\User 1\Desktop\vegas110 - Atalho.lnk - C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe
C:\Users\User 1\Desktop\wmplayer - Atalho.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Users\User 1\Desktop\zsnesw - Atalho.lnk - C:\Users\User 1\Desktop\zsnesw151\zsnesw.exe
C:\Users\User 1\Desktop\mineraft com potter\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\User 1\Desktop\mineraft com potter\TeamSpeak 3 Client.lnk - C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
C:\Users\User 1\Desktop\zsnesw151\zsnesw - Atalho.lnk - C:\Users\User 1\Desktop\zsnesw151\zsnesw.exe
C:\Users\User 1\Desktop\ \3dSonicVoleyball.lnk -  
C:\Users\User 1\Desktop\ \Adobe Reader X (2).lnk -  
C:\Users\User 1\Desktop\ \Adobe Reader X.lnk -  
C:\Users\User 1\Desktop\ \avast Free Antivirus (2).lnk -  
C:\Users\User 1\Desktop\ \avast Free Antivirus.lnk -  
C:\Users\User 1\Desktop\ \Computador - Atalho.lnk -  
C:\Users\User 1\Desktop\ \ELSWORD.lnk -  
C:\Users\User 1\Desktop\ \Fraps_v3.5.9_Full(Registrado)[NFSU2_Blog] - Atalho (2).lnk -  
C:\Users\User 1\Desktop\ \Fraps_v3.5.9_Full(Registrado)[NFSU2_Blog] - Atalho.lnk -  
C:\Users\User 1\Desktop\ \Oracle VM VirtualBox.lnk -  
C:\Users\User 1\Desktop\ \Windows Live Messenger.lnk -  
C:\Users\User 1\Desktop\ \Dyego\DETRAN-PE - Prova Eletrônica (2).lnk -  
C:\Users\User 1\Desktop\ \Dyego\DETRAN-PE - Prova Eletrônica.lnk -  
C:\Users\User 1\Desktop\ \Dyego\Sony PC Companion 2.1.lnk -  
C:\Users\User 1\Desktop\ \Sonic deluxe\Play 3DSexVilla2.lnk -  

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\avast Free Antivirus.lnk -  
C:\Users\Public\Desktop\Bá V??ng Online.lnk -  
C:\Users\Public\Desktop\Comodo Dragon.lnk - C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Users\Public\Desktop\Counter-Strike 1.6.lnk - C:\Program Files (x86)\Counter-Strike 1.6\cstrike.exe
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Users\User 1\Daemon tools lite\DTLite.exe
C:\Users\Public\Desktop\GetAmped2_BR.lnk - C:\CyberStep\GetAmped2_BRSC\ga2.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\MorphVOX Junior.lnk - C:\Program Files (x86)\Screaming Bee\MorphVOX Junior\MorphVOXJr.exe
C:\Users\Public\Desktop\Opera.lnk - C:\Program Files (x86)\Opera\opera.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\Tintii.lnk - C:\Program Files\indii.org\tintii\tintii.exe

==== shortcuts in Users Start Menu ======================

C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Baidu PC Faster.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe -startmenu
C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Uninstall.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 1510 series.lnk - C:\Windows\system32\RunDll32.exe "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=BR3AI1H14105XJ;CONNECTION=USB;MONITOR=1;

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download\4K Video Downloader.lnk - C:\Program Files (x86)\4KDownload\4kvideodownloader\4kvideodownloader.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\Dragon\Comodo Dragon.lnk - C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\Dragon\Uninstall Comodo Dragon.lnk - C:\Program Files (x86)\Comodo\Dragon\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberStep, Inc\GetAmped2_BR\GetAmped2_BR.lnk - C:\CyberStep\GetAmped2_BRSC\ga2.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberStep, Inc\GetAmped2_US\GetAmped2_US.lnk - C:\CyberStep\GetAmped2_US\ga2.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee\MorphVOX Junior\MorphVOX Junior.lnk - C:\Program Files (x86)\Screaming Bee\MorphVOX Junior\MorphVOXJr.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee\MorphVOX Junior\Uninstall MorphVOX Junior.lnk - C:\Windows\SysWOW64\msiexec.exe /x{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Acelerador de Downloads.lnk - C:\Program Files (x86)\Acelerador de Downloads\registro1.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CyberGhost VPN.lnk - C:\Program Files\CyberGhost VPN\CyberGhost.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk - C:\Program Files (x86)\FinalMediaPlayer\FinalMediaPlayer.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Mp3 Wma Converter.lnk - C:\Program Files (x86)\Free mp3 Wma Converter\FreeConverter\FreeConverter.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MapleStory.lnk - C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk - C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Orbit.lnk - C:\Program Files (x86)\Orbitdownloader\orbitdm.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -  
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Opera.lnk - C:\Program Files (x86)\Opera\opera.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows Live Messenger.lnk - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\wmplayer - Atalho.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Comodo Dragon.lnk - C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GetAmped_BR.lnk - C:\CyberStep\GetAmped_BR\amped_launcher.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=127.0.0.1:49378;https=127.0.0.1:49378;"
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000001

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\69f564b8-cdd4-4368-a860-1220161556ce deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\f463c52a-da74-416d-b21b-60ba1bf045a5 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9CEE579E-4EB0-5F9D-C5E2-BF828B360B2F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A21F2418-68FB-28F4-5CAA-6F75D679B9F8} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC40A3C4-CB37-CE38-39CA-9C4CFBCA73A4} deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ngkdgphikkepnnefheniljdgolldgpld deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ngkdgphikkepnnefheniljdgolldgpld deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0E2E068B-E266-EAA6-DED1-C74744249D22} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AF992111-52BE-832B-5882-8477E4A3C99A} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6933C2BA-C67D-42C7-8C77-1FF4B364AF54} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\VisualBee for Microsoft PowerPoint deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aeria Ignite deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Deskmedia deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtect deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtectAll deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yontoo Desktop deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User 1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\User 1\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User 1\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User 1\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User 1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\User 1\AppData\Local\Mozilla\Firefox\Profiles\7wjtq2xo.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\User 1\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1728 folders=408 381281714 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\User 1\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\USER1~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\User 1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on Tue 06/03/2014 at 18:10:02.26 ======================
avatar
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max em Ter 03 Jun 2014, 23:26

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 04 Jun 2014, 20:19, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO) ..

Mensagem por speed2050 em Qua 04 Jun 2014, 17:05

Bom power max , A mensagem do virus so aparece agora quando ligo o pc mas em compensação
minha internet está caindo muito e outra não reconecta quando cai , dai chamei o tecnico da minha internet
e ele falou que só formatando porem si eu seguir esses passos denovo que vc me deu agora significa que minha net vai cair denovo ?
avatar
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max em Qua 04 Jun 2014, 17:12

Ainda não terminamos a limpeza. Siga a dica que te passei na resposta acima e poste o relatório do Zoek.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO)Estou..

Mensagem por speed2050 em Qua 04 Jun 2014, 17:44

Estou procurando um jeito mais facil de colocar em anexo os logs ...
avatar
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max em Qua 04 Jun 2014, 17:45

este tutorial abaixo mostra como anexar:
[Você precisa estar registrado e conectado para ver este link.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO)nossa

Mensagem por speed2050 em Qua 04 Jun 2014, 18:06

Estou com problemas  pra anexar vai demorar um pouco , o sistema de anexo está dizendo que o espaço total de armazenamento foi ultrapassado . (espaço restante : 2kb) .
avatar
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max em Qua 04 Jun 2014, 18:07

Pode dividir o relatório em partes e depois postar as partes aqui no seu tópico.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO)aqui

Mensagem por speed2050 em Qua 04 Jun 2014, 18:21

bom o metodo mais facil que eu achei de anexa-los foi postando eles num arquivo completo no 4shared
link : [Você precisa estar registrado e conectado para ver este link.]
avatar
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max em Qua 04 Jun 2014, 19:15

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 04 Jun 2014, 19:46, editado 2 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO)aqui

Mensagem por speed2050 em Qua 04 Jun 2014, 19:40

O aviso começou a aparecer novamente porque eu reativei a conexão de internet (claro) paresse que o zoek
desativa a conexão com as configurações mas vamos aos logs :

Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by User 1 on Wed 06/04/2014 at 19:28:17.15.
Microsoft Windows 7 Ultimate  6.1.7600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User 1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-03-211002.log 62711 bytes
C:\zoek-results2014-06-04-202117.log 244238 bytes

==== System Restore Info ======================

6/4/2014 7:30:00 PM Zoek.exe System Restore Point Created Succesfully.

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFasterSvc_{PCFaster_4.0.0.0} deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu PC Faster 4.0.0.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"DisplayIcon"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"UninstallString"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"Publisher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"InstallDir"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\BprotectEx]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\PCFasterSvc_{PCFaster_4.0.0.0}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\BprotectEx]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\PCFasterSvc_{PCFaster_4.0.0.0}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFasterSvc_{PCFaster_4.0.0.0}]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\CleanRecord]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm64]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\TrayIcon]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Avast Software\WRC\SearchRules\baidu.com]

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Baidu Security not found
C:\ProgramData\Baidu Security not found
C:\Users\All Users\Baidu Security not found
C:\Users\User 1\AppData\Roaming\Baidu Security deleted

==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2531 folders=856 553561217 bytes)

==== EOF on Wed 06/04/2014 at 19:32:20.75 ======================
avatar
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max em Qua 04 Jun 2014, 19:46

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 04 Jun 2014, 20:19, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO)logs

Mensagem por speed2050 em Qua 04 Jun 2014, 20:15

Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by User 1 on Wed 06/04/2014 at 20:04:49.16.
Microsoft Windows 7 Ultimate  6.1.7600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User 1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-03-211002.log 62711 bytes
C:\zoek-results2014-06-04-202117.log 244238 bytes
C:\zoek-results2014-06-04-223220.log 6304 bytes

==== System Restore Info ======================

6/4/2014 8:05:41 PM Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Enum\Root\LEGACY_BPROTECTEX\0000]

==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2531 folders=856 553561217 bytes)

==== EOF on Wed 06/04/2014 at 20:06:37.09 ======================
avatar
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max em Qua 04 Jun 2014, 20:17

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

Tutorial do Junkware Removal Tool

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO)junk ware tools logs

Mensagem por speed2050 em Qua 04 Jun 2014, 20:39

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by User 1 on Wed 06/04/2014 at 20:26:19.86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dropdowndeals_132013-14EC_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dropdowndeals_132013-14EC_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dropdowndeals_132013-14EC_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dropdowndeals_132013-14EC_RASMANCS



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\User 1\AppData\Roaming\mozilla\firefox\profiles\7wjtq2xo.default\minidumps [35 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 06/04/2014 at 20:32:40.94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max em Qua 04 Jun 2014, 20:41

Faça o download do < ZHPDiag > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

Tutorial de instalação e execução do aplicativo ZHPDiag

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

(RESOLVIDO)'-' part 1

Mensagem por speed2050 em Qua 04 Jun 2014, 20:58

tem algumas coisas improprias ai mas ignorem rçrçrç  :

~ Relatório do ZHPDiag v2014.5.30.78 - Nicolas Coolman  (5/30/2014)
~ Iniciado por User 1 (6/4/2014 8:48:37 PM)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 12.0
GCIE: Google Chrome v35.0.1916.114
OPIE: Opera v12.17

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit  (Build 7600)
Windows Server License Manager Script : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2018
Malwarebytes Anti-Malware versão 1.75.0.1300
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)
µTorrent v3.2.3.28705  =>P2P.µTorrent

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader X
Java 7 Update 21

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4002.9 MB (58% free)
System Restore: Activé (Enable)
System drive C: has 308 GB (66%) free of 466 GB

---\\ Modo de conexão ao sistema
~ Computer Name: USER1-PC
~ User Name: User 1
~ All Users Names: User 1, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\User 1\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\User 1\AppData\Roaming\
~ %Desktop% : C:\Users\User 1\Desktop\
~ %Favorites% : C:\Users\User 1\Favorites\
~ %LocalAppData% : C:\Users\User 1\AppData\Local\
~ %StartMenu% : C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 308 Go of 466 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 49 Legitimates Filtered in 00mn AMs



---\\ Pesquisa particular de ficheiros genéricos
[MD5.C235A51CB740E45FFA0EBFB9BAFCDA64] - (.Microsoft Corporation - Windows Explorer.) (.7/13/2009 - 10:39:10 PM.) -- C:\Windows\Explorer.exe [2868224]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.7/13/2009 - 10:39:52 PM.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.B1037F0131C9A010D611F6914E03CD92] - (.Microsoft Corporation - Internet Extensions para Win32.) (.7/13/2009 - 10:41:56 PM.) -- C:\Windows\System32\wininet.dll [1193472]
[MD5.132328DF455B0028F13BF0ABEE51A63A] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.7/13/2009 - 10:39:52 PM.) -- C:\Windows\System32\Winlogon.exe [389120]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.7/13/2009 - 10:41:54 PM.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.B9384E03479D2506BC924C16A3DB87BC] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.7/13/2009 - 8:21:42 PM.) -- C:\Windows\system32\Drivers\AFD.sys [500224]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/13/2009 - 10:52:21 PM.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.7/13/2009 - 8:19:47 PM.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.7/13/2009 - 8:19:54 PM.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.3F1DC527070ACB87E40AFE46EF6DA749] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.7/13/2009 - 8:23:44 PM.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.7/13/2009 - 9:06:13 PM.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.7/13/2009 - 8:19:57 PM.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.7/13/2009 - 9:10:03 PM.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.CFDCD8CA87C2A657DEBC150AC35B5E08] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.7/13/2009 - 8:24:00 PM.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157184]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.7/13/2009 - 8:21:29 PM.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.356698A13C4630D5B31C37378D469196] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.7/13/2009 - 10:48:27 PM.) -- C:\Windows\system32\Drivers\ntfs.sys [1659984]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.7/13/2009 - 9:00:41 PM.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.7/13/2009 - 9:10:12 PM.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.7/13/2009 - 9:18:02 PM.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.7/13/2009 - 9:09:09 PM.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.7/13/2009 - 8:21:15 PM.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.7/13/2009 - 10:45:55 PM.) -- C:\Windows\system32\Drivers\volsnap.sys [294992]
~ Generic Processes:  Scanned in 00mn AMs



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/15
~ Mes Videos (My Videos) : 1/65
~ Mes Favoris (My Favorites) : 1/22
~ Mes Documents (My Documents) : 2/253
~ Mon Bureau (My Desktop) : 3/4694
~ Menu demarrer (Programs) : 1/65
~ Hidden Files:  Scanned in 01mn AMs



---\\ Processos lançados
[MD5.CC78200C3ECFFA178E78308A0E160D80] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\User 1\AppData\Local\Akamai\netsession_win.exe   [4672920] [PID.2196]
[MD5.2F0DEB0C6413D9DEABFD95A950A422CD] - (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe   [3814736] [PID.3060]
[MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe   [49208] [PID.3916]
[MD5.92BC91BEB19BE1F03DB9664AD47120B2] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe   [3888648] [PID.3924]
[MD5.EF175F7E495F0EEF516BE76A3F3D3011] - (.Comodo - Comodo Dragon.) -- C:\Program Files (x86)\Comodo\Dragon\dragon.exe   [1261248] [PID.4488]
[MD5.6D652B06EB3916DC41A9DBBBC4EDEED1] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8020480] [PID.4516]
~ Processes Running:  Scanned in 00mn AMs



---\\ Opera, Plugins,Arranque,Pesquisa (P1,B0,B1)
B0 - SPO: operaprefs.ini [User 1] Home URL=http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
~ Opera Browser: 1 Legitimates Filtered in 00mn AMs



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn AMs



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\prefs.js
M3 - MFPP: Plugins - [User 1] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\buscape.xml
M3 - MFPP: Plugins - [User 1] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\mercadolivre.xml
M3 - MFPP: Plugins - [User 1] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-br.xml
M3 - MFPP: Plugins - [User 1] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-br.xml
P2 - FPN: [HKCU] [BalancedWorlds.com/WebLauncher] - (.BalancedWorlds - web plugin used to launch client.) -- C:\Users\User 1\AppData\Local\Balanced Worlds\BWGameEngine\npWebLauncher.dll
~ Firefox Browser: 10 Legitimates Filtered in 00mn AMs



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>  =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:51715;https=127.0.0.1:51715;   =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn AMs



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn AMs



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn AMs
~ Nombre de lignes (Lines number): 21



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (...) --  (.not file.)
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Chave orfã
~ Toolbar:  Scanned in 00mn AMs



---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [User 1]: µTorrent.lnk . (...)  -- C:\Program Files (x86)\uTorrent\uTorrent.exe (.not file.)  =>P2P.µTorrent
O4 - GS\Desktop [User 1]: DDTank.lnk . (...)  -- C:\Users\User 1\AppData\Roaming\337\DDTank\gamelogin.exe (.not file.)  =>Hijacker.22Find
~ Global Startup: 2 Legitimates Filtered in 01mn AMs



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (.not file.)
O4 - HKCU\..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe (.not file.)
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Users\User 1\Daemon tools lite\DTLite.exe   =>.DT Soft Ltd
O4 - HKCU\..\Run: [PSwitch] C:\Program Files (x86)\Proxy Switcher Standard\ProxySwitcher.exe (.not file.)
O4 - HKCU\..\Run: [VeodinKeyRocket] C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Veodin\KeyRocket.appref-ms (.not file.)
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\User 1\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [ContentExplorer] . (.ContentExplorer - ContentExplorer.) -- C:\Users\User 1\AppData\Roaming\ContentExplorer\ContentExplorer.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe   =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKUS\.DEFAULT\..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (.not file.)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (.not file.)
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3871448519-1215792208-1213526283-1000\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (.not file.)
O4 - HKUS\S-1-5-21-3871448519-1215792208-1213526283-1000\..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe (.not file.)
O4 - HKUS\S-1-5-21-3871448519-1215792208-1213526283-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Users\User 1\Daemon tools lite\DTLite.exe   =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-3871448519-1215792208-1213526283-1000\..\Run: [PSwitch] C:\Program Files (x86)\Proxy Switcher Standard\ProxySwitcher.exe (.not file.)
O4 - HKUS\S-1-5-21-3871448519-1215792208-1213526283-1000\..\Run: [VeodinKeyRocket] C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Veodin\KeyRocket.appref-ms (.not file.)
O4 - HKUS\S-1-5-21-3871448519-1215792208-1213526283-1000\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\User 1\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-3871448519-1215792208-1213526283-1000\..\Run: [ContentExplorer] . (.ContentExplorer - ContentExplorer.) -- C:\Users\User 1\AppData\Roaming\ContentExplorer\ContentExplorer.exe
~ Application:  Scanned in 00mn AMs



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons:  Scanned in 00mn AMs



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains] http.aeriagames.com
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance:  Scanned in 00mn AMs



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3D3C7E4D-846B-4760-938D-6A838DB7FEAE}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{5DBC025C-8AA2-4D58-83AF-99737ADFB624}: NameServer = 10.17.92.253 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{63589A80-2960-4539-9986-BC1B314358B4}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{63589A80-2960-4539-9986-BC1B314358B4}: DhcpNameServer = 172.31.1.1 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.31.1.1 8.8.8.8 8.8.4.4
~ Domain:  Scanned in 00mn AMs



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn AMs



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn AMs



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: WinFilter (03e661da) . (...) - c:\progra~3\winfil~1\WinFilterSvc.dll (.not file.)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) . (...) - C:\Windows\System32\viakaraokesrv.exe (.not file.)
~ Services: 12 Legitimates Filtered in 03mn AMs



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [Baidu PC Faster Service] (...) -- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [Baidu PC Faster Update] (...) -- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Updater.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [Registry Optimizer] (...) -- C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{54A1D7F2-178E-4BF0-8CCC-6D5692CD7135}] (...) -- C:\Users\User 1\Desktop\Rodrigo\Jogos\Cleo snow\SnowFX V1.01\SnowFX-Setup-v101.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{D7CB7C34-C82C-4E01-84DC-C7BD1FC12609}] (...) -- C:\Users\User 1\Downloads\PedalToTheMetalSetup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{E295344F-AB0A-4B74-806B-1C89D6B7B80B}] (...) -- C:\Users\User 1\Desktop\Rodrigo\Bus Driver\Bus Driver\busdriver_setup.exe (.not file.)   [0]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [902]
O39 - APT:  - (..) -- C:\Windows\Tasks\Final Media Player Update Checker.job   [412]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Final Media Player Update Checker   [412]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1064]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1068]
~ Scheduled Task: 22 Legitimates Filtered in 03mn AMs



---\\ Software instalados (042)
O42 - Logiciel: 3DSexVilla2 - (.ThriXXX.) [HKCU][64Bits] -- 3DSexVilla2
O42 - Logiciel: Acelerador de Downloads - (.Acelerador de Downloads.) [HKLM][64Bits] -- {33BB1D6F-2708-4B3F-92FC-639B9540F1A1}_is1
O42 - Logiciel: BMICalculator  - (...) [HKLM][64Bits] -- BMICalculator
O42 - Logiciel: Bomberman Online World 4.5 BR versão 4.5.0 - (...) [HKLM][64Bits] -- {8F9B6DF7-24F7-4F40-9F27-B76F8F2D1BEA}_is1
O42 - Logiciel: Bá Vương Online - (.PlayPark.vn.) [HKLM][64Bits] -- {45CCF4CB-EB83-4CE9-9D57-4D95C94A45C9}_is1
O42 - Logiciel: ContentExplorer - (.ContentExplorer.net.) [HKLM][64Bits] -- ContentExplorer
O42 - Logiciel: DETRAN-PE - Prova Eletrônica 4.1 - (.DETRAN-PE.) [HKLM][64Bits] -- {D529C0D9-C9D7-4E6E-82F1-66F1A821EAD6}_is1
O42 - Logiciel: DMO Egg Adder version 1.1 - (.Cheater, Inc..) [HKLM][64Bits] -- {69487137-DB13-4CDB-B7B1-5F800A9F19E9}_is1
O42 - Logiciel: Define Ext - (.DefineExt.com.) [HKCU][64Bits] -- Define Ext
O42 - Logiciel: EZ Macros - (...) [HKLM][64Bits] -- EZMacros
O42 - Logiciel: Efficient WMA MP3 Converter version 0.99.9.3 - (...) [HKLM][64Bits] -- Efficient WMA MP3 Converter_is1
O42 - Logiciel: GDMO - (...) [HKLM][64Bits] -- DMO
O42 - Logiciel: Gerenciador de Downloads - (.Level Up! Gerenciador.) [HKCU][64Bits] -- a54e16f5d00985b6
O42 - Logiciel: Grand Chase - (.KOG.) [HKLM][64Bits] -- GrandChaseInstaller_is1
O42 - Logiciel: Little Fighter - (...) [HKLM][64Bits] -- Little Fighter
O42 - Logiciel: MuAwaY versão 97d+1.0 Custons Completo - (.MuAwaY, Inc..) [HKLM][64Bits] -- {36ABC48E-0DB5-4DA8-A6EE-1F491D2C563C}_is1
O42 - Logiciel: Paint XP version 1.1 - (.MSPAINTXP.COM.) [HKLM][64Bits] -- {2367FAB6-055A-4923-835F-F57F7BBBA363}_is1
O42 - Logiciel: Play Pickle Games Console - (.Play Turtle,LLC.) [HKCU][64Bits] -- PlayPickle
O42 - Logiciel: Responding Heads - (.AdSa Software Development.) [HKLM][64Bits] -- {72273B4F-D703-4F02-BB03-A5D04A30B260}
O42 - Logiciel: Sexy Beach 3 Platinum Pack - (.ILLUSION.) [HKLM][64Bits] -- {BE43FDDD-F003-494F-952A-69731FF82197}
O42 - Logiciel: Super nude patch 3 1.0 - (.Pandora sims.) [HKLM][64Bits] -- Super_nude_patch_II_1.0
O42 - Logiciel: TidyNetwork.com - (.TidyNetwork.com.) [HKCU][64Bits] -- TidyNetwork.com  =>Adware.TidyNetwork
O42 - Logiciel: Tintii - (...) [HKLM][64Bits] -- tintii
O42 - Logiciel: Warmux - (...) [HKLM][64Bits] -- Warmux
O42 - Logiciel: Zone4 Brasil - (...) [HKCU][64Bits] -- Zone4 Brasil
~ Logic: 46 Legitimates Filtered in 01mn AMs
avatar
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

(RESOLVIDO) '-' part 2

Mensagem por speed2050 em Qua 04 Jun 2014, 20:58

---\\ HKCU & HKLM Software Keys
[HKCU\Software\4kdownload.com]
[HKCU\Software\AI_RecycleBin]
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\ContentExplorer]
[HKCU\Software\IncrediMail]
[HKCU\Software\Install]
[HKCU\Software\Misfit Code]
[HKCU\Software\Nimonix]
[HKCU\Software\ONGAME]
[HKCU\Software\Pando Networks]
[HKCU\Software\Pelikan13]
[HKCU\Software\RobloxReg]
[HKCU\Software\StudioQTRobloxReg]
[HKCU\Software\UltraDownloads.com.br]
[HKCU\Software\WrapApp]
[HKCU\Software\indii.org]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\Baidu Security]
[HKLM\Software\Wow6432Node\360Safe]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Define Ext]
[HKLM\Software\Wow6432Node\Deskmedia]
[HKLM\Software\Wow6432Node\File Type Helper]
[HKLM\Software\Wow6432Node\ILLUSION]
[HKLM\Software\Wow6432Node\LessTabs]
[HKLM\Software\Wow6432Node\Level Up! Interactive]
[HKLM\Software\Wow6432Node\Level Up!]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\PlayPark]
[HKLM\Software\Wow6432Node\SK.Enhancer]  =>Adware.SurfAndKeep
[HKLM\Software\Wow6432Node\ZUpdater]
[HKLM\Software\Wow6432Node\indii.org]
~ Key Software: 537 Legitimates Filtered in 01mn AMs



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 6/3/2014 - 1:05:02 AM - [] ----D C:\Program Files (x86)\4KDownload
O43 - CFD: 10/14/2012 - 5:52:42 PM - [0] ----D C:\Program Files (x86)\Acelerador de Downloads
O43 - CFD: 1/13/2013 - 11:10:17 PM - [0] ----D C:\Program Files (x86)\BMICalculator
O43 - CFD: 5/23/2013 - 9:21:30 AM - [] ----D C:\Program Files (x86)\DETRAN-PE - Prova Eletrônica
O43 - CFD: 4/6/2014 - 12:45:11 AM - [0] ----D C:\Program Files (x86)\DMO Egg Adder
O43 - CFD: 2/13/2014 - 1:58:33 AM - [] ----D C:\Program Files (x86)\Efficient WMA MP3 Converter
O43 - CFD: 4/24/2014 - 1:15:46 AM - [] ----D C:\Program Files (x86)\FarCry 3
O43 - CFD: 2/2/2014 - 9:02:17 PM - [] ----D C:\Program Files (x86)\ONGAME
O43 - CFD: 4/2/2014 - 1:02:32 AM - [] ----D C:\Program Files (x86)\Paint XP
O43 - CFD: 7/19/2013 - 2:19:59 PM - [0] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 10/24/2013 - 10:57:05 PM - [] ----D C:\Program Files (x86)\PlayPark
O43 - CFD: 10/22/2013 - 1:23:41 PM - [] ----D C:\Program Files (x86)\Silent Hill Homecoming
O43 - CFD: 1/24/2014 - 6:06:42 PM - [0] ----D C:\Program Files (x86)\Speed Gear
O43 - CFD: 12/26/2012 - 11:56:34 PM - [] ----D C:\Program Files (x86)\Warmux
O43 - CFD: 1/13/2013 - 11:06:30 PM - [] ----D C:\Program Files (x86)\WrapApp
O43 - CFD: 10/12/2012 - 10:22:30 AM - [] ----D C:\ProgramData\levelup downloader
O43 - CFD: 8/6/2013 - 10:28:37 PM - [] ----D C:\Users\User 1\AppData\Roaming\BoneTown
O43 - CFD: 6/3/2014 - 1:11:45 AM - [] ----D C:\Users\User 1\AppData\Roaming\ContentExplorer
O43 - CFD: 6/3/2014 - 1:07:17 AM - [] ----D C:\Users\User 1\AppData\Local\4kdownload.com
O43 - CFD: 10/12/2012 - 2:05:49 AM - [] ----D C:\Users\User 1\AppData\Local\Balanced Worlds
O43 - CFD: 10/12/2012 - 10:22:30 AM - [] ----D C:\Users\User 1\AppData\Local\Level Up!
O43 - CFD: 2/24/2013 - 10:44:53 PM - [] ----D C:\Users\User 1\AppData\Local\Roblox
O43 - CFD: 2/16/2014 - 9:30:07 PM - [] ----D C:\Users\User 1\AppData\Local\Veodin
O43 - CFD: 2/13/2014 - 1:59:01 AM - [] ----D C:\Users\User 1\AppData\Local\WmaMp3-Converter.com
O43 - CFD: 4/2/2013 - 1:21:39 AM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3DSexVilla2
O43 - CFD: 8/5/2013 - 7:44:39 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Define Ext
O43 - CFD: 10/14/2012 - 11:51:30 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up!
O43 - CFD: 11/12/2013 - 9:56:41 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up! Gerenciador
O43 - CFD: 2/10/2014 - 9:39:09 AM - [0] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Fighter 2 version 2.0a
O43 - CFD: 4/17/2013 - 6:29:50 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayPickle
O43 - CFD: 2/24/2013 - 10:08:23 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
O43 - CFD: 1/13/2013 - 11:09:10 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WrapApp
O43 - CFD: 2/2/2014 - 9:02:17 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zone4 Brasil
~ Program Folder: 291 Legitimates Filtered in 00mn AMs



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.42EA2023AEF7DF0700526FA93FA88488] - 6/3/2014 - 1:13:50 AM ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys   [85824]
O44 - LFC:[MD5.42AB71D1C7E65AF187961F70DEEA419D] - 6/3/2014 - 6:10:02 PM ---A- . (...) -- C:\zoek-results2014-06-03-211002.log   [62711]
O44 - LFC:[MD5.2919BBA38549DFC8AEFCAB6808502544] - 6/4/2014 - 5:21:17 PM ---A- . (...) -- C:\zoek-results2014-06-04-202117.log   [244238]
O44 - LFC:[MD5.B8CF08EA24052E288A826674DBA75EF7] - 6/4/2014 - 7:21:46 PM ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [127896]
O44 - LFC:[MD5.18903A5111917D01F4453D44C5A1EAC7] - 6/4/2014 - 7:21:46 PM ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [663606]
O44 - LFC:[MD5.BD7AE23A4476DF831A291F24425EB250] - 6/4/2014 - 8:06:37 PM ---A- . (...) -- C:\zoek-results.log   [1313]
~ Files: 14 Legitimates Filtered in 01mn AMs



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks:  Scanned in 00mn AMs



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{7f401d78-b278-11e2-adaa-080027002c55}\AutoRun\command. (...) -- E:\Startme.exe (.not file.)
O51 - MPSK:{cc17553f-0e5c-11e3-a6f0-c89cdc4cca62}\AutoRun\command. (...) -- E:\Startme.exe (.not file.)
~ Keys:  Scanned in 00mn AMs



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Exetender  [Key] . (...) -- C:\Program Files (x86)\Free Ride Games\GPlayer.exe (.not file.)
~ SMSR Keys: 10 Legitimates Filtered in 00mn AMs



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn AMs



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn AMs



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:9/17/2012 - 7:58:30 PM R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys   [288688]
O58 - SDL:5/11/2014 - 12:33:20 PM ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys   [29208]  =>.ALWIL Software
O58 - SDL:5/11/2014 - 12:33:20 PM ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys   [65776]  =>.ALWIL Software
O58 - SDL:5/11/2014 - 12:33:20 PM ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys   [208416]  =>.ALWIL Software
O58 - SDL:3/11/2014 - 12:14:02 AM ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys   [85824]
O58 - SDL:7/13/2009 - 10:47:48 PM ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:6/10/2009 - 5:31:59 PM ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:1/4/2012 - 8:01:58 PM ---A- . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\Drivers\HssDrv.sys   [56832]
O58 - SDL:7/13/2009 - 10:45:55 PM ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:12/15/2011 - 8:29:42 PM ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys   [31232]
O58 - SDL:8/20/2012 - 11:07:58 PM ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901_openvpn_accl.sys   [37912]
O58 - SDL:1/4/2012 - 8:01:54 PM ---A- . (.AnchorFree Inc - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\taphss.sys   [37888]
O58 - SDL:7/15/2012 - 10:48:16 AM ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tapoas.sys   [30720]
O58 - SDL:5/8/2013 - 9:52:48 AM ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys   [49536]
O58 - SDL:9/23/2013 - 12:20:50 PM ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys   [31088]
~ Drivers: 81 Legitimates Filtered in 03mn AMs



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn AMs



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 5/11/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
~ Legacy: 92 Legitimates Filtered in 00mn AMs



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn AMs



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Comodo - Comodo Dragon.) -- C:\Program Files (x86)\Comodo\Dragon\dragon.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe
~ Keys:  Scanned in 00mn AMs



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys:  Scanned in 00mn AMs



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][6/3/2014] (...) -- C:\Users\User 1\Desktop\zoek.exe   [1285120]
~ Files: 4 Legitimates Filtered in 00mn AMs



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{0D7D0FDF-20D9-4287-8B33-65391B0B540F}C:\users\user 1\downloads\utorrent.exe" | In - Public - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\users\user 1\downloads\utorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "UDP Query User{26D3ED2D-8C4D-40C6-9A2D-C51D9DB91A1F}C:\users\user 1\downloads\utorrent.exe" | In - Public - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\users\user 1\downloads\utorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{DEB31190-A0D2-43DF-BE0F-07C43A8D0B01}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Users\User 1\Downloads\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{E11B2A84-8FF1-4E74-AA86-71964E31921F}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Users\User 1\Downloads\uTorrent.exe  =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 02mn AMs



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS:  - {35B6525E-071A-4EA9-B3BD-F6A742572F08}
~ MNS: 1 Legitimates Filtered in 00mn AMs



---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.D28CBC8B668D3C8643E65A22C3F86C3B] [WIS][4/18/2013] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\f93f78.msi   [3673600]  =>PUP.SweetIM
~ WIS: 1 Legitimates Filtered in 03mn AMs



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultTabSearch_RASAPI32  =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultTabSearch_RASMANCS  =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FastFreeConverter_Somoto2_RASAPI32  =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FastFreeConverter_Somoto2_RASMANCS  =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\funmoods_RASAPI32  =>PUP.Funmoods
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\funmoods_RASMANCS  =>PUP.Funmoods
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_20120911_RASAPI32  =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_20120911_RASMANCS  =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Optimizer_Pro_RASAPI32  =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Optimizer_Pro_RASMANCS  =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\savings sidekick-bg_RASAPI32  =>Adware.GamePlayLabs
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\savings sidekick-bg_RASMANCS  =>Adware.GamePlayLabs
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASMANCS  =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS  =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz_RASAPI32  =>PUP.Duuqu
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz_RASMANCS  =>PUP.Duuqu
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeInstall_RASAPI32  =>Adware.VisualBeeToolbar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeInstall_RASMANCS  =>Adware.VisualBeeToolbar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Wajam_RocketFuelInstaller_RASAPI32  =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Wajam_RocketFuelInstaller_RASMANCS  =>PUP.Wajam
~ BTK: 833 Legitimates Filtered in 00mn AMs



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 7/10/1658 0 |  (03e661da) . (...) - c:\progra~3\winfil~1\WinFilterSvc.dll
SS - | Demand 12/21/2013 72704 |  (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SS - | Demand 5/14/2014 257712 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 4/26/2012 2438696 |  (CGVPNCliSrvc) . (.mobile concepts GmbH.) - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
SS - | Demand 12/18/2013 654848 |  (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 10/10/2012 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 10/10/2012 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/16/2012 115168 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 7/10/1658 0 |  (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des
SS - | Auto 10/23/2013 172192 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 2/4/2013 155824 |  (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
SS - | Auto 7/10/1658 0 |  (VIAKaraokeService) . (...) - C:\Windows\System32\viakaraokesrv.exe
SS - | Demand 7/10/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SS - | Disabled 7/13/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 5/10/2013 65640 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 5/11/2014 50344 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 2/28/2006 229376 |  (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
SR - | Auto 5/21/2014 2135232 |  (DragonUpdater) . (...) - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
SR - | Auto 5/13/2014 2228048 |  (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SR - | Auto 4/15/2014 377616 |  (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
SR - | Auto 12/20/2010 325656 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 7/20/2009 935208 |  (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 3/10/2010 189728 |  (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 12/20/2010 2656280 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 7/13/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 06mn AMs



---\\ Scâner Aditional (088)
Database Version : 13026 - (5/30/2014)
Clés trouvées (Keys found) : 26
Valeurs trouvées (Values found) : 2
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 2

[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\TidyNetwork.com]   =>Adware.TidyNetwork^
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}]   =>PUP.SpecialSavings
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635]   =>PUP.SweetIM
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv]   =>Trojan.Adclicker
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]   =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]   =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\360Safe]   =>Trojan.Lozavita
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156]   =>PUP.SweetIM^
[HKLM\Software\Wow6432Node\SK.Enhancer]   =>Adware.SurfAndKeep^
C:\Windows\Installer\f93f78.msi   =>PUP.SweetIM^
~ Additionnel Scan: 307517 Items scanned in 54mn AMs



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.Proxy
[Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.22Find
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.TidyNetwork
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.SurfAndKeep
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.SweetIM
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.Bandoo
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.MegaSearch
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.Funmoods
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.IMBooster
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.OptimizerPro
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.GamePlayLabs
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.Duuqu
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.VisualBeeToolbar
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.Wajam
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.SpecialSavings
[Você precisa estar registrado e conectado para ver este link.]  =>PUP.Tarma
[Você precisa estar registrado e conectado para ver este link.]  =>Trojan.Lozavita
~ MSI: 17 link(s) detected in 00mn AMs



~ 1045 Legitimates filtered by white list
End of the scan (638 lines in 34mn AMs)(0)
avatar
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Voltar ao Topo Ir em baixo

Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum