Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14412 usuários registrados
O último usuário registrado atende pelo nome de LucasDrBr

Os nossos membros postaram um total de 35075 mensagens em 3551 assuntos
Quem está conectado
2 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 2 Visitantes :: 2 Motores de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Julho 2017
SegTerQuaQuiSexSabDom
     12
3456789
10111213141516
17181920212223
24252627282930
31      

Calendário Calendário

Palavras chave


Deletar CE_UmbrellaCert

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Deletar CE_UmbrellaCert

Mensagem por VanessaUva em Sab 07 Jun 2014, 13:40

Olá, eu tenho um problema, um certifica de autorizaçao com o nome de CE_UmbrellaCert . Mensagem  aparecendo no meu notbook o tempo todo depois que formatei windows7 .Como excluir?
avatar
VanessaUva
Membro
Membro

Mensagens : 62
Reputação : 0
Data de inscrição : 07/06/2014

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por Power Max em Sab 07 Jun 2014, 14:43

  Oi Vanessa. Seja bem vinda ao Fórum PC Brasil.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

Remova adwares e toolbars maliciosas com o Adwcleaner

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por VanessaUva em Sab 07 Jun 2014, 20:20

# AdwCleaner v3.210 - Relatório criado 07/06/2014 às 20:14:25
# Atualizado 19/05/2014 por Xplode
# Sistema Operacional : Windows 7 Starter Service Pack 1 (32 bits)
# Usuário : Vanessa - VANESSA-PC
# Executando de : C:\Users\Vanessa\Downloads\adwcleaner-3-210-br [1].exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\Users\Vanessa\AppData\Roaming\AppCloudUpdater

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKCU\Software\AppCloudUpdater

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Google Chrome v35.0.1916.114

[ Arquivo : C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]

*************************

AdwCleaner[R0].txt - [4478 octets] - [01/06/2014 22:34:37]
AdwCleaner[R1].txt - [857 octets] - [01/06/2014 23:07:05]
AdwCleaner[R2].txt - [2510 octets] - [03/06/2014 20:04:36]
AdwCleaner[R3].txt - [1840 octets] - [03/06/2014 20:51:24]
AdwCleaner[R4].txt - [1466 octets] - [07/06/2014 20:05:42]
AdwCleaner[S0].txt - [4082 octets] - [01/06/2014 22:55:39]
AdwCleaner[S1].txt - [912 octets] - [01/06/2014 23:09:34]
AdwCleaner[S2].txt - [3251 octets] - [03/06/2014 20:07:30]
AdwCleaner[S3].txt - [2593 octets] - [03/06/2014 20:55:32]
AdwCleaner[S4].txt - [1378 octets] - [07/06/2014 20:14:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1438 octets] ##########
avatar
VanessaUva
Membro
Membro

Mensagens : 62
Reputação : 0
Data de inscrição : 07/06/2014

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por Power Max em Sab 07 Jun 2014, 20:24

Desative temporariamente seu antivírus para evitar conflitos.

* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

Para executá-lo corretamente siga as dicas deste tutorial:

Exclua adwares e outras ameaças de seu PC e browsers com o aplicativo Zoek

* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por VanessaUva em Sab 07 Jun 2014, 21:16

Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by Vanessa on 07/06/2014 at 20:41:52,20.
Microsoft Windows 7 Starter  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vanessa\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-07-001758.log 20064 bytes
C:\zoek-results2014-06-07-005441.log 18218 bytes

==== System Restore Info ======================

07/06/2014 20:43:48 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1       localhost
::1             localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files\McAfee\SiteAdvisor" [01/06/2014 02:55]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx[23/04/2014 17:50]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[01/06/2014 21:06]

Google Docs - Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
avast Online Security - Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Vanessa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.asus.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.asus.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{1DCB58D2-7A20-42A8-AB4E-2B18C8CD4315} Google  Url="https://www.google.com/search?q={searchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Vanessa\Desktop\Ares.lnk - C:\Program Files\Ares\Ares.exe
C:\Users\Vanessa\Desktop\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\Vanessa\Desktop\Windows Live Mail.lnk - C:\Program Files\Windows Live\Mail\wlmail.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader X.lnk - C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\ASUS  Vibe Fun Center.lnk - C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe
C:\Users\Public\Desktop\ASUS Sonic Focus.lnk - C:\Windows\Installer\{B0002707-4F7E-4745-88A7-852DA8A88635}\SonicFocus.exe1_B0A8CDAEB7C14C9B9559672250622EF7.exe
C:\Users\Public\Desktop\ASUS WebStorage.lnk - C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\avast SafeZone.lnk -  
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Public\Desktop\eManual.Lnk - C:\eSupport\Manual\eManual.exe
C:\Users\Public\Desktop\Firestorm-Release.lnk - C:\Program Files\Firestorm-Release\Firestorm-Release.exe --set InstallLanguage pt
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Oceanis Change Background W7.lnk - C:\Program Files\Oceanis\SystemSetting\ChangeBackground.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\ASUS\Backup & Restore\AI Recovery Burner.lnk - C:\ProgramData\ChangeFolderView\aiRecovery.ico
C:\Users\Public\Desktop\ASUS\Entertainment\LifeFrame.lnk - C:\Program Files\ASUS\ASUS LifeFrame3\LifeFrame.exe
C:\Users\Public\Desktop\ASUS\System tool\e-Driver.lnk - C:\eSupport\eDriver\InstAll.exe
C:\Users\Public\Desktop\ASUS\System tool\FastBoot.lnk - C:\Windows\Installer\{13F4A7F3-EABC-4261-AF6B-1317777F0755}\_0FD69E990F09976FD5DF88.exe
C:\Users\Public\Desktop\ASUS\System tool\Splendid Utility.Lnk - C:\Program Files\ASUS\Splendid\Backbone.exe
C:\Users\Public\Desktop\ASUS\Word processor\Adobe Reader X.lnk - C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe  -extoff

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk - C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oceanis Change Background W7.lnk - C:\Program Files\Oceanis\SystemSetting\ChangeBackground.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center\AMD VISION Engine Control Center.lnk - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center\Help.lnk - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.exe Start Help -help
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Ares.lnk - C:\Program Files\Ares\Ares.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Homepage.lnk - C:\Program Files\Ares\data\Homepage.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Host Chatroom.lnk - C:\Program Files\Ares\chatServer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares\Uninstall.lnk - C:\Program Files\Ares\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AI Recovery.lnk - C:\Windows\Installer\{D39F0676-163E-4595-A917-E28F99BBD4D2}\_637B3312044ADB2BCE5F20.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Live Update.Lnk - C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Virtual Camera.lnk - C:\Windows\Installer\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}\_DD6BB7CCB61B3F6F56681D.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\e-Driver.lnk - C:\eSupport\eDriver\InstAll.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\LifeFrame.lnk - C:\Program Files\ASUS\ASUS LifeFrame3\LifeFrame.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Power4Gear Hybrid.lnk - C:\Windows\Installer\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}\_98A842F430F896D1B64A24.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WinFlash.Lnk - C:\Program Files\ASUS\WinFlash\WinFlash.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Wireless Console 3.lnk - C:\Windows\Installer\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}\_6FC4AD3CB38ECE3AA1E7B9.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS FaceLogon\FaceLogon Console.lnk - C:\Program Files\ASUS\FaceLogon\facemgr.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS FaceLogon\FaceLogon Manager.lnk - C:\Program Files\ASUS\FaceLogon\logonmgr.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS FaceLogon\General disclaimer.lnk - C:\Program Files\ASUS\FaceLogon\disclaimer.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Splendid Utility\Splendid Compatibility Tool.Lnk - C:\Program Files\ASUS\Splendid\Backache.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Splendid Utility\Splendid Utility.Lnk - C:\Program Files\ASUS\Splendid\Backbone.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility\ASUS Sonic Focus.lnk - C:\Windows\Installer\{B0002707-4F7E-4745-88A7-852DA8A88635}\SonicFocus.exe_C2239DDEF465468B9601EC46626FA4D3.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility\eManual.Lnk - C:\eSupport\Manual\eManual.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility\FancyStart.lnk - C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_80F7FD616C2099CBC12094.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility\FastBoot.lnk - C:\Windows\Installer\{13F4A7F3-EABC-4261-AF6B-1317777F0755}\_D6E55527389F1FD0FB7A57.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Premier.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast SafeZone.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\World of Warcraft™.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Português (Brasil))\Microsoft Excel Starter 2010.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Português (Brasil))\Microsoft Word Starter 2010.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Português (Brasil))\Ferramentas do Microsoft Office 2010\Centro de Carregamento do Microsoft Office 2010.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Português (Brasil))\Ferramentas do Microsoft Office 2010\Microsoft Media Gallery.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Português (Brasil))\Ferramentas do Microsoft Office 2010\Microsoft Office Picture Manager.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Português (Brasil))\Ferramentas do Microsoft Office 2010\Microsoft Office Starter To-Go Device Manager 2010.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape\Uninstall PhotoScape.lnk - C:\Program Files\PhotoScape\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files\Skype\Phone\Skype.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\Account Billing.lnk - C:\Program Files\World of Warcraft\Data\enUS\AccountBilling.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\Blizzard Technical Support.lnk - C:\Program Files\World of Warcraft\Data\enUS\TechSupport.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\World of Warcraft.lnk - C:\Program Files\World of Warcraft\World of Warcraft Launcher.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Vanessa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Vanessa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Vanessa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe
C:\Users\Vanessa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Vanessa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Vanessa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Vanessa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Vanessa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Vanessa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Photo Gallery.lnk - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
C:\Users\Vanessa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=127.0.0.1:49643;https=127.0.0.1:49643"
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000001

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Vanessa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=3 folders=0 1132486 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Vanessa\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Vanessa\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 07/06/2014 at 21:12:57,09 ======================
avatar
VanessaUva
Membro
Membro

Mensagens : 62
Reputação : 0
Data de inscrição : 07/06/2014

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por Power Max em Sab 07 Jun 2014, 21:22

Faça o download do < ZHPDiag > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

Tutorial de instalação e execução do aplicativo ZHPDiag

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por VanessaUva em Sab 07 Jun 2014, 22:00

Fiz Tudo baixei e segui o tutorial e nao aconteceu nada  ?

Tentar novamente .
avatar
VanessaUva
Membro
Membro

Mensagens : 62
Reputação : 0
Data de inscrição : 07/06/2014

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por Power Max em Sab 07 Jun 2014, 22:06

Ao executar o ZHPDiag como mostra o tutorial ele irá gerar um relatório e aí é só postar este relatório aqui em seu tópico.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por VanessaUva em Sab 07 Jun 2014, 22:25

~ Relatório do ZHPDiag v2014.6.7.86 - Nicolas Coolman  (07/06/2014)
~ Iniciado por Vanessa (07/06/2014 22:10:32)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17107
GCIE: Google Chrome v35.0.1916.114 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Starter, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Premier v9.0.2018
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.00

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader X
Java 7 Update 60

---\\ Informações sobre o sistema
~ Processor: x86 Family 20 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1643 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 386 GB (87%) free of 441 GB

---\\ Modo de conexão ao sistema
~ Computer Name: VANESSA-PC
~ User Name: Vanessa
~ All Users Names: Vanessa, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Vanessa\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Vanessa\AppData\Roaming\
~ %Desktop% : C:\Users\Vanessa\Desktop\
~ %Favorites% : C:\Users\Vanessa\Favorites\
~ %LocalAppData% : C:\Users\Vanessa\AppData\Local\
~ %StartMenu% : C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 386 Go of 441 Go)
D: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 43 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.23/02/2012 - 08:46:43.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4E829EE073E046B0EB19B5FECB19B8C] - (.Microsoft Corporation - Internet Extensions para Win32.) (.01/06/2014 - 19:30:46.) -- C:\Windows\System32\wininet.dll [1789440]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 09:21:26.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 05:38:12.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 05:42:34.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 06:59:30.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.23/02/2012 - 08:49:19.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 05:39:46.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 05:39:18.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.C37AEE5966EB5929E2051AC7409B5730] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.23/02/2012 - 08:41:11.) -- C:\Windows\system32\Drivers\volsnap.sys [246144]
~ Generic Processes:  Scanned in 00mn 01s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/3
~ Mes Favoris (My Favorites) : 1/8
~ Mon Bureau (My Desktop) : 1/6
~ Menu demarrer (Programs) : 1/22
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processos lançados
[MD5.D4A8B3FB5AB83A59785F31E8D581E418] - (.AMD - AMD External Events Service Module.) -- C:\Windows\system32\atiesrxx.exe   [163328] [PID.876]
[MD5.134ED6E453BC9865BDA781DFF8562C20] - (.AMD - AMD External Events Client Module.) -- C:\Windows\system32\atieclxx.exe   [404992] [PID.1256]
[MD5.96E9755560BD21DB05A1228A3BF06529] - (.ASUSTeK Computer Inc. - ASUS FastBoot.) -- C:\Windows\system32\FBAgent.exe   [303744] [PID.1496]
[MD5.A3626C6D3F2DC95497F3F61842D7FD89] - (.ASUS - ASLDR Service.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe   [80512] [PID.1524]
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe   [96896] [PID.1600]
[MD5.37D17AE2936867F88EB3C4CBCBC6B8A1] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [50344] [PID.1632]
[MD5.55FF0FFE359702D2E2B99DF5CBB3DD06] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe   [109048] [PID.1992]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe   [65432] [PID.1324]
[MD5.41363F48254A202F1F71131EC3B5F00E] - (.Advanced Micro Devices, Inc. - AMD Fuel Service.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe   [291840] [PID.1788]
[MD5.19D34534176E62F35DDB7DC7B7FF2A87] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe   [207528] [PID.2348]
[MD5.1AEBDC693C74EA55FE05D51FA6573EBC] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe   [523944] [PID.2540]
[MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe   [822504] [PID.2780]
[MD5.20DDC9CED8BC8390138F3187E0FF7411] - (.ASUSTek Computer Inc. - HControl.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe   [174720] [PID.3268]
[MD5.645B944C1FE69A4714DBD60B97114EAD] - (.ASUS - Power4Gear Hybrid.) -- C:\Program Files\ASUS\P4G\BatteryLife.exe   [889264] [PID.3536]
[MD5.64A7C84C0A8C79B22033F92D43919062] - (.ASUS - ACMON.) -- C:\Program Files\ASUS\Splendid\ACMON.exe   [102568] [PID.3564]
[MD5.98CADC34741738CFC24F5CDFDAA408FA] - (.ASUSTeK - ACEngSvr Module.) -- C:\Windows\System32\ACEngSvr.exe   [162456] [PID.3664]
[MD5.6B3BA5BB455D7A4FD16B697B8F73858F] - (.ASUSTek Computer Inc. - ASUS FaceLogon Application.) -- C:\Program Files\ASUS\FaceLogon\sensorsrv.exe   [473728] [PID.3728]
[MD5.D9AB754613208112B840C75B6762B909] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe   [322176] [PID.3756]
[MD5.D5E4E7A2E8CC651ED737B4CF9515D225] - (.ASUSTeK Computer Inc. - ASUS Live Update.) -- C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe   [1556128] [PID.3784]
[MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe   [3058304] [PID.3812]
[MD5.1A536B01E64D26BED151C9BFA3EDCEB2] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe   [11430504] [PID.4032]
[MD5.127AF02665034C7EC6C5BCA8ADBA964D] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe   [1571432] [PID.3600]
[MD5.7EE22E13DEC8A6D18F4643C1EA34B0F0] - (.Virage Logic Corporation / Sonic Focus - ASUS_MATray.exe.) -- C:\Program Files\ASUS\ASUS Sonic Focus\SonicFocusTray.exe   [984400] [PID.3212]
[MD5.C73B4E2F38CB43770845165FA5D1CCF6] - (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe   [1812264] [PID.3204]
[MD5.BC31B27061F27E8968CD0435C038F712] - (.ASUS - ATK Media.) -- C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe   [174720] [PID.3720]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe   [105016] [PID.3964]
[MD5.B9BF29CC884BDD499803C3ED1F97FA41] - (.ASUSTeK Computer Inc. - A program that manage wireless devices in s.) -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe   [2321072] [PID.3908]
[MD5.5CA0EB9538C6ACEBDC3593FC53527B9D] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe   [3890208] [PID.3464]
[MD5.EDAD4A8A1D46AFCF9E76B996D55116EB] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [256896] [PID.2408]
[MD5.77B12692A434D2CAE7A7F623708E535D] - (.ContentExplorer - ContentExplorer.) -- C:\Users\Vanessa\AppData\Roaming\ContentExplorer\ContentExplorer.exe   [1063664] [PID.4024]
[MD5.02E572027CE8A839A4A2CFA496761C76] - (.ELAN Microelectronics Corp. - ETD Control Center Helper.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe   [1602344] [PID.1532]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe   [2488888] [PID.4504]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe   [113208] [PID.4572]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe   [174648] [PID.4584]
[MD5.E56F39F6B7FDA0AC77A79B0FD3DE1A2F] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe   [42856] [PID.5448]
[MD5.103EB6A11590470DAF516D65718263C9] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [8065536] [PID.3152]
[MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Softwa.) -- C:\Windows\system32\sppsvc.exe   [3179520] [PID.6072]
~ Processes Running:  Scanned in 00mn 04s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 18 Legitimates Filtered in 00mn 08s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 10 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>  =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:51827;https=127.0.0.1:51827   =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll  =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã
~ Toolbar:  Scanned in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [ASUSWebStorage] . (.ecareme - AsusWebStorage.) -- C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
O4 - HKLM\..\Run: [SonicMasterTray] . (.Virage Logic Corporation / Sonic Focus - ASUS_MATray.exe.) -- C:\Program Files\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [ETDCtrl] . (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [ATKOSD2] . (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] . (.ASUSTeK Computer Inc. - A program that manage wireless devices in s.) -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKCU\..\Run: [ContentExplorer] . (.ContentExplorer - ContentExplorer.) -- C:\Users\Vanessa\AppData\Roaming\ContentExplorer\ContentExplorer.exe
O4 - HKCU\..\Run: [AppSafe] C:\Program Files\AppSafe\AppSafe.exe (.not file.)   =>PUP.AppSafe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1126362776-786306950-2991706988-1001\..\Run: [ContentExplorer] . (.ContentExplorer - ContentExplorer.) -- C:\Users\Vanessa\AppData\Roaming\ContentExplorer\ContentExplorer.exe
O4 - HKUS\S-1-5-21-1126362776-786306950-2991706988-1001\..\Run: [AppSafe] C:\Program Files\AppSafe\AppSafe.exe (.not file.)   =>PUP.AppSafe
~ Application:  Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{09D8348D-03C1-40B8-B55D-0B25543C9965}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{D96E37D9-C1F1-4220-9C7E-181774B81F82}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{09D8348D-03C1-40B8-B55D-0B25543C9965}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{D96E37D9-C1F1-4220-9C7E-181774B81F82}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{09D8348D-03C1-40B8-B55D-0B25543C9965}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{D96E37D9-C1F1-4220-9C7E-181774B81F82}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [AppSafe] (...) -- C:\Program Files\AppSafe\AppSafe.exe (.not file.)   [0]  =>PUP.AppSafe
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [902]
O39 - APT: AppSafe - (...) -- C:\Windows\Tasks\AppSafe.job   [244]  =>PUP.AppSafe
O39 - APT: AppSafe - (...) -- C:\Windows\System32\Tasks\AppSafe   [244]  =>PUP.AppSafe
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1066]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1070]
~ Scheduled Task: 17 Legitimates Filtered in 00mn 08s



---\\ Software instalados (042)
O42 - Logiciel: Ares 2.2.8 - (.Seekar Ltd.) [HKLM] -- Ares
O42 - Logiciel: ContentExplorer - (.ContentExplorer.net.) [HKLM] -- ContentExplorer
~ Logic: 14 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\1stBrowser]
[HKCU\Software\Ares]
[HKCU\Software\Baidu Security]
[HKCU\Software\ContentExplorer]
[HKLM\Software\Baidu Security]
[HKLM\Software\Baidu_Drp_pos]
~ Key Software: 159 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/06/2014 - 16:12:03 - [] ----D C:\Program Files\Ares
O43 - CFD: 31/05/2014 - 19:27:20 - [] ----D C:\Program Files\Baidu Security
O43 - CFD: 31/05/2014 - 19:29:09 - [] ----D C:\ProgramData\Baidu Security
O43 - CFD: 31/05/2014 - 19:30:24 - [] ----D C:\Users\Vanessa\AppData\Roaming\Baidu Security
O43 - CFD: 31/05/2014 - 19:40:07 - [] ----D C:\Users\Vanessa\AppData\Roaming\ContentExplorer
O43 - CFD: 31/05/2014 - 19:41:21 - [] ----D C:\Users\Vanessa\AppData\Local\1stBrowserUninstall
O43 - CFD: 03/06/2014 - 16:12:11 - [] ----D C:\Users\Vanessa\AppData\Local\Ares
~ Program Folder: 127 Legitimates Filtered in 00mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/06/2014 - 02:22:20 ---A- . (...) -- C:\Windows\AsRunBar.txt   [0]
O44 - LFC:[MD5.B2882D6E82F50055279EBD9CC385B215] - 01/06/2014 - 02:22:20 ---A- . (...) -- C:\Windows\AsToolCDVer.txt   [31]
O44 - LFC:[MD5.F735CA9865575F95BEF73BD6D1C040A9] - 01/06/2014 - 02:31:16 ---A- . (...) -- C:\Windows\System32\Drivers\RTAIODAT.DAT   [150996]
O44 - LFC:[MD5.7FD1956E221C3750E0532A48E8EDD305] - 01/06/2014 - 02:32:48 ---A- . (.No owner - About Page.) -- C:\Windows\System32\RtNicProp32.dll   [80416]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 01/06/2014 - 19:30:45 ---A- . (...) -- C:\Windows\System32\ieuinit.inf   [16284]
O44 - LFC:[MD5.4D6C6E0505A8E5A0656DCB223497D37C] - 01/06/2014 - 21:07:01 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys   [24184]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 01/06/2014 - 22:36:04 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll   [536576]
O44 - LFC:[MD5.46FB1219B751CD2E17E96ACE4FF52E15] - 03/06/2014 - 15:14:57 ---A- . (...) -- C:\Windows\System32\AutoRunFilter.ini   [1784]
O44 - LFC:[MD5.A6799D0F42122C0D1E28655C10DB2707] - 03/06/2014 - 18:01:52 ---A- . (...) -- C:\AVScanner.ini   [30]
O44 - LFC:[MD5.EADC31F2244A9B67EAB9D62A74A9CDF3] - 03/06/2014 - 20:11:22 ---A- . (...) -- C:\Windows\System32\ServiceFilter.ini   [1563]
O44 - LFC:[MD5.08C26168D0103E6FCEC7898F4AC1F004] - 06/06/2014 - 21:17:58 ---A- . (...) -- C:\zoek-results2014-06-07-001758.log   [20064]
O44 - LFC:[MD5.EB74BA482FEA668A40E9FAD1EEF9BBE8] - 06/06/2014 - 21:54:41 ---A- . (...) -- C:\zoek-results2014-06-07-005441.log   [18218]
O44 - LFC:[MD5.F71912F2948EE3E70D1F3F73BBD92CF9] - 07/06/2014 - 00:05:15 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [148042]
O44 - LFC:[MD5.D7EB859E82784A6AAFC10D6C3BAC8C55] - 07/06/2014 - 00:05:15 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [706460]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 07/06/2014 - 20:41:39 ---A- . (...) -- C:\Windows\zoek-delete.exe   [24064]
O44 - LFC:[MD5.6BCAF46E2B7FA9ACE92B4D39F3037C5C] - 07/06/2014 - 21:12:50 ---A- . (...) -- C:\Windows\System32\acovcnt.exe   [45056]
O44 - LFC:[MD5.3378121CD9C48BCED66D2FB0A32B466C] - 07/06/2014 - 21:12:57 ---A- . (...) -- C:\zoek-results.log   [18327]
O44 - LFC:[MD5.8A18A6FA701419BCE2498DAEEEE1E2D5] - 31/05/2014 - 09:35:20 ---A- . (...) -- C:\Windows\System32\Defrag.ini   [80]
O44 - LFC:[MD5.CA70DBD97CE6C95F18A23D80EA72E673] - 31/05/2014 - 13:21:27 ---A- . (...) -- C:\BurnHelp.txt   [102]
O44 - LFC:[MD5.BE125797A510CD7E9E77D0D79CB989EF] - 31/05/2014 - 19:29:21 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys   [47456]
O44 - LFC:[MD5.8CDA2CDD172AAEEF83FB5CF46EE5D90F] - 31/05/2014 - 21:36:41 ---A- . (...) -- C:\Windows\System32\athrext.cat   [53914]
O44 - LFC:[MD5.A6ADD146A46143F508FC021227A07A35] - 31/05/2014 - 21:36:41 ---A- . (...) -- C:\Windows\System32\netathr.inf   [329017]
O44 - LFC:[MD5.2C63645F206122DE42BC73BB337CD225] - 31/05/2014 - 21:38:15 ---A- . (...) -- C:\Windows\System32\atiapfxx.blb   [219112]
O44 - LFC:[MD5.0E2A6EBBCC5ED9E852934359EE1A9103] - 31/05/2014 - 21:38:15 ---A- . (...) -- C:\Windows\System32\atiicdxx.dat   [608507]
O44 - LFC:[MD5.64A0869F18560CD529120ADE00155C3E] - 31/05/2014 - 21:38:16 ---A- . (...) -- C:\Windows\System32\atipblag.dat   [3917]
O44 - LFC:[MD5.6A7A1160F6E677AF27E33DCB133F0C93] - 31/05/2014 - 21:38:16 ---A- . (...) -- C:\Windows\System32\atiumdva.cap   [2097056]
O44 - LFC:[MD5.192D37601A9C31999FA5B69B4398FBB0] - 31/05/2014 - 21:38:16 ---A- . (...) -- C:\Windows\System32\ativvsva.dat   [157152]
O44 - LFC:[MD5.8E4F8390AB050975FCA31A5D638E016B] - 31/05/2014 - 21:38:16 ---A- . (...) -- C:\Windows\System32\ativvsvl.dat   [204960]
O44 - LFC:[MD5.AC08DA52E8D6F00FE07543B875C193D1] - 31/05/2014 - 21:38:16 ---A- . (...) -- C:\Windows\atiogl.xml   [36338]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 31/05/2014 - 21:42:42 ---A- . (...) -- C:\Windows\ativpsrm.bin   [0]
O44 - LFC:[MD5.15EE685FB3C75B74B64EDE541BAE3E1F] - 31/05/2014 - 21:45:04 ---A- . (...) -- C:\Windows\System32\wimfltr.inf   [3116]
O44 - LFC:[MD5.7574F6C8435D938D76BDFE3265D7CEDD] - 31/05/2014 - 21:47:01 ---A- . (...) -- C:\Windows\System32\BootTime.ini   [15]
O44 - LFC:[MD5.52381FDE432424AD640A0CADD6ECF35D] - 31/05/2014 - 21:47:01 ---A- . (...) -- C:\Windows\System32\RemoveFont.ini   [52]
O44 - LFC:[MD5.E4787D99FC0EDD5B8842478A56BB835A] - 31/05/2014 - 21:47:12 ---A- . (.ScreenTime Media - ScreenTime Screensaver Engine.) -- C:\Windows\System32\ASUS_Screensaver.scr   [520192]
O44 - LFC:[MD5.B54D24F465E1B66CAE29602E5B5613E1] - 31/05/2014 - 21:50:08 ---A- . (...) -- C:\Windows\AsChkDev.txt   [64050]
~ Files: 472 Legitimates Filtered in 00mn 21s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:01/06/2014 - 21:07:01 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys   [24184]  =>.ALWIL Software
O58 - SDL:01/06/2014 - 21:07:01 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys   [49944]  =>.ALWIL Software
O58 - SDL:01/06/2014 - 21:07:01 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys   [180632]  =>.ALWIL Software
O58 - SDL:11/03/2014 - 00:14:02 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys   [47456]
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [453712]
O58 - SDL:31/12/2010 - 07:30:32 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys   [116008]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [26624]
O58 - SDL:20/07/2009 - 06:29:40 ---A- . (.No owner - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys   [13880]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [21072]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]
~ Drivers: 90 Legitimates Filtered in 00mn 04s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 22/03/2012 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag)  .(.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 01/06/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 11/03/2014 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase)  .(.Baidu, Inc. - Baidu Antivirus Hook Base.) - LEGACY_BHBASE
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 134 Legitimates Filtered in 00mn 01s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <1stBrowser.EC7VJY6JTOCNNPJU7SRZPA3E7A> <FirstBrowser>[HKLM\..\Shell\open\Command] (...) -- C:\Users\Vanessa\AppData\Local\1stBrowser\Application\1stbrowser.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {1DCB58D2-7A20-42A8-AB4E-2B18C8CD4315} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.4619DD43A31A4585527C7A27CA46BBDE] [SPRF][07/06/2014] (...) -- C:\Users\Vanessa\AppData\Roaming\sp_data.sys   [380]
~ Files: 1 Legitimates Filtered in 00mn 00s



---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.33492D075AAC7CE1D12E83843F5242C0] [WIS][01/06/2014] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\1b03ea.msi   [28672]  =>Toolbar.Google
[MD5.0E4185F75C1394897DB73CCC3368CA4B] [WIS][11/06/2012] (.Microsoft Corporation - Bing Bar.) -- C:\Windows\Installer\9b683.msi   [475136]  =>Toolbar.Bing
~ WIS: 2 Legitimates Filtered in 00mn 06s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASAPI32  =>Toolbar.Bing
HKLM\SOFTWARE\Microsoft\Tracing\googletoolbarinstaller_en_signed_RASAPI32  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\googletoolbarinstaller_en_signed_RASMANCS  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\VOPackage_RASAPI32  =>Adware.Downware
HKLM\SOFTWARE\Microsoft\Tracing\VOPackage_RASMANCS  =>Adware.Downware
~ BTK: 102 Legitimates Filtered in 00mn 00s



---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar)  =>Toolbar.Google
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper)  =>Toolbar.Google
[HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper)  =>Toolbar.Bing
~ BCK: 5417 Legitimates Filtered in 00mn 25s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 05/06/2014 257712 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 11/06/2012 193616 |  (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe  =>Toolbar.Bing
SS - | Auto 23/02/2012 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 23/02/2012 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 01/06/2014 194032 |  (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 03/04/2014 315008 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 08/05/2014 65432 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 25/01/2011 303744 |  (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 21/03/2012 163328 |  (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 22/03/2012 291840 |  (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 21/11/2011 80512 |  (ASLDRService) . (.ASUS.) - C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 21/11/2011 96896 |  (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 01/06/2014 50344 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 01/06/2014 109048 |  (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Demand 11/06/2012 240208 |  (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe  =>Toolbar.Bing
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 27s



---\\ Scâner Aditional (088)
Database Version : 13026 - (07/06/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 2
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 7

[HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32]   =>Toolbar.Bing
[HKLM\Software\Classes\IminentHTM.EC7VJY6JTOCNNPJU7SRZPA3E7A]   =>Adware.IMBooster
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F}   =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:AppSafe   =>PUP.AppSafe^
C:\Windows\Tasks\AppSafe.job   =>PUP.AppSafe^
C:\Windows\System32\Tasks\AppSafe   =>PUP.AppSafe^
C:\Windows\Installer\1b03ea.msi   =>Toolbar.Google^
C:\Windows\Installer\9b683.msi   =>Toolbar.Bing^
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar)   =>Toolbar.Google^
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper)   =>Toolbar.Google^
[HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper)   =>Toolbar.Bing^
~ Additionnel Scan: 212304 Items scanned in 01mn 37s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Google Chrome, Extensions (G2)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Internet Explorer, Proxy Management (R5)
~ AMI: 2 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.Proxy
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.Downware
[Você precisa estar registrado e conectado para ver este link.]  =>Adware.IMBooster
~ MSI: 3 link(s) detected in 00mn 00s



~ 1146 Legitimates filtered by white list
End of the scan (504 lines in 04mn 12s)(0)
avatar
VanessaUva
Membro
Membro

Mensagens : 62
Reputação : 0
Data de inscrição : 07/06/2014

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por Power Max em Sab 07 Jun 2014, 22:51

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

Escolhendo Programas que Iniciam com o PC

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
____________________________________________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Dom 08 Jun 2014, 00:25, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por VanessaUva em Sab 07 Jun 2014, 23:26

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Vanessa at 07/06/2014 23:21:57
High Elevated Privileges : OK
Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 15s)
Reparação de atalhos do navegador

========== Softwares ==========
AUSENTE Uninstall Process: c:\users\vanessa\appdata\roaming\contentexplorer\uninstall.exe

========== Estado dos serviços ==========
BHBASE Parado

========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ContentExplorer]
ELIMINÉ: HKCU\Software\1stBrowser
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\ContentExplorer
ELIMINÉ: HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Baidu_Drp_pos
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\VOPackage_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\VOPackage_RASMANCS
ELIMINÉ: HKLM\Software\Classes\IminentHTM.EC7VJY6JTOCNNPJU7SRZPA3E7A

========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Elementos dos dados do Registo ==========
ELIMINÉ: R1 Search Page =

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\users\vanessa\appdata\roaming\contentexplorer\contentexplorer.exe
ELIMINÉ: c:\windows\system32\drivers\bhbase.sys
ELIMINÉ Temporários windows (5) (19.839 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: AppSafe

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Outros ==========
NÃO-TRATADO _________________________________________________________________________


========== Recapitulativo ==========
9 : Chaves do Registo
6 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
4 : Ficheiros
1 : Softwares
1 : Estado dos serviços
1 : Tarefa planificada
1 : Restauração Sistema
1 : Outros


End of clean in 02mn 15s

========== Caminho do ficheiro do relatório ==========
C:\Users\Vanessa\AppData\Roaming\ZHP\ZHPFix[R1].txt - 07/06/2014 23:22:13 [2284]
avatar
VanessaUva
Membro
Membro

Mensagens : 62
Reputação : 0
Data de inscrição : 07/06/2014

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por Power Max em Sab 07 Jun 2014, 23:30

Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por VanessaUva em Sab 07 Jun 2014, 23:44

~ Relatório do ZHPDiag v2014.6.7.86 - Nicolas Coolman  (07/06/2014)
~ Iniciado por Vanessa (07/06/2014 23:36:00)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17107
GCIE: Google Chrome v35.0.1916.114 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Starter, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
avast! Premier v9.0.2018
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema
CCleaner v4.00

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader X
Java 7 Update 60

---\\ Informações sobre o sistema
~ Processor: x86 Family 20 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1643 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 386 GB (87%) free of 441 GB

---\\ Modo de conexão ao sistema
~ Computer Name: VANESSA-PC
~ User Name: Vanessa
~ All Users Names: Vanessa, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Vanessa\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Vanessa\AppData\Roaming\
~ %Desktop% : C:\Users\Vanessa\Desktop\
~ %Favorites% : C:\Users\Vanessa\Favorites\
~ %LocalAppData% : C:\Users\Vanessa\AppData\Local\
~ %StartMenu% : C:\Users\Vanessa\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 386 Go of 441 Go)
D: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 43 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.23/02/2012 - 08:46:43.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4E829EE073E046B0EB19B5FECB19B8C] - (.Microsoft Corporation - Internet Extensions para Win32.) (.01/06/2014 - 19:30:46.) -- C:\Windows\System32\wininet.dll [1789440]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.04/03/2014 - 06:17:02.) -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 09:21:26.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/09/2013 - 21:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 05:38:12.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 05:42:34.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 06:59:30.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.23/02/2012 - 08:49:19.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 05:39:46.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:18:22.) -- C:\Windows\system32\Drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 05:39:18.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.C37AEE5966EB5929E2051AC7409B5730] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.23/02/2012 - 08:41:11.) -- C:\Windows\system32\Drivers\volsnap.sys [246144]
~ Generic Processes:  Scanned in 00mn 02s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/3
~ Mes Favoris (My Favorites) : 1/8
~ Mon Bureau (My Desktop) : 1/6
~ Menu demarrer (Programs) : 1/22
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processos lançados
[MD5.D4A8B3FB5AB83A59785F31E8D581E418] - (.AMD - AMD External Events Service Module.) -- C:\Windows\system32\atiesrxx.exe   [163328] [PID.876]
[MD5.134ED6E453BC9865BDA781DFF8562C20] - (.AMD - AMD External Events Client Module.) -- C:\Windows\system32\atieclxx.exe   [404992] [PID.1256]
[MD5.96E9755560BD21DB05A1228A3BF06529] - (.ASUSTeK Computer Inc. - ASUS FastBoot.) -- C:\Windows\system32\FBAgent.exe   [303744] [PID.1496]
[MD5.A3626C6D3F2DC95497F3F61842D7FD89] - (.ASUS - ASLDR Service.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe   [80512] [PID.1524]
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe   [96896] [PID.1600]
[MD5.37D17AE2936867F88EB3C4CBCBC6B8A1] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [50344] [PID.1632]
[MD5.55FF0FFE359702D2E2B99DF5CBB3DD06] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe   [109048] [PID.1992]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe   [65432] [PID.1324]
[MD5.41363F48254A202F1F71131EC3B5F00E] - (.Advanced Micro Devices, Inc. - AMD Fuel Service.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe   [291840] [PID.1788]
[MD5.19D34534176E62F35DDB7DC7B7FF2A87] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe   [207528] [PID.2348]
[MD5.1AEBDC693C74EA55FE05D51FA6573EBC] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe   [523944] [PID.2540]
[MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe   [822504] [PID.2780]
[MD5.20DDC9CED8BC8390138F3187E0FF7411] - (.ASUSTek Computer Inc. - HControl.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe   [174720] [PID.3268]
[MD5.645B944C1FE69A4714DBD60B97114EAD] - (.ASUS - Power4Gear Hybrid.) -- C:\Program Files\ASUS\P4G\BatteryLife.exe   [889264] [PID.3536]
[MD5.64A7C84C0A8C79B22033F92D43919062] - (.ASUS - ACMON.) -- C:\Program Files\ASUS\Splendid\ACMON.exe   [102568] [PID.3564]
[MD5.98CADC34741738CFC24F5CDFDAA408FA] - (.ASUSTeK - ACEngSvr Module.) -- C:\Windows\System32\ACEngSvr.exe   [162456] [PID.3664]
[MD5.6B3BA5BB455D7A4FD16B697B8F73858F] - (.ASUSTek Computer Inc. - ASUS FaceLogon Application.) -- C:\Program Files\ASUS\FaceLogon\sensorsrv.exe   [473728] [PID.3728]
[MD5.D9AB754613208112B840C75B6762B909] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe   [322176] [PID.3756]
[MD5.D5E4E7A2E8CC651ED737B4CF9515D225] - (.ASUSTeK Computer Inc. - ASUS Live Update.) -- C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe   [1556128] [PID.3784]
[MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe   [3058304] [PID.3812]
[MD5.1A536B01E64D26BED151C9BFA3EDCEB2] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe   [11430504] [PID.4032]
[MD5.127AF02665034C7EC6C5BCA8ADBA964D] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe   [1571432] [PID.3600]
[MD5.7EE22E13DEC8A6D18F4643C1EA34B0F0] - (.Virage Logic Corporation / Sonic Focus - ASUS_MATray.exe.) -- C:\Program Files\ASUS\ASUS Sonic Focus\SonicFocusTray.exe   [984400] [PID.3212]
[MD5.C73B4E2F38CB43770845165FA5D1CCF6] - (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe   [1812264] [PID.3204]
[MD5.BC31B27061F27E8968CD0435C038F712] - (.ASUS - ATK Media.) -- C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe   [174720] [PID.3720]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe   [105016] [PID.3964]
[MD5.B9BF29CC884BDD499803C3ED1F97FA41] - (.ASUSTeK Computer Inc. - A program that manage wireless devices in s.) -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe   [2321072] [PID.3908]
[MD5.5CA0EB9538C6ACEBDC3593FC53527B9D] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe   [3890208] [PID.3464]
[MD5.EDAD4A8A1D46AFCF9E76B996D55116EB] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [256896] [PID.2408]
[MD5.77B12692A434D2CAE7A7F623708E535D] - (.ContentExplorer - ContentExplorer.) -- C:\Users\Vanessa\AppData\Roaming\ContentExplorer\ContentExplorer.exe   [1063664] [PID.4024]
[MD5.02E572027CE8A839A4A2CFA496761C76] - (.ELAN Microelectronics Corp. - ETD Control Center Helper.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe   [1602344] [PID.1532]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe   [2488888] [PID.4504]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe   [113208] [PID.4572]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe   [174648] [PID.4584]
[MD5.E56F39F6B7FDA0AC77A79B0FD3DE1A2F] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe   [42856] [PID.5448]
[MD5.103EB6A11590470DAF516D65718263C9] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [8065536] [PID.5540]
[MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Serviço da Plataforma de Proteção de Softwa.) -- C:\Windows\system32\sppsvc.exe   [3179520] [PID.5612]
~ Processes Running:  Scanned in 00mn 04s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Vanessa\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 13 Legitimates Filtered in 00mn 04s



---\\ Internet Explorer, Arranque, Pesquisa, URLSearchHook( gancho de URL), Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 10 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>  =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:54652;https=127.0.0.1:54652   =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management:  Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll  =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã
~ Toolbar:  Scanned in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
~ Application:  Scanned in 00mn 00s



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{09D8348D-03C1-40B8-B55D-0B25543C9965}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{D96E37D9-C1F1-4220-9C7E-181774B81F82}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{09D8348D-03C1-40B8-B55D-0B25543C9965}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{D96E37D9-C1F1-4220-9C7E-181774B81F82}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{09D8348D-03C1-40B8-B55D-0B25543C9965}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{D96E37D9-C1F1-4220-9C7E-181774B81F82}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [902]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1066]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1070]
~ Scheduled Task: 15 Legitimates Filtered in 00mn 06s



---\\ Software instalados (042)
O42 - Logiciel: Ares 2.2.8 - (.Seekar Ltd.) [HKLM] -- Ares
~ Logic: 13 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ares]
~ Key Software: 152 Legitimates Filtered in 00mn 01s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/06/2014 - 16:12:03 - [] ----D C:\Program Files\Ares
O43 - CFD: 07/06/2014 - 23:21:53 - [] ----D C:\Users\Vanessa\AppData\Roaming\ContentExplorer
O43 - CFD: 03/06/2014 - 16:12:11 - [] ----D C:\Users\Vanessa\AppData\Local\Ares
~ Program Folder: 123 Legitimates Filtered in 00mn 01s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/06/2014 - 02:22:20 ---A- . (...) -- C:\Windows\AsRunBar.txt   [0]
O44 - LFC:[MD5.B2882D6E82F50055279EBD9CC385B215] - 01/06/2014 - 02:22:20 ---A- . (...) -- C:\Windows\AsToolCDVer.txt   [31]
O44 - LFC:[MD5.F735CA9865575F95BEF73BD6D1C040A9] - 01/06/2014 - 02:31:16 ---A- . (...) -- C:\Windows\System32\Drivers\RTAIODAT.DAT   [150996]
O44 - LFC:[MD5.7FD1956E221C3750E0532A48E8EDD305] - 01/06/2014 - 02:32:48 ---A- . (.No owner - About Page.) -- C:\Windows\System32\RtNicProp32.dll   [80416]
O44 - LFC:[MD5.F862CD08F1AD4EE39BD506853F3C6103] - 01/06/2014 - 19:30:45 ---A- . (...) -- C:\Windows\System32\ieuinit.inf   [16284]
O44 - LFC:[MD5.4D6C6E0505A8E5A0656DCB223497D37C] - 01/06/2014 - 21:07:01 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys   [24184]
O44 - LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] - 01/06/2014 - 22:36:04 ---A- . (.SQLite Development Team - SQLite Dynamic Link Library (No TCL).) -- C:\Windows\System32\sqlite3.dll   [536576]
O44 - LFC:[MD5.46FB1219B751CD2E17E96ACE4FF52E15] - 03/06/2014 - 15:14:57 ---A- . (...) -- C:\Windows\System32\AutoRunFilter.ini   [1784]
O44 - LFC:[MD5.A6799D0F42122C0D1E28655C10DB2707] - 03/06/2014 - 18:01:52 ---A- . (...) -- C:\AVScanner.ini   [30]
O44 - LFC:[MD5.EADC31F2244A9B67EAB9D62A74A9CDF3] - 03/06/2014 - 20:11:22 ---A- . (...) -- C:\Windows\System32\ServiceFilter.ini   [1563]
O44 - LFC:[MD5.08C26168D0103E6FCEC7898F4AC1F004] - 06/06/2014 - 21:17:58 ---A- . (...) -- C:\zoek-results2014-06-07-001758.log   [20064]
O44 - LFC:[MD5.EB74BA482FEA668A40E9FAD1EEF9BBE8] - 06/06/2014 - 21:54:41 ---A- . (...) -- C:\zoek-results2014-06-07-005441.log   [18218]
O44 - LFC:[MD5.F71912F2948EE3E70D1F3F73BBD92CF9] - 07/06/2014 - 00:05:15 ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [148042]
O44 - LFC:[MD5.D7EB859E82784A6AAFC10D6C3BAC8C55] - 07/06/2014 - 00:05:15 ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [706460]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 07/06/2014 - 20:41:39 ---A- . (...) -- C:\Windows\zoek-delete.exe   [24064]
O44 - LFC:[MD5.6BCAF46E2B7FA9ACE92B4D39F3037C5C] - 07/06/2014 - 21:12:50 ---A- . (...) -- C:\Windows\System32\acovcnt.exe   [45056]
O44 - LFC:[MD5.3378121CD9C48BCED66D2FB0A32B466C] - 07/06/2014 - 21:12:57 ---A- . (...) -- C:\zoek-results.log   [18327]
O44 - LFC:[MD5.8A18A6FA701419BCE2498DAEEEE1E2D5] - 31/05/2014 - 09:35:20 ---A- . (...) -- C:\Windows\System32\Defrag.ini   [80]
O44 - LFC:[MD5.CA70DBD97CE6C95F18A23D80EA72E673] - 31/05/2014 - 13:21:27 ---A- . (...) -- C:\BurnHelp.txt   [102]
O44 - LFC:[MD5.8CDA2CDD172AAEEF83FB5CF46EE5D90F] - 31/05/2014 - 21:36:41 ---A- . (...) -- C:\Windows\System32\athrext.cat   [53914]
O44 - LFC:[MD5.A6ADD146A46143F508FC021227A07A35] - 31/05/2014 - 21:36:41 ---A- . (...) -- C:\Windows\System32\netathr.inf   [329017]
O44 - LFC:[MD5.2C63645F206122DE42BC73BB337CD225] - 31/05/2014 - 21:38:15 ---A- . (...) -- C:\Windows\System32\atiapfxx.blb   [219112]
O44 - LFC:[MD5.0E2A6EBBCC5ED9E852934359EE1A9103] - 31/05/2014 - 21:38:15 ---A- . (...) -- C:\Windows\System32\atiicdxx.dat   [608507]
O44 - LFC:[MD5.64A0869F18560CD529120ADE00155C3E] - 31/05/2014 - 21:38:16 ---A- . (...) -- C:\Windows\System32\atipblag.dat   [3917]
O44 - LFC:[MD5.6A7A1160F6E677AF27E33DCB133F0C93] - 31/05/2014 - 21:38:16 ---A- . (...) -- C:\Windows\System32\atiumdva.cap   [2097056]
O44 - LFC:[MD5.192D37601A9C31999FA5B69B4398FBB0] - 31/05/2014 - 21:38:16 ---A- . (...) -- C:\Windows\System32\ativvsva.dat   [157152]
O44 - LFC:[MD5.8E4F8390AB050975FCA31A5D638E016B] - 31/05/2014 - 21:38:16 ---A- . (...) -- C:\Windows\System32\ativvsvl.dat   [204960]
O44 - LFC:[MD5.AC08DA52E8D6F00FE07543B875C193D1] - 31/05/2014 - 21:38:16 ---A- . (...) -- C:\Windows\atiogl.xml   [36338]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 31/05/2014 - 21:42:42 ---A- . (...) -- C:\Windows\ativpsrm.bin   [0]
O44 - LFC:[MD5.15EE685FB3C75B74B64EDE541BAE3E1F] - 31/05/2014 - 21:45:04 ---A- . (...) -- C:\Windows\System32\wimfltr.inf   [3116]
O44 - LFC:[MD5.7574F6C8435D938D76BDFE3265D7CEDD] - 31/05/2014 - 21:47:01 ---A- . (...) -- C:\Windows\System32\BootTime.ini   [15]
O44 - LFC:[MD5.52381FDE432424AD640A0CADD6ECF35D] - 31/05/2014 - 21:47:01 ---A- . (...) -- C:\Windows\System32\RemoveFont.ini   [52]
O44 - LFC:[MD5.E4787D99FC0EDD5B8842478A56BB835A] - 31/05/2014 - 21:47:12 ---A- . (.ScreenTime Media - ScreenTime Screensaver Engine.) -- C:\Windows\System32\ASUS_Screensaver.scr   [520192]
O44 - LFC:[MD5.B54D24F465E1B66CAE29602E5B5613E1] - 31/05/2014 - 21:50:08 ---A- . (...) -- C:\Windows\AsChkDev.txt   [64050]
~ Files: 468 Legitimates Filtered in 00mn 23s



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\ContentExplorer  [Key] . (.ContentExplorer - ContentExplorer.) -- C:\Users\Vanessa\AppData\Roaming\ContentExplorer\ContentExplorer.exe
~ SMSR Keys: 14 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:01/06/2014 - 21:07:01 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys   [24184]  =>.ALWIL Software
O58 - SDL:01/06/2014 - 21:07:01 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys   [49944]  =>.ALWIL Software
O58 - SDL:01/06/2014 - 21:07:01 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys   [180632]  =>.ALWIL Software
O58 - SDL:13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [453712]
O58 - SDL:31/12/2010 - 07:30:32 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys   [116008]
O58 - SDL:13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [26624]
O58 - SDL:20/07/2009 - 06:29:40 ---A- . (.No owner - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys   [13880]
O58 - SDL:13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [21072]
O58 - SDL:13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]
~ Drivers: 89 Legitimates Filtered in 00mn 04s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 22/03/2012 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag)  .(.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 01/06/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 18/04/1744 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase) .(...) - LEGACY_BHBASE
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 134 Legitimates Filtered in 00mn 01s



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <1stBrowser.EC7VJY6JTOCNNPJU7SRZPA3E7A> <FirstBrowser>[HKLM\..\Shell\open\Command] (...) -- C:\Users\Vanessa\AppData\Local\1stBrowser\Application\1stbrowser.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {1DCB58D2-7A20-42A8-AB4E-2B18C8CD4315} - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys:  Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.4619DD43A31A4585527C7A27CA46BBDE] [SPRF][07/06/2014] (...) -- C:\Users\Vanessa\AppData\Roaming\sp_data.sys   [380]
~ Files: 1 Legitimates Filtered in 00mn 00s



---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.33492D075AAC7CE1D12E83843F5242C0] [WIS][01/06/2014] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\1b03ea.msi   [28672]  =>Toolbar.Google
[MD5.0E4185F75C1394897DB73CCC3368CA4B] [WIS][11/06/2012] (.Microsoft Corporation - Bing Bar.) -- C:\Windows\Installer\9b683.msi   [475136]  =>Toolbar.Bing
~ WIS: 2 Legitimates Filtered in 00mn 06s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASAPI32  =>Toolbar.Bing
HKLM\SOFTWARE\Microsoft\Tracing\googletoolbarinstaller_en_signed_RASAPI32  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\googletoolbarinstaller_en_signed_RASMANCS  =>Toolbar.Google
HKLM\SOFTWARE\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32  =>Toolbar.Google
~ BTK: 100 Legitimates Filtered in 00mn 00s



---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar)  =>Toolbar.Google
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper)  =>Toolbar.Google
[HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper)  =>Toolbar.Bing
~ BCK: 5417 Legitimates Filtered in 00mn 24s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 05/06/2014 257712 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 11/06/2012 193616 |  (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe  =>Toolbar.Bing
SS - | Auto 23/02/2012 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 23/02/2012 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 01/06/2014 194032 |  (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 03/04/2014 315008 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 08/05/2014 65432 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 25/01/2011 303744 |  (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 21/03/2012 163328 |  (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 22/03/2012 291840 |  (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 21/11/2011 80512 |  (ASLDRService) . (.ASUS.) - C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 21/11/2011 96896 |  (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 01/06/2014 50344 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 01/06/2014 109048 |  (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Demand 11/06/2012 240208 |  (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe  =>Toolbar.Bing
SR - | Auto 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 27s



---\\ Scâner Aditional (088)
Database Version : 13026 - (07/06/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 5

[HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32]   =>Toolbar.Bing
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F}   =>Toolbar.Google^
C:\Windows\Installer\1b03ea.msi   =>Toolbar.Google^
C:\Windows\Installer\9b683.msi   =>Toolbar.Bing^
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar)   =>Toolbar.Google^
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper)   =>Toolbar.Google^
[HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper)   =>Toolbar.Bing^
~ Additionnel Scan: 212063 Items scanned in 01mn 34s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Google Chrome, Extensions (G2)
~ [Você precisa estar registrado e conectado para ver este link.]  =>.Internet Explorer, Proxy Management (R5)
~ AMI: 2 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.]  =>Hijacker.Proxy
~ MSI: 1 link(s) detected in 00mn 00s
avatar
VanessaUva
Membro
Membro

Mensagens : 62
Reputação : 0
Data de inscrição : 07/06/2014

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por Power Max em Sab 07 Jun 2014, 23:51

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta e nos diga como está o PC depois disto.


Última edição por Power Max em Dom 08 Jun 2014, 00:25, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por VanessaUva em Dom 08 Jun 2014, 00:03

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Vanessa at 08/06/2014 00:00:31
High Elevated Privileges : OK
Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 03s)
Reparação de atalhos do navegador

========== Estado dos serviços ==========
BHBASE Parado

========== Chaves do Registo ==========
ELIMINÉ:  StartupReg: ContentExplorer

========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Elementos dos dados do Registo ==========
ELIMINÉ: R1 Search Page =

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\users\vanessa\appdata\roaming\contentexplorer\contentexplorer.exe
ELIMINÉ Temporários windows (1) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Outros ==========
NÃO-TRATADO ___________________


========== Recapitulativo ==========
1 : Chaves do Registo
6 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
3 : Ficheiros
1 : Estado dos serviços
1 : Restauração Sistema
1 : Outros


End of clean in 59mn 17s

========== Caminho do ficheiro do relatório ==========
C:\Users\Vanessa\AppData\Roaming\ZHP\ZHPFix[R1].txt - 07/06/2014 23:22:13 [2366]
C:\Users\Vanessa\AppData\Roaming\ZHP\ZHPFix[R2].txt - 08/06/2014 00:00:35 [1589]
avatar
VanessaUva
Membro
Membro

Mensagens : 62
Reputação : 0
Data de inscrição : 07/06/2014

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por Power Max em Dom 08 Jun 2014, 00:05

Reinicie o PC para que o ZHP complete a limpeza dos problemas e depois disto nos diga como está o PC.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por VanessaUva em Dom 08 Jun 2014, 00:21

Obrigada ! A mensagem Ce_Umrella desapareceu.
avatar
VanessaUva
Membro
Membro

Mensagens : 62
Reputação : 0
Data de inscrição : 07/06/2014

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por Power Max em Dom 08 Jun 2014, 00:24

isso aí! Fico feliz que o problema tenha sido resolvido.

Só para finalizar siga estes tutoriais abaixo, por gentileza:

Tutorial do Malwarebytes Anti-Malware

Excluindo erros e otimizando seu PC com o CCleaner

Elimine arquivos inúteis de seu PC com o PureRa
_______________________________________________________________________________________________________________________

Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas deste tutorial.
_______________________________________________________________________________________________________________________

Foi um prazer ajudar. Conte sempre conosco!

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por VanessaUva em Dom 08 Jun 2014, 00:29

 cheers Obrigada!!
avatar
VanessaUva
Membro
Membro

Mensagens : 62
Reputação : 0
Data de inscrição : 07/06/2014

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por Danii em Dom 08 Jun 2014, 10:18

CASO RESOLVIDO

Caso a autora do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da Equipe da Moderação solicitando o desbloqueio.
avatar
Danii
Membro Pleno
Membro Pleno

Mensagens : 562
Reputação : 77
Data de inscrição : 04/04/2014
Localização : Brasil

Voltar ao Topo Ir em baixo

Re: Deletar CE_UmbrellaCert

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum