Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.

Implementa recursos de segurança e limpeza ao computador!

Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14810 usuários registrados
O último membro registrado é Josevinil

Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Últimos assuntos
» Problema no disco rígido do Windows 11
por joram Seg 01 Abr 2024, 06:35

Quem está conectado?
11 usuários online :: 0 registrados, 0 invisíveis e 11 visitantes

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 

Rechercher Pesquisa avançada

Top dos mais postadores
Power Max
CE_UmbrellaCert como remove-lo ? Vote_lcapCE_UmbrellaCert como remove-lo ? Voting_barCE_UmbrellaCert como remove-lo ? Vote_rcap 
joram
CE_UmbrellaCert como remove-lo ? Vote_lcapCE_UmbrellaCert como remove-lo ? Voting_barCE_UmbrellaCert como remove-lo ? Vote_rcap 
Wings [In Memoriam]
CE_UmbrellaCert como remove-lo ? Vote_lcapCE_UmbrellaCert como remove-lo ? Voting_barCE_UmbrellaCert como remove-lo ? Vote_rcap 
caedurodrigues
CE_UmbrellaCert como remove-lo ? Vote_lcapCE_UmbrellaCert como remove-lo ? Voting_barCE_UmbrellaCert como remove-lo ? Vote_rcap 
Amigo Brasileiro
CE_UmbrellaCert como remove-lo ? Vote_lcapCE_UmbrellaCert como remove-lo ? Voting_barCE_UmbrellaCert como remove-lo ? Vote_rcap 
luizvilarinho
CE_UmbrellaCert como remove-lo ? Vote_lcapCE_UmbrellaCert como remove-lo ? Voting_barCE_UmbrellaCert como remove-lo ? Vote_rcap 
Danii
CE_UmbrellaCert como remove-lo ? Vote_lcapCE_UmbrellaCert como remove-lo ? Voting_barCE_UmbrellaCert como remove-lo ? Vote_rcap 
Admin
CE_UmbrellaCert como remove-lo ? Vote_lcapCE_UmbrellaCert como remove-lo ? Voting_barCE_UmbrellaCert como remove-lo ? Vote_rcap 
Danilo Marsaro
CE_UmbrellaCert como remove-lo ? Vote_lcapCE_UmbrellaCert como remove-lo ? Voting_barCE_UmbrellaCert como remove-lo ? Vote_rcap 
Andreata
CE_UmbrellaCert como remove-lo ? Vote_lcapCE_UmbrellaCert como remove-lo ? Voting_barCE_UmbrellaCert como remove-lo ? Vote_rcap 

maio 2024
SegTerQuaQuiSexSábDom
  12345
6789101112
13141516171819
20212223242526
2728293031  

Calendário Calendário

Palavras-chaves

placa  impressora  2015  2025  video  vídeos  popup  deletar  SISPNCD  flash  instalação  game  virus  2013  mcafee  windows  PARA  teclado  excluir  desinstalar  player  áudio  SOFTWARE  adobe  pessoas  notebook  


CE_UmbrellaCert como remove-lo ?

3 participantes

Fórum PC Brasil :: Segurança da Informação :: Casos Resolvidos

Página 1 de 2 1, 2  Seguinte

Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty CE_UmbrellaCert como remove-lo ?

Mensagem por speed2050 Ter 03 Jun 2014, 17:06

Boa tarde meu nome é rodrigo e estou com o problema do CE_UmbrellaCert ,
se me lembro bem foi um dia após eu instalar o Coreldraw x6 no site The Pirate Bay ,  
Eu vi varios casos do " CE_UmbrellaCert" e baixei o Adwcleaner como vi no seu topico ajudando outros membros
com o mesmo problema . e fiz um scan rapido (examinar) e cliquei em limpar , log :
em seguida parei na pagina do zoek , Estou com medo de perder algum arquivo importante , ou alguma coisa
que faça meu windows parar de funcionar , pois esse meu computador é novinho e trabalha com o windows original então eu vim aqui pedir ajuda pra vocês   tongue  espero que possam me ajudar desde já obrigado !
speed2050
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max Ter 03 Jun 2014, 17:08

Olá Rodrigo.

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que está em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty (RESOLVIDO) Tamanho

Mensagem por speed2050 Ter 03 Jun 2014, 17:12

O log é tão grande que eu não consigui anexar , é de 9 mb o anexo :c
speed2050
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty (RESOLVIDO) Part1

Mensagem por speed2050 Ter 03 Jun 2014, 17:19

[#] Serviço Deletada : DefaultTabSearch
[#] Serviço Deletada : FastFreeConverterUpdt
Serviço Deletada : Yontoo Desktop Updater

***** [ Arquivos / Pastas ] *****

[!] Pasta Deletada : C:\ProgramData\Ask
[!] Pasta Deletada : C:\ProgramData\Babylon
[!] Pasta Deletada : C:\ProgramData\Free Ride Games
[!] Pasta Deletada : C:\ProgramData\QuickSet
[!] Pasta Deletada : C:\ProgramData\SuperbApp
[!] Pasta Deletada : C:\ProgramData\Tarma Installer
[!] Pasta Deletada : C:\ProgramData\Trymedia
[!] Pasta Deletada : C:\ProgramData\VisualBee
[!] Pasta Deletada : C:\ProgramData\WeCareReminder
[!] Pasta Deletada : C:\ProgramData\WinFilter
[!] Pasta Deletada : C:\ProgramData\COupExteonsion
[!] Pasta Deletada : C:\ProgramData\RRemoveTheADApp
[!] Pasta Deletada : C:\ProgramData\SearchNewTab
[!] Pasta Deletada : C:\ProgramData\ssurf and  keuep
[!] Pasta Deletada : C:\ProgramData\surf and keEp
[!] Pasta Deletada : C:\ProgramData\surf and kuEEp
[!] Pasta Deletada : C:\ProgramData\YoutubeAdblocker
[!] Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalMediaPlayer
[!] Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
[!] Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
[!] Pasta Deletada : C:\Program Files (x86)\Conduit
[!] Pasta Deletada : C:\Program Files (x86)\DefaultTab
[!] Pasta Deletada : C:\Program Files (x86)\Expat Shield
[!] Pasta Deletada : C:\Program Files (x86)\Fast Free Converter
[!] Pasta Deletada : C:\Program Files (x86)\File Type Helper
[!] Pasta Deletada : C:\Program Files (x86)\FinalMediaPlayer
[!] Pasta Deletada : C:\Program Files (x86)\Free Ride Games
[!] Pasta Deletada : C:\Program Files (x86)\orbitdownloader
[!] Pasta Deletada : C:\Program Files (x86)\RelevantKnowledge
[!] Pasta Deletada : C:\Program Files (x86)\Savings Sidekick
[!] Pasta Deletada : C:\Program Files (x86)\SweetIM
[!] Pasta Deletada : C:\Program Files (x86)\Wajam
[!] Pasta Deletada : C:\Program Files (x86)\WebSearch
[!] Pasta Deletada : C:\Program Files (x86)\Yontoo
[!] Pasta Deletada : C:\Program Files (x86)\SearchNewTab
[!] Pasta Deletada : C:\Program Files (x86)\ssurf and  keuep
[!] Pasta Deletada : C:\Program Files (x86)\surf and keEp
[!] Pasta Deletada : C:\Program Files (x86)\surf and kuEEp
[!] Pasta Deletada : C:\Program Files (x86)\YoutubeAdblocker
[!] Pasta Deletada : C:\Windows\SysWOW64\ARFC
[!] Pasta Deletada : C:\Windows\SysWOW64\jmdp
[!] Pasta Deletada : C:\Windows\SysWOW64\WNLT
[!] Pasta Deletada : C:\Program Files\003
[!] Pasta Deletada : C:\Program Files\SupraSavings
[!] Pasta Deletada : C:\Program Files\Updater By SweetPacks
[!] Pasta Deletada : C:\Windows\System32\ljkb
[!] Pasta Deletada : C:\Users\Public\Documents\baidu
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Conduit
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\DefineExt
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\FilesFrog Update Checker
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\FinalMediaPlayer
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\lollipop
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Savings Sidekick
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\TidyNetwork.com
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\VisualBeeClient
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\VisualBeeExe
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Wajam
[!] Pasta Deletada : C:\Users\User 1\AppData\LocalLow\Claro LTD
[!] Pasta Deletada : C:\Users\User 1\AppData\LocalLow\Conduit
[!] Pasta Deletada : C:\Users\User 1\AppData\LocalLow\Fast Free Converter
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\337
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\Babylon
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\baidu
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\DefaultTab
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\FinalMediaPlayer
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\Optimizer Pro
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\strongvault
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\Yontoo
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
[!] Pasta Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\Smartbar
[!] Pasta Deletada : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifoelmjeleeegmjmiibgpkecmccnnoa
[!] Pasta Deletada : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aekjbnlbnhnjhgmpfcdnigifiookfadm
Arquivo Deletada : C:\END
Arquivo Deletada : C:\Windows\System32\dmwu.exe
Arquivo Deletada : C:\Windows\System32\ImhxxpComm.dll
Arquivo Deletada : C:\Windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\User 1\AppData\Local\funmoods.crx
Arquivo Deletada : C:\Users\User 1\AppData\Local\funmoods-speeddial_sf.crx
Arquivo Deletada : C:\Users\User 1\AppData\LocalLow\SkwConfig.bin
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\invalidprefs.js
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\Askcom.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\Babylon.xml
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\funmoods.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\mixidj.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\MyStart Search.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\MyStart.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\search.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\SweetIm.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\Sweetpacks Search.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\WebSearch.xml
Arquivo Deletada : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\user.js
Arquivo Deletada : C:\Windows\System32\Tasks\Dealply
Arquivo Deletada : C:\Windows\System32\Tasks\VisualBeeRecovery

***** [ Atalhos ] *****


***** [ Registro ] *****

Valor Deletedo : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Valor Deletedo : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [lesstabs@lesstabs.com]
Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ippkomaaonokjnfjoikaemidanojkfmm
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\aekjbnlbnhnjhgmpfcdnigifiookfadm
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\aekjbnlbnhnjhgmpfcdnigifiookfadm
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Download by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Grab video by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Do&wnload selected by Orbit
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Down&load all by Orbit
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
Chave Deletedo : HKLM\SOFTWARE\Classes\and
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Chave Deletedo : HKLM\SOFTWARE\Classes\b
Chave Deletedo : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Chave Deletedo : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Chave Deletedo : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Chave Deletedo : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Chave Deletedo : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Chave Deletedo : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Chave Deletedo : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Chave Deletedo : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Chave Deletedo : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Chave Deletedo : HKLM\SOFTWARE\Classes\GameTreatWidget.GameTreatWidget
Chave Deletedo : HKLM\SOFTWARE\Classes\HssIE.HssIEApp
Chave Deletedo : HKLM\SOFTWARE\Classes\HssIE.HssIEApp.1
Chave Deletedo : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Chave Deletedo : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Classes\S
Chave Deletedo : HKLM\SOFTWARE\Classes\SearchNewTab.SearchNewTab
Chave Deletedo : HKLM\SOFTWARE\Classes\SearchNewTab.SearchNewTab.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\speedupmypc
Chave Deletedo : HKLM\SOFTWARE\Classes\surf
Chave Deletedo : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Chave Deletedo : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Chave Deletedo : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Chave Deletedo : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Chave Deletedo : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Chave Deletedo : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Chave Deletedo : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Chave Deletedo : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Chave Deletedo : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\strongvaultapp_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\strongvaultapp_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Chave Deletedo : HKLM\SOFTWARE\Classes\RemoveeTTheAdApp.RemoveeTTheAdApp
Chave Deletedo : HKLM\SOFTWARE\Classes\RemoveeTTheAdApp.RemoveeTTheAdApp.3.5
Chave Deletedo : HKLM\SOFTWARE\Classes\YoutubeAdblocker.YoutubeAdblocker
Chave Deletedo : HKLM\SOFTWARE\Classes\YoutubeAdblocker.YoutubeAdblocker.1.0
Chave Deletedo : HKLM\SOFTWARE\Classes\CCoupExtensiono.CCoupExtensiono
Chave Deletedo : HKLM\SOFTWARE\Classes\CCoupExtensiono.CCoupExtensiono.1.3
Chave Deletedo : HKCU\Software\a53d88fb53ced42
Chave Deletedo : HKLM\SOFTWARE\a53d88fb53ced42
Chave Deletedo : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-161304646
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{1a34a8e0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{3e661da}
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO.1
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT2851643
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT3184310
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT3223702
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_dj-mixer_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_dj-mixer_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_euro-truck-simulator_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_euro-truck-simulator_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_european-bus-simulator (1)_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_european-bus-simulator (1)_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_european-bus-simulator_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_european-bus-simulator_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_flightgear_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_flightgear_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_kaspersky-virus-removal-tool_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_kaspersky-virus-removal-tool_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_responding-heads_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_responding-heads_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_scania-truck-driving-simulator_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_scania-truck-driving-simulator_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_sonic-fan-remix_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_sonic-fan-remix_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_trucks-and-trailers_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_trucks-and-trailers_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3F1D494B-0CEF-4468-96C9-386E2E4DEC90}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7854F00C-DC77-477E-A10E-603F48442D3B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1C4CA929-4CFB-4C37-D9CC-AB433C4C10E1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5005715A-6633-E7CD-47E1-38D05CB470FC}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9C38C1C8-8C0D-C15A-7C78-9141CB5D2439}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{9CEEA65D-26C6-4C81-EE17-93D4BB956F11}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B97022D3-C6F7-E6ED-2385-3F90A46702B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D547F6CD-92C5-1C7D-A576-AC46174A8F40}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D92092F4-CF9E-453E-EB7B-8C67C16422AA}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E9A110C2-6ED5-1217-DDB6-0E92FFF05118}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{18E62C02-0849-44B7-9616-3B2EA01E9E05}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{103DFC4E-147A-5606-9B4E-1C216DF227A1}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A0880527-DC28-4EBB-BA27-D22102F22A9F}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{BCDDE143-FAE3-4C57-B22B-C4E8678CFDC0}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{F5A29F21-B121-48A0-A317-737AF8BB106A}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044504460}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7736C7FA-512D-11E2-B871-DEC36088709B}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C4CA929-4CFB-4C37-D9CC-AB433C4C10E1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5005715A-6633-E7CD-47E1-38D05CB470FC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9C38C1C8-8C0D-C15A-7C78-9141CB5D2439}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CEEA65D-26C6-4C81-EE17-93D4BB956F11}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B97022D3-C6F7-E6ED-2385-3F90A46702B0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D547F6CD-92C5-1C7D-A576-AC46174A8F40}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D92092F4-CF9E-453E-EB7B-8C67C16422AA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E9A110C2-6ED5-1217-DDB6-0E92FFF05118}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18E62C02-0849-44B7-9616-3B2EA01E9E05}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F5580E24-8416-4DFD-90B3-078D4EDF4FCB}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1C4CA929-4CFB-4C37-D9CC-AB433C4C10E1}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5005715A-6633-E7CD-47E1-38D05CB470FC}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9C38C1C8-8C0D-C15A-7C78-9141CB5D2439}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CEEA65D-26C6-4C81-EE17-93D4BB956F11}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B97022D3-C6F7-E6ED-2385-3F90A46702B0}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D547F6CD-92C5-1C7D-A576-AC46174A8F40}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D92092F4-CF9E-453E-EB7B-8C67C16422AA}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E9A110C2-6ED5-1217-DDB6-0E92FFF05118}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18E62C02-0849-44B7-9616-3B2EA01E9E05}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1C4CA929-4CFB-4C37-D9CC-AB433C4C10E1}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5005715A-6633-E7CD-47E1-38D05CB470FC}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9C38C1C8-8C0D-C15A-7C78-9141CB5D2439}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9CEEA65D-26C6-4C81-EE17-93D4BB956F11}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B97022D3-C6F7-E6ED-2385-3F90A46702B0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D547F6CD-92C5-1C7D-A576-AC46174A8F40}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D92092F4-CF9E-453E-EB7B-8C67C16422AA}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E9A110C2-6ED5-1217-DDB6-0E92FFF05118}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C1E5833-4F98-46A3-BEF0-4071B802C18A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{997746D6-BD9E-4D1F-B0D7-B54CF27E3287}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{18E62C02-0849-44B7-9616-3B2EA01E9E05}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{18E62C02-0849-44B7-9616-3B2EA01E9E05}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{18E62C02-0849-44B7-9616-3B2EA01E9E05}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{1C4CA929-4CFB-4C37-D9CC-AB433C4C10E1}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{5005715A-6633-E7CD-47E1-38D05CB470FC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C38C1C8-8C0D-C15A-7C78-9141CB5D2439}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{9CEEA65D-26C6-4C81-EE17-93D4BB956F11}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{B97022D3-C6F7-E6ED-2385-3F90A46702B0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{D547F6CD-92C5-1C7D-A576-AC46174A8F40}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{D92092F4-CF9E-453E-EB7B-8C67C16422AA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{E9A110C2-6ED5-1217-DDB6-0E92FFF05118}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE}
Valor Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Orbitdownloader\orbitdm.exe]
Valor Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\Orbitdownloader\orbitnet.exe]
Valor Deletedo : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
speed2050
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty (RESOLVIDO) Part2

Mensagem por speed2050 Ter 03 Jun 2014, 17:20

chave Deletedo : HKCU\Software\BabSolution
Chave Deletedo : HKCU\Software\BabylonToolbar
Chave Deletedo : HKCU\Software\BI
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\Cr_Installer
Chave Deletedo : HKCU\Software\DataMngr
[#] Chave Deletedo : HKCU\Software\DataMngr_Toolbar
Chave Deletedo : HKCU\Software\Default Tab
Chave Deletedo : HKCU\Software\DefaultTab
Chave Deletedo : HKCU\Software\Delta
Chave Deletedo : HKCU\Software\IM
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\ImInstaller
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\installedbrowserextensions
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\Optimizer Pro
Chave Deletedo : HKCU\Software\Orbit
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\Somoto
Chave Deletedo : HKCU\Software\visualbee
Chave Deletedo : HKCU\Software\Wajam
Chave Deletedo : HKCU\Software\wecarereminder
Chave Deletedo : HKCU\Software\WNLT
Chave Deletedo : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKCU\Software\AppDataLow\Software
Chave Deletedo : HKCU\Software\AppDataLow\SProtector
Chave Deletedo : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Chave Deletedo : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Chave Deletedo : HKLM\Software\Babylon
Chave Deletedo : HKLM\Software\BabylonToolbar
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\Default Tab
Chave Deletedo : HKLM\Software\DefaultTab
Chave Deletedo : HKLM\Software\Delta
Chave Deletedo : HKLM\Software\Fast Free Converter
Chave Deletedo : HKLM\Software\Freeze.com
Chave Deletedo : HKLM\Software\hdcode
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\InfoAtoms
Chave Deletedo : HKLM\Software\Orbit
Chave Deletedo : HKLM\Software\SP Global
Chave Deletedo : HKLM\Software\SProtector
Chave Deletedo : HKLM\Software\Trymedia Systems
Chave Deletedo : HKLM\Software\Uniblue
Chave Deletedo : HKLM\Software\Updater By Sweetpacks
Chave Deletedo : HKLM\Software\visualbee
Chave Deletedo : HKLM\Software\Wajam
Chave Deletedo : HKLM\Software\Funloadia_Entertainment
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fast Free Converter
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Chave Deletedo : [x64] HKLM\SOFTWARE\suprasavings
Chave Deletedo : [x64] HKLM\SOFTWARE\Tarma Installer
Chave Deletedo : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Chave Deletedo : [x64] HKLM\SOFTWARE\WNLT
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\suprasavings
Dados Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\winfil~1\winfil~1.dll
Dados Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\assist~1.dll
Dados Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\WINFIL~1\WINFIL~2.DLL
Dados Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\ASSIST~2.DLL
Chave Deletedo : HKLM\Software\Classes\Installer\Features\B01F3F08771A494439EC8990D0180939
Chave Deletedo : HKLM\Software\Classes\Installer\Products\B01F3F08771A494439EC8990D0180939

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.7600.16385

Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs]

-\\ Mozilla Firefox v12.0 (pt-BR)

[ Arquivo : C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\prefs.js ]

Linha deletada : user_pref("CT3223702.1000082.isPlayDisplay", "true");
Linha deletada : user_pref("CT3223702.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.asx\"}");
Linha deletada : user_pref("CT3223702.1000234.TWC_TMP_city", "CURITIBA");
Linha deletada : user_pref("CT3223702.1000234.TWC_TMP_country", "BR");
Linha deletada : user_pref("CT3223702.1000234.TWC_country", "BRAZIL");
Linha deletada : user_pref("CT3223702.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Linha deletada : user_pref("CT3223702.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Linha deletada : user_pref("CT3223702.FirstTime", "true");
Linha deletada : user_pref("CT3223702.FirstTimeFF3", "true");
Linha deletada : user_pref("CT3223702.PG_ENABLE", "dHJ1ZQ==");
Linha deletada : user_pref("CT3223702.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Linha deletada : user_pref("CT3223702.SF_STATUS.enc", "RU5BQkxFRA==");
Linha deletada : user_pref("CT3223702.SF_USER_ID.enc", "Y2lkXzI1MTAyMDEzMDU0MTg2MjM3NTkx");
Linha deletada : user_pref("CT3223702.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3223702&SearchSource=2&CUI=UN36851977571396854&UM=2&q=");
Linha deletada : user_pref("CT3223702.TopHitsConfig.enc", "ew0KICAgICJzcHJpdGVVcmwiOiAiaHR0cDovL2NhcDEuY29uZHVpdC1hcHBzLmNvbS9BcHBzL1RvcEhpdHNHZW5lcmljQXBwL2NvbmZpZ3MvVVMtVUstRGFuY2UtUm9jay1SYXAvc3ByaXRlLnBuZyIsDQogIC[...]
Linha deletada : user_pref("CT3223702.UserID", "UN36851977571396854");
Linha deletada : user_pref("CT3223702.addressBarTakeOverEnabledInHidden", "true");
Linha deletada : user_pref("CT3223702.cbfirsttime.enc", "RnJpIE9jdCAyNSAyMDEzIDAwOjU0OjMyIEdNVC0wMjAw");
Linha deletada : user_pref("CT3223702.countryCode", "BR");
Linha deletada : user_pref("CT3223702.embeddedsData", "[{\"appId\":\"10000002\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"instantAlert\":[...]
Linha deletada : user_pref("CT3223702.firstTimeDialogOpened", "true");
Linha deletada : user_pref("CT3223702.fixPageNotFoundErrorByUser", "TRUE");
Linha deletada : user_pref("CT3223702.fixPageNotFoundErrorInHidden", "true");
Linha deletada : user_pref("CT3223702.fixUrls", true);
Linha deletada : user_pref("CT3223702.fullUserID", "UN36851977571396854.IN.2013071222217");
Linha deletada : user_pref("CT3223702.isCheckedStartAsHidden", true);
Linha deletada : user_pref("CT3223702.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Linha deletada : user_pref("CT3223702.isFirstTimeToolbarLoading", "false");
Linha deletada : user_pref("CT3223702.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Linha deletada : user_pref("CT3223702.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Linha deletada : user_pref("CT3223702.keyword", true);
Linha deletada : user_pref("CT3223702.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3223702&octid=CT3223702&SearchSource=15&CUI=UN36851977571396854&SSPV=&Lay=1&UM=2\"}");
Linha deletada : user_pref("CT3223702.lastVersion", "10.16.70.505");
Linha deletada : user_pref("CT3223702.mam_gk_appStateReportTime.enc", "MTM4Mjc2NjQ2ODQ4Ng==");
Linha deletada : user_pref("CT3223702.mam_gk_appState_CouponBuddy.enc", "b24=");
Linha deletada : user_pref("CT3223702.mam_gk_appState_Easytobook.enc", "b24=");
Linha deletada : user_pref("CT3223702.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Linha deletada : user_pref("CT3223702.mam_gk_appState_PriceGong.enc", "b24=");
Linha deletada : user_pref("CT3223702.mam_gk_appState_WindowShopper.enc", "b24=");
Linha deletada : user_pref("CT3223702.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJ1cmwiOiJodHRwOi8vY29uZDAxLmV0YnhtbC5jb20vY29uZHVpdF9idW5kbGUvd2ViL2NoZWFwLmh0bWwiLCJzY3JpcHRVcmwiOm51bGws[...]
Linha deletada : user_pref("CT3223702.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Linha deletada : user_pref("CT3223702.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiIyZDk3NTAwZS0yYzY0LTRjOGUtOGJjOS1hMDBlM2IzZjU0YTIiLCJ[...]
Linha deletada : user_pref("CT3223702.mam_gk_currentVersion.enc", "MS4xMC40LjA=");
Linha deletada : user_pref("CT3223702.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
Linha deletada : user_pref("CT3223702.mam_gk_first_time.enc", "MQ==");
Linha deletada : user_pref("CT3223702.mam_gk_installer_preapproved.enc", "VFJVRQ==");
Linha deletada : user_pref("CT3223702.mam_gk_lastLoginTime.enc", "MTM4Mjc2NjQ2OTYzNg==");
Linha deletada : user_pref("CT3223702.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJQb2zDrXRpY2EgZGUgY29udGXDumRvIn0sImdhZGdldERlc2NyaXB0aW9uUHJpbWFyeSI6eyJUZXh0IjoiVmFsdWUgQXBwcyBlbnJpcXVlY2Vt[...]
Linha deletada : user_pref("CT3223702.mam_gk_new_welcome_experience.enc", "MQ==");
Linha deletada : user_pref("CT3223702.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Linha deletada : user_pref("CT3223702.mam_gk_settings1.10.4.0.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxMzEwMjYiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6Ijk1XzAiLCJpc1Rlc3QiOnRydWUsIlVzZXJDb3VudHJ5[...]
Linha deletada : user_pref("CT3223702.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Linha deletada : user_pref("CT3223702.mam_gk_userId.enc", "ZWJjNTUwYmEtOTEwMS00ZjA0LWI1OTYtZjMxZDBjMzhhOTU3");
Linha deletada : user_pref("CT3223702.mam_gk_user_approval_interacted.enc", "MQ==");
Linha deletada : user_pref("CT3223702.mam_gk_welcomeDialogMode.enc", "MQ==");
Linha deletada : user_pref("CT3223702.migrateAppsAndComponents", true);
Linha deletada : user_pref("CT3223702.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2F%3Fctid%3DCT3223702%26octid%3DCT3223702%26SearchSource%3D15%26CUI%3DUN3[...]
Linha deletada : user_pref("CT3223702.originalHomepage", "hxxp://searchfunmoods.com/?f=1&a=pcmega1&chnl=pcmega1&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0CyE0C0C0AyCtBtCtDtCtAtN0D0Tzu0CtBzzzztN1L2XzutBtFtBtFtDtFtAyEyE&cr=14734581[...]
Linha deletada : user_pref("CT3223702.originalSearchAddressUrl", "chrome://defaulttab/content/keywordURL.xul?");
Linha deletada : user_pref("CT3223702.originalSearchEngine", "Google");
Linha deletada : user_pref("CT3223702.originalSearchEngineName", "Google");
Linha deletada : user_pref("CT3223702.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"EMAIL_NOTIFIER\\\",\\\"WEATHER\\\",\\\"BROWSER_COMPONENT\\\"]\"}");
Linha deletada : user_pref("CT3223702.revertSettingsEnabled", "false");
Linha deletada : user_pref("CT3223702.search.searchAppId", "10000002");
Linha deletada : user_pref("CT3223702.search.searchCount", "0");
Linha deletada : user_pref("CT3223702.searchFromAddressBarEnabledByUser", "true");
Linha deletada : user_pref("CT3223702.searchInNewTabEnabledByUser", "true");
Linha deletada : user_pref("CT3223702.searchInNewTabEnabledInHidden", "true");
Linha deletada : user_pref("CT3223702.searchSuggestEnabledByUser", "True");
Linha deletada : user_pref("CT3223702.searchUserMode", "2");
Linha deletada : user_pref("CT3223702.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Linha deletada : user_pref("CT3223702.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Linha deletada : user_pref("CT3223702.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Linha deletada : user_pref("CT3223702.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3223702\"}");
Linha deletada : user_pref("CT3223702.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://FunloadiaEntertainment.OurToolbar.com//xpi\"}");
Linha deletada : user_pref("CT3223702.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Funloadia Entertainment\"}");
Linha deletada : user_pref("CT3223702.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Linha deletada : user_pref("CT3223702.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Linha deletada : user_pref("CT3223702.serviceLayer_services_setupAPI_lastUpdate", "1382669645873");
Linha deletada : user_pref("CT3223702.settingsINI", true);
Linha deletada : user_pref("CT3223702.showToolbarPermission", "false");
Linha deletada : user_pref("CT3223702.smartbar.CTID", "CT3223702");
Linha deletada : user_pref("CT3223702.smartbar.Uninstall", "0");
Linha deletada : user_pref("CT3223702.smartbar.homepage", true);
Linha deletada : user_pref("CT3223702.smartbar.toolbarName", "Funloadia Entertainment ");
Linha deletada : user_pref("CT3223702.toolbarBornServerTime", "23-7-2013");
Linha deletada : user_pref("CT3223702.toolbarCurrentServerTime", "23-7-2013");
Linha deletada : user_pref("CT3223702.toolbarLoginClientTime", "Fri Oct 25 2013 00:54:06 GMT-0200");
Linha deletada : user_pref("CT3223702_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1382766460364,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Linha deletada : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?UM=2&ctid=CT3223702&SearchSource=13&CUI=UN36851977571396854");
Linha deletada : user_pref("Smartbar.ConduitSearchEngineList", "Funloadia Entertainment Customized Web Search");
Linha deletada : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3223702&SearchSource=2&CUI=UN36851977571396854&UM=2&q=");
Linha deletada : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "chrome://defaulttab/content/keywordURL.xul?");
Linha deletada : user_pref("Smartbar.keywordURLSelectedCTID", "CT3223702");
Linha deletada : user_pref("browser.startup.homepage", "hxxp://websearch.searchisbestmy.info/?pid=924&r=2013/11/18&hid=4703991600518884597&lg=EN&cc=BR&unqvl=41");
Linha deletada : user_pref("extensions.BabylonToolbar.admin", false);
Linha deletada : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Linha deletada : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Linha deletada : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Linha deletada : user_pref("extensions.BabylonToolbar.excTlbr", false);
Linha deletada : user_pref("extensions.BabylonToolbar.id", "ae6f1013000000000000c89cdc4cca62");
Linha deletada : user_pref("extensions.BabylonToolbar.instlDay", "15627");
Linha deletada : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Linha deletada : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Linha deletada : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Linha deletada : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Linha deletada : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=ae6f1013000000000000c89cdc4cca62&q=");
Linha deletada : user_pref("extensions.BabylonToolbar.vrsn", "1.8.0.7");
Linha deletada : user_pref("extensions.BabylonToolbar.vrsni", "1.8.0.7");
Linha deletada : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Linha deletada : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.0.710:32:03");
Linha deletada : user_pref("extensions.claro.admin", false);
Linha deletada : user_pref("extensions.claro.aflt", "babsst");
Linha deletada : user_pref("extensions.claro.dfltLng", "en");
Linha deletada : user_pref("extensions.claro.excTlbr", false);
Linha deletada : user_pref("extensions.claro.id", "ae6f1013000000000000c89cdc4cca62");
Linha deletada : user_pref("extensions.claro.instlDay", "15625");
Linha deletada : user_pref("extensions.claro.instlRef", "sst");
Linha deletada : user_pref("extensions.claro.prdct", "claro");
Linha deletada : user_pref("extensions.claro.prtnrId", "claro");
Linha deletada : user_pref("extensions.claro.tlbrId", "claro");
Linha deletada : user_pref("extensions.claro.vrsn", "1.6.4.1");
Linha deletada : user_pref("extensions.claro.vrsni", "1.6.4.1");
Linha deletada : user_pref("extensions.claro_i.smplGrp", "none");
Linha deletada : user_pref("extensions.claro_i.vrsnTs", "1.6.4.122:58:57");
Linha deletada : user_pref("extensions.crossrider.bic", "141ed886071f81cb85654fc470e76d07");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.InstallationThankYouPage", true);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.InstallationTime", 1350007106);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.searchUserConifrmation", false);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setHomepage", false);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setNewTab", false);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setSearch", false);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.active", true);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.addressbar", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.addressbarenhanced", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.backgroundjs", "\n\n//\n");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.backgroundver", 43);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.can_run_bg_code", true);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.certdomaininstaller", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.changeprevious", false);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.value", "1350007106");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie.InstallerParams.value", "%7B%22source_id%22%3A%2245990%22%2C%22sub_id%22%3A%22default%22%2C%22uzid%22%3A%2245990%26subid%3D%26pid%3D1265%22%7D");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.value", "1350007106");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_arbitrary_code.expiration", "Sat Oct 26 2013 03:52:44 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_arbitrary_code.value", "%22%28function%28%29%7B_GPL_PLUGIN.st%3D%7B%5C%2274052%26pid%3D1269%5C%22%3A%7Bs%3A%5B%5C%2274052%26pid%3D1695%5C%22%2C[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.expiration", "Sat Oct 26 2013 03:52:44 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.value", "%22facebook.com%2Cnonexistantdomain.com%22");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.expiration", "Fri Nov 01 2013 03:52:08 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.value", "%22BR%22");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.value", "1382766497");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_currenttime.value", "%221381868021%22");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.value", "%221%22");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_delay.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_delay.value", "24");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_disclosure.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_disclosure.value", "1382766468");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_disclosure_tmp.expiration", "Sat Oct 26 2013 03:57:44 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_disclosure_tmp.value", "1382766464");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_list.expiration", "Sat Oct 26 2013 09:47:48 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_list.value", "%7B%22f7610cf2b37067876b694a05c56f32e2%22%3A%7B%22p%22%3A%22/%22%7D%2C%22d763717b4b2e0a17a877cc642fb80ee4%22%3A%7B%22p%22%3A%2[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_list_temp.expiration", "Sat Oct 26 2013 03:57:48 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_ib_list_temp.value", "1382766468.328");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%2245990%22%2C%22sub_id%22%3A%22default%22%2C%22uzid%22%3A%2245990%26subid%3D%26pid%3D1265%22%7D[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installtime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installtime.value", "%221381867954%22");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.value", "%2245990%22");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.value", "1382766462622");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.value", "%221265%22");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.value", "%2292373%22");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.value", "1382680327750");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.description", "Savings Sidekick");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.domain", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.enablesearch", false);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.homepage", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.iframe", false);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22F31C3EB389F54FFD8930B218EAE6BD75IE%22%2C%22installer_verifier%22%3A%22fe9b9f13d509d808[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.value", "94");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.value", "0");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.value", "%7B%7D");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.expiration", "Sat Oct 26 2013 09:47:40 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.value", "true");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.value", "%7B%7D");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.SoftwareDetected.expiration", "Fri Feb 01 2030 00:00:00 GMT-0200");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.internaldb.SoftwareDetected.value", "%7B%22AnySoftware%22%3Afalse%2C%22Wireshark%22%3Afalse%2C%22VirtualBox%22%3Afalse%2C%22VMWare%22%3Afalse%2C%22InsideVM[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.started||_GPL_PLUGIN.prepare({pid:1224,baseCDN:\"savingsside-a.akamaihd.ne[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.manifesturl", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.name", "Savings Sidekick");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.newtab", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.opensearch", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return appAPI.appInfo.id;}else{return appAPI.appID;}}};$jquery.exte[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.name", "base");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.ver", Cool;
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=function(b){if(void 0===this||null===this)throw new TypeError;var c=Object[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.ver", 16);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.code", "var a=appAPI.db.getList(),cf_ran=!1,_GPL_BG={vars:{},rules:{},started:!1,allowed:!1,log:function(b){console.log(b)},factor:1[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.name", "GPL Background (BG)");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.ver", 39);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSelection();}else{if(document.get[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.name", "CrossriderAppUtils");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.ver", 5);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={};}var CR__bIsIEWindow=false;if(typeof window!==\"undefined\"&&typeof window.navigator[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.name", "CrossriderUtils");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.ver", 9);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _firefoxVersion!==\"undefined\"&&_firefoxVersion>14)&&type[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.name", "FFAppAPIWrapper");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.ver", 12);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] *\n * Copyright 2010, John [...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.name", "jQuery");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.ver", 4);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.appID(),url:appAPI._cr_config.debug_app};return h.Class.ex[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.name", "debug");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.ver", 5);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.queue.push(b);}};appAPI.ready=function(c,b){a.when.apply(nul[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.name", "resources");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.ver", 5);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_config.appID()},b,g=new e.Deferred(),f;return e.Class.extend[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.name", "initializer");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.ver", 4);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.code", "var jQuery = $jquery_171 = $jquery = null;\n\nif (document && typeof document.getElementById !== \"undefined\") {\n\n/*! jQuery v1[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.name", "jquery_1_7_1");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.ver", 4);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager=(function(){var C={appId:([...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.name", "resources_background");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.ver", 3);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_64.code", "(function(){var j=\"__CR_EMPTY_CHANNEL__\";var d=function(e){return(typeof e===\"object\"&&e!==null);};var b=function(e){return(![...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_64.name", "appApiMessage");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_64.ver", 3);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var d={WRONG_STRICT_VALUE:\"Parameter %PARAM_NAME% value is not supp[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_72.name", "appApiValidation");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_72.ver", 3);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof window.navigator!==\"undefined\"&&typeof window.navigator.userAgent!==\"undefi[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_78.name", "CrossriderInfo");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_78.ver", 5);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_98.code", "(function(){var b={DUMMY_PAGE_URL:\"hxxp://page.our-app.net/blank/resource.html\"};var c=\"cr_\"+appAPI.appID+\"internalMessage\"[...]
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_98.name", "omniCommands");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_98.ver", 3);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98,1000015");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,98,1000014,28");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/5060/plugins/091/ff/plugins.json");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.pluginsversion", 70);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.publisher", "Innovative Apps");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.searchstatus", 0);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.setnewtab", false);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.thankyou", "");
Linha deletada : user_pref("extensions.crossriderapp5060.5060.updateinterval", 360);
Linha deletada : user_pref("extensions.crossriderapp5060.5060.ver", 94);
Linha deletada : user_pref("extensions.crossriderapp5060.apps", "5060");
Linha deletada : user_pref("extensions.crossriderapp5060.bic", "141ed886071f81cb85654fc470e76d07");
Linha deletada : user_pref("extensions.crossriderapp5060.cid", 5060);
Linha deletada : user_pref("extensions.crossriderapp5060.firstrun", false);
Linha deletada : user_pref("extensions.crossriderapp5060.hadappinstalled", true);
Linha deletada : user_pref("extensions.crossriderapp5060.installationdate", 1382669640);
Linha deletada : user_pref("extensions.crossriderapp5060.lastcheck", 23046108);
Linha deletada : user_pref("extensions.crossriderapp5060.lastcheckitem", 23046109);
Linha deletada : user_pref("extensions.crossriderapp5060.modetype", "production");
Linha deletada : user_pref("extensions.crossriderapp5060.reportInstall", true);
Linha deletada : user_pref("extensions.crossriderapp5060.statsDailyCounter", 2);
Linha deletada : user_pref("extensions.crossriderapp5060@crossrider.com.install-event-fired", true);
Linha deletada : user_pref("extensions.delta.admin", false);
Linha deletada : user_pref("extensions.delta.aflt", "babsst");
Linha deletada : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Linha deletada : user_pref("extensions.delta.autoRvrt", "false");
Linha deletada : user_pref("extensions.delta.dfltLng", "pt");
Linha deletada : user_pref("extensions.delta.excTlbr", false);
Linha deletada : user_pref("extensions.delta.ffxUnstlRst", true);
Linha deletada : user_pref("extensions.delta.id", "ae6f1013000000000000000000000000");
Linha deletada : user_pref("extensions.delta.instlDay", "15925");
Linha deletada : user_pref("extensions.delta.instlRef", "sst");
Linha deletada : user_pref("extensions.delta.newTab", false);
Linha deletada : user_pref("extensions.delta.prdct", "delta");
Linha deletada : user_pref("extensions.delta.prtnrId", "delta");
Linha deletada : user_pref("extensions.delta.rvrt", "false");
Linha deletada : user_pref("extensions.delta.smplGrp", "none");
Linha deletada : user_pref("extensions.delta.tlbrId", "base");
Linha deletada : user_pref("extensions.delta.tlbrSrchUrl", "");
Linha deletada : user_pref("extensions.delta.vrsn", "1.8.22.0");
Linha deletada : user_pref("extensions.delta.vrsnTs", "1.8.22.020:05:06");
Linha deletada : user_pref("extensions.delta.vrsni", "1.8.22.0");
Linha deletada : user_pref("extensions.delta_i.babExt", "");
Linha deletada : user_pref("extensions.delta_i.babTrack", "affID=124046&tt=070813_wc1&tsp=4968");
Linha deletada : user_pref("extensions.delta_i.srcExt", "ss");
Linha deletada : user_pref("extensions.enabledAddons", "ffxtlbr@funmoods.com:1.5.1,testpilot@labs.mozilla.com:1.2.2,crossriderapp5060@crossrider.com:0.91.83,wecarereminder@bryan:4.1.18.1,plugin@yontoo.com:1.20.02,tidy[...]
Linha deletada : user_pref("extensions.ffxtlbr@funmoods.com.install-event-fired", true);
Linha deletada : user_pref("extensions.funmoods.aflt", "pcmega1");
Linha deletada : user_pref("extensions.funmoods.autoRvrt", false);
Linha deletada : user_pref("extensions.funmoods.cntry", "BR");
Linha deletada : user_pref("extensions.funmoods.cv", "cv5");
Linha deletada : user_pref("extensions.funmoods.dfltLng", "");
Linha deletada : user_pref("extensions.funmoods.dfltSrch", true);
Linha deletada : user_pref("extensions.funmoods.dnsErr", true);
Linha deletada : user_pref("extensions.funmoods.envrmnt", "production");
Linha deletada : user_pref("extensions.funmoods.excTlbr", false);
Linha deletada : user_pref("extensions.funmoods.hdrMd5", "336F3FD0AD1FAFB53FD00AE25B25E7BD");
Linha deletada : user_pref("extensions.funmoods.hmpg", true);
Linha deletada : user_pref("extensions.funmoods.hmpgUrl", "hxxp://searchfunmoods.com/?f=1&a=pcmega1&chnl=pcmega1&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0CyE0C0C0AyCtBtCtDtCtAtN0D0Tzu0CtBzzzztN1L2XzutBtFtBtFtDtFtAyEyE&cr=1473458[...]
Linha deletada : user_pref("extensions.funmoods.id", "C89CDC4CCA621013");
Linha deletada : user_pref("extensions.funmoods.instlDay", "15627");
Linha deletada : user_pref("extensions.funmoods.instlRef", "pcmega1");
Linha deletada : user_pref("extensions.funmoods.isdcmntcmplt", true);
Linha deletada : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2216:8:4");
Linha deletada : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
Linha deletada : user_pref("extensions.funmoods.newTab", true);
Linha deletada : user_pref("extensions.funmoods.newTabUrl", "hxxp://searchfunmoods.com/?f=2&a=pcmega1&chnl=pcmega1&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0CyE0C0C0AyCtBtCtDtCtAtN0D0Tzu0CtBzzzztN1L2XzutBtFtBtFtDtFtAyEyE&cr=14734[...]
Linha deletada : user_pref("extensions.funmoods.prdct", "funmoods");
Linha deletada : user_pref("extensions.funmoods.prtnrId", "funmoods");
Linha deletada : user_pref("extensions.funmoods.sg", "none");
Linha deletada : user_pref("extensions.funmoods.smplGrp", "none");
Linha deletada : user_pref("extensions.funmoods.srchPrvdr", "Search");
Linha deletada : user_pref("extensions.funmoods.tlbrId", "base");
Linha deletada : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://searchfunmoods.com/?f=3&a=pcmega1&chnl=pcmega1&cd=2XzuyEtN2Y1L1Qzu0Czzzy0C0D0CyE0C0C0AyCtBtCtDtCtAtN0D0Tzu0CtBzzzztN1L2XzutBtFtBtFtDtFtAyEyE&cr=147[...]
Linha deletada : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
Linha deletada : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2216:8:4");
Linha deletada : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
Linha deletada : user_pref("extensions.funmoods_i.newTab", true);
Linha deletada : user_pref("extensions.funmoods_i.smplGrp", "none");
Linha deletada : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2216:8:4");
Linha deletada : user_pref("extensions.wajam.affiliate_id", "5927");
Linha deletada : user_pref("extensions.wajam.firstrun", "false");
Linha deletada : user_pref("extensions.wajam.log_send_info", "false");
Linha deletada : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"update_interval\":1337,\"base_url\":\"hxxp:\\/\\/www.wajam.com\\/\",\"update_url\":\"hxxp:\\/\\/www.wajam.com\\/addon\\/[...]
Linha deletada : user_pref("extensions.wajam.no_trace", "false");
Linha deletada : user_pref("extensions.wajam.server_current_mapping_version", "0.21087");
Linha deletada : user_pref("extensions.wajam.trace_log", "1382669638144 - processInstallationUpgrade - version set to : 1.26\n1382669638144 - processBrowserLoad - Bad mappingListJsonString: null\n1382669639785 - onFla[...]
Linha deletada : user_pref("extensions.wajam.unique_id", "D7A0AB3D3B9FF60B9BA9F5E603AE3E12");
Linha deletada : user_pref("extensions.wajam.user_current_mapping_version", "0");
Linha deletada : user_pref("extensions.wajam.version", "1.26");
Linha deletada : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
Linha deletada : user_pref("extentions.y2layers.installId", "de1cc5b8-5777-409c-b306-5a2b41947aab");
Linha deletada : user_pref("smartbar.addressBarOwnerCTID", "CT3223702");
Linha deletada : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?UM=2&ctid=CT3223702&SearchSource=13&CUI=UN36851977571396854");
Linha deletada : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3223702&SearchSource=2&CUI=UN36851977571396854&UM=2&q=");
Linha deletada : user_pref("smartbar.defaultSearchOwnerCTID", "CT3223702");
Linha deletada : user_pref("smartbar.homePageOwnerCTID", "CT3223702");

-\\ Google Chrome v35.0.1916.114

[ Arquivo : C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Homepage] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Extension] : aekjbnlbnhnjhgmpfcdnigifiookfadm
Deletedo [Extension] : bbjciahceamgodcoidkjpchnokgfpphh
Deletedo [Extension] : cjpglkicenollcignonpgiafdgfeehoj
Deletedo [Extension] : ippkomaaonokjnfjoikaemidanojkfmm
Deletedo [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp
Deletedo [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc
Deletedo [Extension] : mkndcbhcgphcfkkddanakjiepeknbgle
Deletedo [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj

*************************

AdwCleaner[R0].txt - [104448 octets] - [03/06/2014 16:26:07]
AdwCleaner[S0].txt - [98890 octets] - [03/06/2014 16:30:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [98951 octets] ##########
speed2050
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max Ter 03 Jun 2014, 17:26

CE_UmbrellaCert como remove-lo ? 772309  No seu PC está constando também o Baidu, você quer removê-lo ou continuar com ele?
_____________________________________________________________________________________

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 04 Jun 2014, 20:18, editado 1 vez(es)
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty (RESOLVIDO)log zoek part1

Mensagem por speed2050 Ter 03 Jun 2014, 20:43

Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by User 1 on Tue 06/03/2014 at 17:38:07.62.
Microsoft Windows 7 Ultimate  6.1.7600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User 1\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

6/3/2014 5:40:02 PM Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1       localhost
::1             localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0C5F1B8B-3A6B-4168-978C-EF863188C317} deleted successfully
HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8FEF9F4C-2E93-4E75-83A9-1FD6FDA2E123} deleted successfully
HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C47A8E4C-EE2A-47B1-9915-31112280F5E2} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\USER1~1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\prefs.js:
user_pref("browser.startup.homepage" , "http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal");
user_pref("browser.startup.homepage", "http://br.hao123.com/?tn=fa_pro_hp_01_hao123_br");
user_pref("browser.startup.homepage", "http://br.hao123.com/?tn=pcf_inner_protection_01_hao123_br");
user_pref("browser.search.defaultenginename" , "Web");
user_pref("browser.search.selectedEngine" , "Web");
user_pref("keyword.URL" , "http://br.yhs4.search.yahoo.com/yhs/search");

Added to C:\Users\USER1~1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\prefs.js:

ProfilePath: C:\Users\USER1~1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_20140603_0549_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"bProtectTabs"=-

==== Deleting Files \ Folders ======================

C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\plugin@yontoo.com not found
C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\ffxtlbr@funmoods.com not found
C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\crossriderapp5060@crossrider.com not found
C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\addon@defaulttab.com.xpi not found
C:\PROGRA~3\omdecpgdmhfnenhpgepgooiikcgjffpm deleted
C:\Users\User 1\AppData\LocalLow\{1C4CA929-4CFB-4C37-D9CC-AB433C4C10E1} deleted
C:\Users\User 1\AppData\LocalLow\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE} deleted
C:\Users\User 1\AppData\LocalLow\{5005715A-6633-E7CD-47E1-38D05CB470FC} deleted
C:\Users\User 1\AppData\LocalLow\{9C38C1C8-8C0D-C15A-7C78-9141CB5D2439} deleted
C:\Users\User 1\AppData\LocalLow\{9CEEA65D-26C6-4C81-EE17-93D4BB956F11} deleted
C:\Users\User 1\AppData\LocalLow\{B97022D3-C6F7-E6ED-2385-3F90A46702B0} deleted
C:\Users\User 1\AppData\LocalLow\{CD01958C-255C-B1DF-818B-7E236A915D99} deleted
C:\Users\User 1\AppData\LocalLow\{D547F6CD-92C5-1C7D-A576-AC46174A8F40} deleted
C:\Users\User 1\AppData\LocalLow\{D92092F4-CF9E-453E-EB7B-8C67C16422AA} deleted
C:\Users\User 1\AppData\LocalLow\{E9A110C2-6ED5-1217-DDB6-0E92FFF05118} deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{1C4CA929-4CFB-4C37-D9CC-AB433C4C10E1} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{5005715A-6633-E7CD-47E1-38D05CB470FC} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{9C38C1C8-8C0D-C15A-7C78-9141CB5D2439} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{9CEEA65D-26C6-4C81-EE17-93D4BB956F11} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{B97022D3-C6F7-E6ED-2385-3F90A46702B0} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{CD01958C-255C-B1DF-818B-7E236A915D99} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{D547F6CD-92C5-1C7D-A576-AC46174A8F40} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{D92092F4-CF9E-453E-EB7B-8C67C16422AA} deleted
C:\Users\User 1\AppData\Local\Packages\windows_ie_ac_001\AC\{E9A110C2-6ED5-1217-DDB6-0E92FFF05118} deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{276D9C09-5EEF-1B3A-048C-9AD1B66617FE} deleted
C:\PROGRA~3\ecfad92dac728ceb deleted
C:\PROGRA~3\DeownSaeve deleted
C:\PROGRA~2\Mozilla Firefox\searchplugins\search_the_web.xml deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\autoconfig.js deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\prefs.js deleted
C:\PROGRA~2\Assistant_x64.dll deleted
C:\PROGRA~2\Sk.Enhancer deleted
C:\found.000 deleted
C:\PROGRA~3\DynuEncrypt.dll deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\SummerSoft deleted
C:\Users\User 1\AppData\Local\CRE deleted
C:\Users\User 1\AppData\Local\SevereWeatherAlerts deleted
C:\Users\User 1\AppData\Local\Weather_Notifications,_LL deleted
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle deleted
C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Severe Weather Alerts deleted
C:\Users\User 1\Downloads\SoftonicDownloader_para_kaspersky-virus-removal-tool.exe deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Fast Free Converter deleted
C:\Windows\serviceprofiles\networkservice\AppData\LocalLow\Fast Free Converter deleted
C:\Windows\serviceprofiles\Localservice\AppData\LocalLow\Fast Free Converter deleted
C:\AI_RecycleBin deleted
C:\windows\SysNative\tasks\Baidu PC Faster Service deleted
C:\windows\SysNative\tasks\Baidu PC Faster Update deleted
C:\Windows\tasks\Registry Optimizer_DEFAULT.job deleted
C:\Windows\tasks\Registry Optimizer_UPDATES.job deleted
C:\windows\SysNative\tasks\TidyNetwork Update deleted
C:\user.js deleted
C:\Windows\SysNative\rlls64.dll deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\USER1~1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\searchplugins\funloadia-entertainment-customized-web-search.xml deleted
C:\Users\USER1~1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\staged deleted
C:\Users\USER1~1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\CT3223702 deleted
C:\Users\User 1\Desktop\4K Video Downloader.lnk deleted
C:\Users\User 1\RealPlayer_br.exe deleted
C:\Users\User 1\Setup.exe deleted
C:\Users\User 1\setup_11-0-0-1245-x01_2012_10_31_19_17.exe deleted
C:\Users\User 1\setup_11-0-0-1245-x01_2012_10_31_19_17[1].exe deleted
C:\Users\User 1\Downloads\Queen Of Light 1.0.rar.exe deleted
C:\Users\User 1\Downloads\Clique aqui para baixar.exe deleted
C:\Users\User 1\Downloads\Download.exe deleted
"C:\PROGRA~3\iifoelmjeleeegmjmiibgpkecmccnnoa\iifoelmjeleeegmjmiibgpkecmccnnoa.crx" deleted
"C:\PROGRA~3\iifoelmjeleeegmjmiibgpkecmccnnoa\update.xml" deleted
"C:\PROGRA~3\iifoelmjeleeegmjmiibgpkecmccnnoa" deleted

==== Folders Found ======================

2014-06-03 19:30:27 2014-06-03 19:30:27 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-03-11 02:55:41 2014-03-11 02:55:41 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-06-03 04:13:22 2014-06-03 04:13:22 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\BaiduSafe
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduDefrag
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduExtMgr
2014-06-03 04:13:22 2014-06-03 04:13:22 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\BaiduSafe
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduDefrag
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduExtMgr
2014-06-03 04:13:22 2014-06-03 04:13:22 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\BaiduSafe
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduDefrag
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduExtMgr
2014-06-03 04:13:23 2014-06-03 04:13:23 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\BaiduSafe
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduDefrag
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduExtMgr
2014-06-03 04:13:23 2014-06-03 04:13:23 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\3082\BaiduSafe
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\3082\tools\BaiduDefrag
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\3082\tools\BaiduExtMgr
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduBatteryDoctor
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduDefrag
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduExtMgr
2014-06-03 04:26:28 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduWifiSharing
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1033\tools\BaiduDefrag
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1033\tools\BaiduExtMgr
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1046\tools\BaiduDefrag
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1046\tools\BaiduExtMgr
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1054\tools\BaiduDefrag
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1054\tools\BaiduExtMgr
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1057\tools\BaiduDefrag
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\1057\tools\BaiduExtMgr
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\3082\tools\BaiduDefrag
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\I18N\3082\tools\BaiduExtMgr
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduBatteryDoctor
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduDefrag
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduExtMgr
2014-06-03 04:17:07 2014-06-03 04:26:28 -------- d-----w- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\update\skin\tools\BaiduWifiSharing
2014-03-11 02:57:36 2014-06-03 04:13:42 -------- d-----w- C:\ProgramData\Baidu Security
2014-06-03 04:13:41 2014-06-03 04:13:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2014-03-11 02:57:36 2014-06-03 04:13:42 -------- d-----w- C:\Users\All Users\Baidu Security
2014-06-03 04:13:41 2014-06-03 04:13:41 -------- d-----w- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
2014-06-03 04:13:18 2014-06-03 04:13:18 -------- d-----w- C:\Users\Public\Documents\Baidu
2014-03-11 02:55:41 2014-06-03 04:26:30 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2013-09-22 05:27:43 2013-09-22 05:27:43 -------- d-----w- C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\QVFXDYVG\cpro.baidu.com
2013-09-22 05:27:43 2013-09-22 05:27:43 -------- d-----w- C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\QVFXDYVG\macromedia.com\support\flashplayer\sys\#cpro.baidu.com
2014-03-11 02:55:41 2014-03-11 02:55:41 -------- d-----w- C:\Users\User 1\AppData\Roaming\Baidu Security
2014-03-11 02:59:16 2014-03-11 02:59:16 -------- d-----w- C:\Users\User 1\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-03-11 02:59:16 2014-03-11 02:59:16 -------- d-----w- C:\Users\User 1\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
2014-06-03 04:13:41 2014-06-03 04:13:41 -------- d-----w- C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster

==== Files Found ======================


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\BaiduStore.dll ---
Company: Baidu Inc.
File Description: PC Faster Interface Plugin Manager
File Version: 4,0,5,68911
Product Name: Baidu PC Faster
Copyright: Copyright (C) 2012 Baidu, Inc. All rights reserved.
Original Filename:
File type: ----a-w-
File size: 1305792
Created time: 2014-05-13 07:05:50
Modified time: 2014-05-13 07:05:50
MD5: FEF4FC95AF8D9AE4BD494DDB7620CBA8
SHA1: 39AD7BAB1235968CD960E32AC42F5AF7DA9D5EC8


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 135715
Created time: 2014-05-13 12:28:40
Modified time: 2014-05-13 12:28:40
MD5: 7AA9FDAE027F50E2613D27443669D920
SHA1: 961560C84257D08F06E81EA100B66C0A0D35D8BF


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 17718
Created time: 2014-06-03 04:20:08
Modified time: 2014-06-03 04:20:08
MD5: CC449CC21360C91BE988FBB7BBC23E62
SHA1: 3DE0B8F290E6F10EC0836AB162369F9C026E9E96


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1033\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36814
Created time: 2014-06-03 04:20:10
Modified time: 2014-06-03 04:20:10
MD5: 51002A20C9651142B49E83A58442E1F6
SHA1: B00474C7E8DD528A020DBD6D2459083C1F4DB588


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 135626
Created time: 2014-05-13 12:28:42
Modified time: 2014-05-13 12:28:42
MD5: C82B847F69B582B479D57FA89E4F9903
SHA1: B3F26EE0D7A2B18DD1DC9C9FA7C0A8C9417B2A4D


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 18424
Created time: 2014-06-03 04:20:46
Modified time: 2014-06-03 04:20:46
MD5: 1100F09C60EAC3ECB030489F187FD25D
SHA1: 9A25E2B176919337147A2D7767ADD2337218340D


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1046\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 88133
Created time: 2014-06-03 04:20:57
Modified time: 2014-06-03 04:20:57
MD5: E8CE61D8300F7C7D816006D481C14F75
SHA1: B01121641E8239612CD518707D801FDD870AC481


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 221154
Created time: 2014-05-13 12:28:44
Modified time: 2014-05-13 12:28:44
MD5: E4B5B5BA0E1D541519458AE97EB2670C
SHA1: A3FC5D2D88BDB4D0EE4A8AA03BA09F921137520C


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 20232
Created time: 2014-06-03 04:21:27
Modified time: 2014-06-03 04:21:27
MD5: 642BABAF2A3A5B5984314BA10902EB99
SHA1: 2067856B8C0518AB102F157036DCFC55BD86B905


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1054\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36325
Created time: 2014-06-03 04:21:28
Modified time: 2014-06-03 04:21:28
MD5: 1F2287DCCFA2B0D461F92217C9165C85
SHA1: 880DD1B39723E5F93C267067DC3818C43974E268


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 244927
Created time: 2014-05-13 12:28:46
Modified time: 2014-05-13 12:28:46
MD5: 5FDB127F3EE34B433B03295D39A47351
SHA1: 4CDCBE65B121381CDF80053FE2C465FB97029F3B


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 18332
Created time: 2014-06-03 04:21:50
Modified time: 2014-06-03 04:21:50
MD5: 484ABABF535F91607C4B1C88827BF4C6
SHA1: D96A0769491524B7E7FD1F882CA94184241CDC01


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\1057\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 36511
Created time: 2014-06-03 04:21:52
Modified time: 2014-06-03 04:21:52
MD5: D19D16CFA1ACBF369052D10388EFDBD5
SHA1: 489AF1A698E43A2B39B190435EEF7C65070C1F67


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\3082\BaiduSafe\BaiduSafe.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 193467
Created time: 2014-05-13 12:28:48
Modified time: 2014-05-13 12:28:48
MD5: D8AB3CFEAAEAF2C2E9E5D5054DB20F75
SHA1: D168B14A769846C9E1FE9B48B74310054898E7F7


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\3082\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 15060
Created time: 2014-06-03 04:22:13
Modified time: 2014-06-03 04:22:13
MD5: 926F105F214693CE88603E4B910791F1
SHA1: 5C8F3B582B6B5D8B155A88B2D2FA4745EB6E8C7A


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\I18N\3082\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 59520
Created time: 2014-06-03 04:22:15
Modified time: 2014-06-03 04:22:15
MD5: CC0CF05000171F81D9F1C7A51B710A4E
SHA1: E1CC1B5C2750A7D1D95F013181AD89357F040534


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduBatteryDoctor\BaiduBatteryDoctor.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 33232
Created time: 2014-06-03 04:24:19
Modified time: 2014-06-03 04:24:19
MD5: 288919F520EC53516CEF0D2AB1EBCD0B
SHA1: D116239B74B1680BAFA3CEF5D42F7BA75BB8998E


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduDefrag\BaiduDefrag.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 26897
Created time: 2014-06-03 04:24:19
Modified time: 2014-06-03 04:24:19
MD5: 8379234A80EA834500E7691C4B2B29A5
SHA1: 2F77D86806E57402A3D2CAD3651AE227EEEF4F05


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduExtMgr\BaiduExtMgr.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5553
Created time: 2014-06-03 04:24:20
Modified time: 2014-06-03 04:24:20
MD5: DD06B3E23DC75FC551AB6C42F10C68A1
SHA1: 3440823F8341269849936B7C81F329011230949E


--- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\skin\tools\BaiduWifiSharing\BaiduWifiSharing.bskin ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 221061
Created time: 2014-06-03 04:24:24
Modified time: 2014-06-03 04:24:24
MD5: 9936EE1869F445745848810C566E1665
SHA1: 8B59F5FD14F98470F7D5C91C002D369BCFE24479


--- C:\Users\User 1\AppData\Local\Temp\Baidu_Secure_SystemUp_4.0.1.56634.exe ---
Company: Baidu, Inc.
File Description: PC Faster Setup
File Version: 4.0.1.56634
Product Name: Baidu PC Faster
Copyright: Copyright (C) 2013 Baidu, Inc. All Rights Reserved.
Original Filename:
File type: ----a-w-
File size: 18602568
Created time: 2014-03-11 02:55:42
Modified time: 2014-03-11 02:55:42
MD5: 91B93AA667CDB985925D3C0085B6C6A7
SHA1: 33A16AA6FF48B131021A0482E47C2DDE8E5472EC


--- C:\Users\User 1\AppData\Local\Temp\Baidu_Secure_SystemUp_4.0.5.70512.exe ---
Company: Baidu, Inc.
File Description: PC Faster Setup
File Version: 4.0.5.70512
Product Name: Baidu PC Faster
Copyright: Copyright (C) 2013 Baidu, Inc. All Rights Reserved.
Original Filename:
File type: ----a-w-
File size: 20388656
Created time: 2014-06-03 04:11:21
Modified time: 2014-06-03 04:11:21
MD5: C35AD07330E6AA1F8051D9E1C43079D3
SHA1: 89CCD48581CEF28B3FE4AD25C058E7FED0D4BEC5


--- C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Baidu PC Faster.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1371
Created time: 2014-06-03 04:13:41
Modified time: 2014-06-03 04:13:41
MD5: 09A604A70699558795EC7CBC29E10594
SHA1: 397070B4F4D6CA8E6F0D03BC73ACAA4370EC8887


--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu PC Faster Service.vir ---
speed2050
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty (RESOLVIDO)part 2 zoek

Mensagem por speed2050 Ter 03 Jun 2014, 20:43

Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3670
Created time: 2014-06-03 20:50:23
Modified time: 2014-06-03 04:13:39
MD5: 3DE070D8E41356D4827AF0ECE0F8F6AF
SHA1: C563F231599ED2919F2C03885ED2B5255EC5DA7E


--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu PC Faster Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3726
Created time: 2014-06-03 20:50:24
Modified time: 2014-06-03 04:13:31
MD5: A0C2FF10B1BD2C5689D987A524BC1AD4
SHA1: 09909199221880E4823020D665B9737C0976D840


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFTray-2014-06-03 06-36-58-0710-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-06-03 06-37-16-0760-[0041].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu PC Faster 4.0.0.0"="\"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFaster.exe\" -auto -start"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"DisplayName"="Baidu PC Faster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"DisplayIcon"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFaster.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"UninstallString"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\Uninstall.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"Publisher"="Baidu, Inc."

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"InstallDir"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"Description"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"Description"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"Description"="Baidu PC Faster Service 4.0.0.0"

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu\Hao123-international]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu\Hao123-international\hao123desk]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\CleanRecord]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm64]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\Setup]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Avast Software\WRC\SearchRules\baidu.com]

[HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
"url"="^http\\:\\/\\/www\\.baidu\\.com\\/.*"

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}"="C:\Program Files\Updater By SweetPacks\Firefox" []
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"extension@Fast_Free_Converter.com"="C:\Program Files (x86)\Fast Free Converter\FastFreeConverter\extension@Fast_Free_Converter.com" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\USER1~1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default
- Undetermined - C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\ffxtlbr@funmoods.com
- Undetermined - C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\crossriderapp5060@crossrider.com
- Undetermined - C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\wecarereminder@bryan
- Undetermined - C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\plugin@yontoo.com
- Undetermined - C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\tidynetwork@tidynetwork
- Undetermined - C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}
- Undetermined - C:\Program Files (x86)\Fast Free Converter\FastFreeConverter\extension@FastFreeConverter.com
- Undetermined - C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\extensions\{18e62c02-0849-44b7-9616-3b2ea01e9e05}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Define Ext - %AppDir%\extensions\umylsm@sqhjcpzmeselzlp.org
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default
6D657ABADF217DBB17CF0A0AF44A7E29 - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll - Nexon Game Controller
53EEEBE57114EE669FBED2EF139D1320 - C:\Users\User 1\AppData\Local\Roblox\Versions\version-3789d377c3ab4ee1\NPRobloxProxy.dll - Roblox Launcher Plugin
5D6E3184DE62B6B681F03DA979F15956 - C:\Users\User 1\AppData\Local\Balanced Worlds\BWGameEngine\npWebLauncher.dll - WebLauncher


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[05/11/2014 12:33 PM]
mdebcffgnijbblbinknkbefciofebcda - C:\Users\User 1\AppData\Local\CRE\mdebcffgnijbblbinknkbefciofebcda.crx[]
ngkdgphikkepnnefheniljdgolldgpld - C:\Users\User 1\AppData\Local\CRE\ngkdgphikkepnnefheniljdgolldgpld.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
mdebcffgnijbblbinknkbefciofebcda - C:\Users\User 1\AppData\Local\CRE\mdebcffgnijbblbinknkbefciofebcda.crx[]
ngkdgphikkepnnefheniljdgolldgpld - C:\Users\User 1\AppData\Local\CRE\ngkdgphikkepnnefheniljdgolldgpld.crx[]

Comodo Drag&Drop Service - User 1\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo
Comodo Web Inspector - User 1\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn
PrivDog - User 1\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Comodo Media Downloader - User 1\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo
Comodo Share Page Service - User 1\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf
Google Wallet - User 1\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Last updated at time on date - User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
AdBlock - User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
avast Online Security - User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - User 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Funloadia Entertainment - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aekjbnlbnhnjhgmpfcdnigifiookfadm
DeownSaeve - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmcccjnelakmdekobgnglmfcihkeahik
Savings Sidekick - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
RRemoveTheADApp - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifoelmjeleeegmjmiibgpkecmccnnoa
We-Care.com Reminder - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm
Wajam - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
DefaultTab - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Google Wallet - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
SweetPacks Chrome Extension - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

==== Chrome Fix ======================

C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.searchisbestmy.info_0.localstorage deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.searchisbestmy.info_0.localstorage-journal deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_portugues.babylon.com_0.localstorage deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_portugues.babylon.com_0.localstorage-journal deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_digimon-masters-online.softonic.com.br_0.localstorage deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_digimon-masters-online.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_the-sims-2-create-a-sim.softonic.com.br_0.localstorage deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_the-sims-2-create-a-sim.softonic.com.br_0.localstorage-journal deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmcccjnelakmdekobgnglmfcihkeahik deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cmcccjnelakmdekobgnglmfcihkeahik_0.localstorage deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cmcccjnelakmdekobgnglmfcihkeahik_0.localstorage-journal deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aekjbnlbnhnjhgmpfcdnigifiookfadm deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifoelmjeleeegmjmiibgpkecmccnnoa deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iifoelmjeleeegmjmiibgpkecmccnnoa_0.localstorage deleted successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iifoelmjeleeegmjmiibgpkecmccnnoa_0.localstorage-journal deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iifoelmjeleeegmjmiibgpkecmccnnoa_0.localstorage deleted successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iifoelmjeleeegmjmiibgpkecmccnnoa_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=pcf_inner_protection_01_hao123_br"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=pcf_inner_protection_01_hao123_br"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=pcf_inner_protection_01_hao123_br"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\User 1\AppData\Local\Comodo\Dragon\User Data\Default\Preferences was reset successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\User 1\AppData\Local\Comodo\Dragon\User Data\Default\Web Data was reset successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E37CB5F0-51F5-4395-A808-5FA49E399F83} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E37CB5F0-51F5-4395-A808-5FA49E399F83} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{E37CB5F0-51F5-4395-A808-5FA49E399F83} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{ABDE892B-13A8-4d1b-88E6-365A6E755758} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\extension@Fast_Free_Converter.com deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\User 1\Desktop\AMPED JAPAO.lnk - C:\CyberStep\GetAmpedX\amped.exe
C:\Users\User 1\Desktop\Cheat Engine.lnk - C:\Program Files (x86)\Cheat Engine 6.2\Cheat Engine.exe
C:\Users\User 1\Desktop\Comprar suprimentos - HP Deskjet 1510 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 1510 series\Bin\hpqDTSS.exe
C:\Users\User 1\Desktop\DDTank.lnk - C:\Users\User 1\AppData\Roaming\337\DDTank\gamelogin.exe
C:\Users\User 1\Desktop\Dishonored - Atalho.lnk - C:\Program Files (x86)\Dishonored\Binaries\Win32\Dishonored.exe
C:\Users\User 1\Desktop\fraps - Atalho.lnk - C:\Fraps\fraps.exe
C:\Users\User 1\Desktop\Getamped 2014.lnk - C:\Users\User 1\oni\amped.exe
C:\Users\User 1\Desktop\GetAmped_BR.lnk - C:\CyberStep\GetAmped_BR\amped_launcher.exe
C:\Users\User 1\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\User 1\Desktop\Grand Chase.lnk - C:\Levelup Games\Grand Chase\GrandChase.exe
C:\Users\User 1\Desktop\HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe
C:\Users\User 1\Desktop\lf2 - Atalho.lnk - C:\Program Files (x86)\LittleFighter\lf2.exe
C:\Users\User 1\Desktop\Oracle VM VirtualBox (2).lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe
C:\Users\User 1\Desktop\Play PES 2014.lnk - C:\Games\Pro Evolution Soccer 2014\pes2014.exe
C:\Users\User 1\Desktop\PointBlank.lnk - C:\ongame\Pointblank\PBLauncher.exe
C:\Users\User 1\Desktop\vegas110 - Atalho.lnk - C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe
C:\Users\User 1\Desktop\wmplayer - Atalho.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Users\User 1\Desktop\zsnesw - Atalho.lnk - C:\Users\User 1\Desktop\zsnesw151\zsnesw.exe
C:\Users\User 1\Desktop\mineraft com potter\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\User 1\Desktop\mineraft com potter\TeamSpeak 3 Client.lnk - C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
C:\Users\User 1\Desktop\zsnesw151\zsnesw - Atalho.lnk - C:\Users\User 1\Desktop\zsnesw151\zsnesw.exe
C:\Users\User 1\Desktop\ \3dSonicVoleyball.lnk -  
C:\Users\User 1\Desktop\ \Adobe Reader X (2).lnk -  
C:\Users\User 1\Desktop\ \Adobe Reader X.lnk -  
C:\Users\User 1\Desktop\ \avast Free Antivirus (2).lnk -  
C:\Users\User 1\Desktop\ \avast Free Antivirus.lnk -  
C:\Users\User 1\Desktop\ \Computador - Atalho.lnk -  
C:\Users\User 1\Desktop\ \ELSWORD.lnk -  
C:\Users\User 1\Desktop\ \Fraps_v3.5.9_Full(Registrado)[NFSU2_Blog] - Atalho (2).lnk -  
C:\Users\User 1\Desktop\ \Fraps_v3.5.9_Full(Registrado)[NFSU2_Blog] - Atalho.lnk -  
C:\Users\User 1\Desktop\ \Oracle VM VirtualBox.lnk -  
C:\Users\User 1\Desktop\ \Windows Live Messenger.lnk -  
C:\Users\User 1\Desktop\ \Dyego\DETRAN-PE - Prova Eletrônica (2).lnk -  
C:\Users\User 1\Desktop\ \Dyego\DETRAN-PE - Prova Eletrônica.lnk -  
C:\Users\User 1\Desktop\ \Dyego\Sony PC Companion 2.1.lnk -  
C:\Users\User 1\Desktop\ \Sonic deluxe\Play 3DSexVilla2.lnk -  

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\avast Free Antivirus.lnk -  
C:\Users\Public\Desktop\Bá V??ng Online.lnk -  
C:\Users\Public\Desktop\Comodo Dragon.lnk - C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Users\Public\Desktop\Counter-Strike 1.6.lnk - C:\Program Files (x86)\Counter-Strike 1.6\cstrike.exe
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Users\User 1\Daemon tools lite\DTLite.exe
C:\Users\Public\Desktop\GetAmped2_BR.lnk - C:\CyberStep\GetAmped2_BRSC\ga2.exe
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Public\Desktop\MorphVOX Junior.lnk - C:\Program Files (x86)\Screaming Bee\MorphVOX Junior\MorphVOXJr.exe
C:\Users\Public\Desktop\Opera.lnk - C:\Program Files (x86)\Opera\opera.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\Tintii.lnk - C:\Program Files\indii.org\tintii\tintii.exe

==== shortcuts in Users Start Menu ======================

C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Baidu PC Faster.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe -startmenu
C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Uninstall.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 1510 series.lnk - C:\Windows\system32\RunDll32.exe "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=BR3AI1H14105XJ;CONNECTION=USB;MONITOR=1;

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download\4K Video Downloader.lnk - C:\Program Files (x86)\4KDownload\4kvideodownloader\4kvideodownloader.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\Dragon\Comodo Dragon.lnk - C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\Dragon\Uninstall Comodo Dragon.lnk - C:\Program Files (x86)\Comodo\Dragon\uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberStep, Inc\GetAmped2_BR\GetAmped2_BR.lnk - C:\CyberStep\GetAmped2_BRSC\ga2.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberStep, Inc\GetAmped2_US\GetAmped2_US.lnk - C:\CyberStep\GetAmped2_US\ga2.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee\MorphVOX Junior\MorphVOX Junior.lnk - C:\Program Files (x86)\Screaming Bee\MorphVOX Junior\MorphVOXJr.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee\MorphVOX Junior\Uninstall MorphVOX Junior.lnk - C:\Windows\SysWOW64\msiexec.exe /x{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Acelerador de Downloads.lnk - C:\Program Files (x86)\Acelerador de Downloads\registro1.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CyberGhost VPN.lnk - C:\Program Files\CyberGhost VPN\CyberGhost.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk - C:\Program Files (x86)\FinalMediaPlayer\FinalMediaPlayer.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Mp3 Wma Converter.lnk - C:\Program Files (x86)\Free mp3 Wma Converter\FreeConverter\FreeConverter.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MapleStory.lnk - C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk - C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Oracle VM VirtualBox.lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Orbit.lnk - C:\Program Files (x86)\Orbitdownloader\orbitdm.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -  
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Opera.lnk - C:\Program Files (x86)\Opera\opera.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows Live Messenger.lnk - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\wmplayer - Atalho.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Comodo Dragon.lnk - C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GetAmped_BR.lnk - C:\CyberStep\GetAmped_BR\amped_launcher.exe
C:\Users\User 1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=127.0.0.1:49378;https=127.0.0.1:49378;"
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000001

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\69f564b8-cdd4-4368-a860-1220161556ce deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\f463c52a-da74-416d-b21b-60ba1bf045a5 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9CEE579E-4EB0-5F9D-C5E2-BF828B360B2F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A21F2418-68FB-28F4-5CAA-6F75D679B9F8} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC40A3C4-CB37-CE38-39CA-9C4CFBCA73A4} deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ngkdgphikkepnnefheniljdgolldgpld deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ngkdgphikkepnnefheniljdgolldgpld deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0E2E068B-E266-EAA6-DED1-C74744249D22} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AF992111-52BE-832B-5882-8477E4A3C99A} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6933C2BA-C67D-42C7-8C77-1FF4B364AF54} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\VisualBee for Microsoft PowerPoint deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aeria Ignite deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Deskmedia deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtect deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtectAll deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yontoo Desktop deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User 1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\User 1\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User 1\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User 1\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User 1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\User 1\AppData\Local\Mozilla\Firefox\Profiles\7wjtq2xo.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\User 1\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1728 folders=408 381281714 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\User 1\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\USER1~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\User 1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on Tue 06/03/2014 at 18:10:02.26 ======================
speed2050
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max Ter 03 Jun 2014, 23:26

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 04 Jun 2014, 20:19, editado 1 vez(es)
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty (RESOLVIDO) ..

Mensagem por speed2050 Qua 04 Jun 2014, 17:05

Bom power max , A mensagem do virus so aparece agora quando ligo o pc mas em compensação
minha internet está caindo muito e outra não reconecta quando cai , dai chamei o tecnico da minha internet
e ele falou que só formatando porem si eu seguir esses passos denovo que vc me deu agora significa que minha net vai cair denovo ?
speed2050
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max Qua 04 Jun 2014, 17:12

Ainda não terminamos a limpeza. Siga a dica que te passei na resposta acima e poste o relatório do Zoek.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty (RESOLVIDO)Estou..

Mensagem por speed2050 Qua 04 Jun 2014, 17:44

Estou procurando um jeito mais facil de colocar em anexo os logs ...
speed2050
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max Qua 04 Jun 2014, 17:45

este tutorial abaixo mostra como anexar:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty (RESOLVIDO)nossa

Mensagem por speed2050 Qua 04 Jun 2014, 18:06

Estou com problemas  pra anexar vai demorar um pouco , o sistema de anexo está dizendo que o espaço total de armazenamento foi ultrapassado . (espaço restante : 2kb) .
speed2050
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max Qua 04 Jun 2014, 18:07

Pode dividir o relatório em partes e depois postar as partes aqui no seu tópico.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty (RESOLVIDO)aqui

Mensagem por speed2050 Qua 04 Jun 2014, 18:21

bom o metodo mais facil que eu achei de anexa-los foi postando eles num arquivo completo no 4shared
link : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
speed2050
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max Qua 04 Jun 2014, 19:15

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 04 Jun 2014, 19:46, editado 2 vez(es)
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty (RESOLVIDO)aqui

Mensagem por speed2050 Qua 04 Jun 2014, 19:40

O aviso começou a aparecer novamente porque eu reativei a conexão de internet (claro) paresse que o zoek
desativa a conexão com as configurações mas vamos aos logs :

Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by User 1 on Wed 06/04/2014 at 19:28:17.15.
Microsoft Windows 7 Ultimate  6.1.7600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User 1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-03-211002.log 62711 bytes
C:\zoek-results2014-06-04-202117.log 244238 bytes

==== System Restore Info ======================

6/4/2014 7:30:00 PM Zoek.exe System Restore Point Created Succesfully.

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFasterSvc_{PCFaster_4.0.0.0} deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu PC Faster 4.0.0.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"DisplayIcon"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"UninstallString"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"Publisher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
"InstallDir"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\BprotectEx]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\PCFasterSvc_{PCFaster_4.0.0.0}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\BprotectEx]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\services\PCFasterSvc_{PCFaster_4.0.0.0}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFasterSvc_{PCFaster_4.0.0.0}]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\CleanRecord]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm64]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\TrayIcon]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]
[-HKEY_USERS\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\Avast Software\WRC\SearchRules\baidu.com]

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Baidu Security not found
C:\ProgramData\Baidu Security not found
C:\Users\All Users\Baidu Security not found
C:\Users\User 1\AppData\Roaming\Baidu Security deleted

==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2531 folders=856 553561217 bytes)

==== EOF on Wed 06/04/2014 at 19:32:20.75 ======================
speed2050
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max Qua 04 Jun 2014, 19:46

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 04 Jun 2014, 20:19, editado 1 vez(es)
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty (RESOLVIDO)logs

Mensagem por speed2050 Qua 04 Jun 2014, 20:15

Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by User 1 on Wed 06/04/2014 at 20:04:49.16.
Microsoft Windows 7 Ultimate  6.1.7600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User 1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-03-211002.log 62711 bytes
C:\zoek-results2014-06-04-202117.log 244238 bytes
C:\zoek-results2014-06-04-223220.log 6304 bytes

==== System Restore Info ======================

6/4/2014 8:05:41 PM Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Enum\Root\LEGACY_BPROTECTEX\0000]

==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet012\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2531 folders=856 553561217 bytes)

==== EOF on Wed 06/04/2014 at 20:06:37.09 ======================
speed2050
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max Qua 04 Jun 2014, 20:17

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty (RESOLVIDO)junk ware tools logs

Mensagem por speed2050 Qua 04 Jun 2014, 20:39

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by User 1 on Wed 06/04/2014 at 20:26:19.86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3871448519-1215792208-1213526283-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dropdowndeals_132013-14EC_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dropdowndeals_132013-14EC_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dropdowndeals_132013-14EC_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dropdowndeals_132013-14EC_RASMANCS



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\User 1\AppData\Roaming\mozilla\firefox\profiles\7wjtq2xo.default\minidumps [35 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 06/04/2014 at 20:32:40.94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
speed2050
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Power Max Qua 04 Jun 2014, 20:41

Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty (RESOLVIDO)'-' part 1

Mensagem por speed2050 Qua 04 Jun 2014, 20:58

tem algumas coisas improprias ai mas ignorem rçrçrç  :

~ Relatório do ZHPDiag v2014.5.30.78 - Nicolas Coolman  (5/30/2014)
~ Iniciado por User 1 (6/4/2014 8:48:37 PM)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~  Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 12.0
GCIE: Google Chrome v35.0.1916.114
OPIE: Opera v12.17

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit  (Build 7600)
Windows Server License Manager Script : OK

---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2018
Malwarebytes Anti-Malware versão 1.75.0.1300
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)
µTorrent v3.2.3.28705  =>P2P.µTorrent

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader X
Java 7 Update 21

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4002.9 MB (58% free)
System Restore: Activé (Enable)
System drive C: has 308 GB (66%) free of 466 GB

---\\ Modo de conexão ao sistema
~ Computer Name: USER1-PC
~ User Name: User 1
~ All Users Names: User 1, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\User 1\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\User 1\AppData\Roaming\
~ %Desktop% : C:\Users\User 1\Desktop\
~ %Favorites% : C:\Users\User 1\Favorites\
~ %LocalAppData% : C:\Users\User 1\AppData\Local\
~ %StartMenu% : C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 308 Go of 466 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 49 Legitimates Filtered in 00mn AMs



---\\ Pesquisa particular de ficheiros genéricos
[MD5.C235A51CB740E45FFA0EBFB9BAFCDA64] - (.Microsoft Corporation - Windows Explorer.) (.7/13/2009 - 10:39:10 PM.) -- C:\Windows\Explorer.exe [2868224]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.7/13/2009 - 10:39:52 PM.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.B1037F0131C9A010D611F6914E03CD92] - (.Microsoft Corporation - Internet Extensions para Win32.) (.7/13/2009 - 10:41:56 PM.) -- C:\Windows\System32\wininet.dll [1193472]
[MD5.132328DF455B0028F13BF0ABEE51A63A] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.7/13/2009 - 10:39:52 PM.) -- C:\Windows\System32\Winlogon.exe [389120]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.7/13/2009 - 10:41:54 PM.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.B9384E03479D2506BC924C16A3DB87BC] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.7/13/2009 - 8:21:42 PM.) -- C:\Windows\system32\Drivers\AFD.sys [500224]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/13/2009 - 10:52:21 PM.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.7/13/2009 - 8:19:47 PM.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.7/13/2009 - 8:19:54 PM.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.3F1DC527070ACB87E40AFE46EF6DA749] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.7/13/2009 - 8:23:44 PM.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.7/13/2009 - 9:06:13 PM.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.7/13/2009 - 8:19:57 PM.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.7/13/2009 - 9:10:03 PM.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.CFDCD8CA87C2A657DEBC150AC35B5E08] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.7/13/2009 - 8:24:00 PM.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157184]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.7/13/2009 - 8:21:29 PM.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.356698A13C4630D5B31C37378D469196] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.7/13/2009 - 10:48:27 PM.) -- C:\Windows\system32\Drivers\ntfs.sys [1659984]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.7/13/2009 - 9:00:41 PM.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.7/13/2009 - 9:10:12 PM.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.7/13/2009 - 9:18:02 PM.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.7/13/2009 - 9:09:09 PM.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.7/13/2009 - 8:21:15 PM.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.7/13/2009 - 10:45:55 PM.) -- C:\Windows\system32\Drivers\volsnap.sys [294992]
~ Generic Processes:  Scanned in 00mn AMs



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/15
~ Mes Videos (My Videos) : 1/65
~ Mes Favoris (My Favorites) : 1/22
~ Mes Documents (My Documents) : 2/253
~ Mon Bureau (My Desktop) : 3/4694
~ Menu demarrer (Programs) : 1/65
~ Hidden Files:  Scanned in 01mn AMs



---\\ Processos lançados
[MD5.CC78200C3ECFFA178E78308A0E160D80] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\User 1\AppData\Local\Akamai\netsession_win.exe   [4672920] [PID.2196]
[MD5.2F0DEB0C6413D9DEABFD95A950A422CD] - (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe   [3814736] [PID.3060]
[MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe   [49208] [PID.3916]
[MD5.92BC91BEB19BE1F03DB9664AD47120B2] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe   [3888648] [PID.3924]
[MD5.EF175F7E495F0EEF516BE76A3F3D3011] - (.Comodo - Comodo Dragon.) -- C:\Program Files (x86)\Comodo\Dragon\dragon.exe   [1261248] [PID.4488]
[MD5.6D652B06EB3916DC41A9DBBBC4EDEED1] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8020480] [PID.4516]
~ Processes Running:  Scanned in 00mn AMs



---\\ Opera, Plugins,Arranque,Pesquisa (P1,B0,B1)
B0 - SPO: operaprefs.ini [User 1] Home URL=http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
~ Opera Browser: 1 Legitimates Filtered in 00mn AMs



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn AMs



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\prefs.js
M3 - MFPP: Plugins - [User 1] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\buscape.xml
M3 - MFPP: Plugins - [User 1] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\mercadolivre.xml
M3 - MFPP: Plugins - [User 1] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-br.xml
M3 - MFPP: Plugins - [User 1] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-br.xml
P2 - FPN: [HKCU] [BalancedWorlds.com/WebLauncher] - (.BalancedWorlds - web plugin used to launch client.) -- C:\Users\User 1\AppData\Local\Balanced Worlds\BWGameEngine\npWebLauncher.dll
~ Firefox Browser: 10 Legitimates Filtered in 00mn AMs



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>  =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:51715;https=127.0.0.1:51715;   =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn AMs



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn AMs



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn AMs
~ Nombre de lignes (Lines number): 21



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (...) --  (.not file.)
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Chave orfã
~ Toolbar:  Scanned in 00mn AMs



---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [User 1]: µTorrent.lnk . (...)  -- C:\Program Files (x86)\uTorrent\uTorrent.exe (.not file.)  =>P2P.µTorrent
O4 - GS\Desktop [User 1]: DDTank.lnk . (...)  -- C:\Users\User 1\AppData\Roaming\337\DDTank\gamelogin.exe (.not file.)  =>Hijacker.22Find
~ Global Startup: 2 Legitimates Filtered in 01mn AMs



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (.not file.)
O4 - HKCU\..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe (.not file.)
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Users\User 1\Daemon tools lite\DTLite.exe   =>.DT Soft Ltd
O4 - HKCU\..\Run: [PSwitch] C:\Program Files (x86)\Proxy Switcher Standard\ProxySwitcher.exe (.not file.)
O4 - HKCU\..\Run: [VeodinKeyRocket] C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Veodin\KeyRocket.appref-ms (.not file.)
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\User 1\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [ContentExplorer] . (.ContentExplorer - ContentExplorer.) -- C:\Users\User 1\AppData\Roaming\ContentExplorer\ContentExplorer.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe   =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKUS\.DEFAULT\..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (.not file.)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (.not file.)
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3871448519-1215792208-1213526283-1000\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (.not file.)
O4 - HKUS\S-1-5-21-3871448519-1215792208-1213526283-1000\..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe (.not file.)
O4 - HKUS\S-1-5-21-3871448519-1215792208-1213526283-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Users\User 1\Daemon tools lite\DTLite.exe   =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-3871448519-1215792208-1213526283-1000\..\Run: [PSwitch] C:\Program Files (x86)\Proxy Switcher Standard\ProxySwitcher.exe (.not file.)
O4 - HKUS\S-1-5-21-3871448519-1215792208-1213526283-1000\..\Run: [VeodinKeyRocket] C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Veodin\KeyRocket.appref-ms (.not file.)
O4 - HKUS\S-1-5-21-3871448519-1215792208-1213526283-1000\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\User 1\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-3871448519-1215792208-1213526283-1000\..\Run: [ContentExplorer] . (.ContentExplorer - ContentExplorer.) -- C:\Users\User 1\AppData\Roaming\ContentExplorer\ContentExplorer.exe
~ Application:  Scanned in 00mn AMs



---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons:  Scanned in 00mn AMs



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains] http.aeriagames.com
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance:  Scanned in 00mn AMs



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3D3C7E4D-846B-4760-938D-6A838DB7FEAE}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{5DBC025C-8AA2-4D58-83AF-99737ADFB624}: NameServer = 10.17.92.253 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{63589A80-2960-4539-9986-BC1B314358B4}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{63589A80-2960-4539-9986-BC1B314358B4}: DhcpNameServer = 172.31.1.1 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.31.1.1 8.8.8.8 8.8.4.4
~ Domain:  Scanned in 00mn AMs



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn AMs



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn AMs



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: WinFilter (03e661da) . (...) - c:\progra~3\winfil~1\WinFilterSvc.dll (.not file.)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) . (...) - C:\Windows\System32\viakaraokesrv.exe (.not file.)
~ Services: 12 Legitimates Filtered in 03mn AMs



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [Baidu PC Faster Service] (...) -- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [Baidu PC Faster Update] (...) -- C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\Updater.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [Registry Optimizer] (...) -- C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{54A1D7F2-178E-4BF0-8CCC-6D5692CD7135}] (...) -- C:\Users\User 1\Desktop\Rodrigo\Jogos\Cleo snow\SnowFX V1.01\SnowFX-Setup-v101.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{D7CB7C34-C82C-4E01-84DC-C7BD1FC12609}] (...) -- C:\Users\User 1\Downloads\PedalToTheMetalSetup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{E295344F-AB0A-4B74-806B-1C89D6B7B80B}] (...) -- C:\Users\User 1\Desktop\Rodrigo\Bus Driver\Bus Driver\busdriver_setup.exe (.not file.)   [0]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [902]
O39 - APT:  - (..) -- C:\Windows\Tasks\Final Media Player Update Checker.job   [412]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Final Media Player Update Checker   [412]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1064]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1068]
~ Scheduled Task: 22 Legitimates Filtered in 03mn AMs



---\\ Software instalados (042)
O42 - Logiciel: 3DSexVilla2 - (.ThriXXX.) [HKCU][64Bits] -- 3DSexVilla2
O42 - Logiciel: Acelerador de Downloads - (.Acelerador de Downloads.) [HKLM][64Bits] -- {33BB1D6F-2708-4B3F-92FC-639B9540F1A1}_is1
O42 - Logiciel: BMICalculator  - (...) [HKLM][64Bits] -- BMICalculator
O42 - Logiciel: Bomberman Online World 4.5 BR versão 4.5.0 - (...) [HKLM][64Bits] -- {8F9B6DF7-24F7-4F40-9F27-B76F8F2D1BEA}_is1
O42 - Logiciel: Bá Vương Online - (.PlayPark.vn.) [HKLM][64Bits] -- {45CCF4CB-EB83-4CE9-9D57-4D95C94A45C9}_is1
O42 - Logiciel: ContentExplorer - (.ContentExplorer.net.) [HKLM][64Bits] -- ContentExplorer
O42 - Logiciel: DETRAN-PE - Prova Eletrônica 4.1 - (.DETRAN-PE.) [HKLM][64Bits] -- {D529C0D9-C9D7-4E6E-82F1-66F1A821EAD6}_is1
O42 - Logiciel: DMO Egg Adder version 1.1 - (.Cheater, Inc..) [HKLM][64Bits] -- {69487137-DB13-4CDB-B7B1-5F800A9F19E9}_is1
O42 - Logiciel: Define Ext - (.DefineExt.com.) [HKCU][64Bits] -- Define Ext
O42 - Logiciel: EZ Macros - (...) [HKLM][64Bits] -- EZMacros
O42 - Logiciel: Efficient WMA MP3 Converter version 0.99.9.3 - (...) [HKLM][64Bits] -- Efficient WMA MP3 Converter_is1
O42 - Logiciel: GDMO - (...) [HKLM][64Bits] -- DMO
O42 - Logiciel: Gerenciador de Downloads - (.Level Up! Gerenciador.) [HKCU][64Bits] -- a54e16f5d00985b6
O42 - Logiciel: Grand Chase - (.KOG.) [HKLM][64Bits] -- GrandChaseInstaller_is1
O42 - Logiciel: Little Fighter - (...) [HKLM][64Bits] -- Little Fighter
O42 - Logiciel: MuAwaY versão 97d+1.0 Custons Completo - (.MuAwaY, Inc..) [HKLM][64Bits] -- {36ABC48E-0DB5-4DA8-A6EE-1F491D2C563C}_is1
O42 - Logiciel: Paint XP version 1.1 - (.MSPAINTXP.COM.) [HKLM][64Bits] -- {2367FAB6-055A-4923-835F-F57F7BBBA363}_is1
O42 - Logiciel: Play Pickle Games Console - (.Play Turtle,LLC.) [HKCU][64Bits] -- PlayPickle
O42 - Logiciel: Responding Heads - (.AdSa Software Development.) [HKLM][64Bits] -- {72273B4F-D703-4F02-BB03-A5D04A30B260}
O42 - Logiciel: Sexy Beach 3 Platinum Pack - (.ILLUSION.) [HKLM][64Bits] -- {BE43FDDD-F003-494F-952A-69731FF82197}
O42 - Logiciel: Super nude patch 3 1.0 - (.Pandora sims.) [HKLM][64Bits] -- Super_nude_patch_II_1.0
O42 - Logiciel: TidyNetwork.com - (.TidyNetwork.com.) [HKCU][64Bits] -- TidyNetwork.com  =>Adware.TidyNetwork
O42 - Logiciel: Tintii - (...) [HKLM][64Bits] -- tintii
O42 - Logiciel: Warmux - (...) [HKLM][64Bits] -- Warmux
O42 - Logiciel: Zone4 Brasil - (...) [HKCU][64Bits] -- Zone4 Brasil
~ Logic: 46 Legitimates Filtered in 01mn AMs
speed2050
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty (RESOLVIDO) '-' part 2

Mensagem por speed2050 Qua 04 Jun 2014, 20:58

---\\ HKCU & HKLM Software Keys
[HKCU\Software\4kdownload.com]
[HKCU\Software\AI_RecycleBin]
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\ContentExplorer]
[HKCU\Software\IncrediMail]
[HKCU\Software\Install]
[HKCU\Software\Misfit Code]
[HKCU\Software\Nimonix]
[HKCU\Software\ONGAME]
[HKCU\Software\Pando Networks]
[HKCU\Software\Pelikan13]
[HKCU\Software\RobloxReg]
[HKCU\Software\StudioQTRobloxReg]
[HKCU\Software\UltraDownloads.com.br]
[HKCU\Software\WrapApp]
[HKCU\Software\indii.org]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\Baidu Security]
[HKLM\Software\Wow6432Node\360Safe]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Define Ext]
[HKLM\Software\Wow6432Node\Deskmedia]
[HKLM\Software\Wow6432Node\File Type Helper]
[HKLM\Software\Wow6432Node\ILLUSION]
[HKLM\Software\Wow6432Node\LessTabs]
[HKLM\Software\Wow6432Node\Level Up! Interactive]
[HKLM\Software\Wow6432Node\Level Up!]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\PlayPark]
[HKLM\Software\Wow6432Node\SK.Enhancer]  =>Adware.SurfAndKeep
[HKLM\Software\Wow6432Node\ZUpdater]
[HKLM\Software\Wow6432Node\indii.org]
~ Key Software: 537 Legitimates Filtered in 01mn AMs



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 6/3/2014 - 1:05:02 AM - [] ----D C:\Program Files (x86)\4KDownload
O43 - CFD: 10/14/2012 - 5:52:42 PM - [0] ----D C:\Program Files (x86)\Acelerador de Downloads
O43 - CFD: 1/13/2013 - 11:10:17 PM - [0] ----D C:\Program Files (x86)\BMICalculator
O43 - CFD: 5/23/2013 - 9:21:30 AM - [] ----D C:\Program Files (x86)\DETRAN-PE - Prova Eletrônica
O43 - CFD: 4/6/2014 - 12:45:11 AM - [0] ----D C:\Program Files (x86)\DMO Egg Adder
O43 - CFD: 2/13/2014 - 1:58:33 AM - [] ----D C:\Program Files (x86)\Efficient WMA MP3 Converter
O43 - CFD: 4/24/2014 - 1:15:46 AM - [] ----D C:\Program Files (x86)\FarCry 3
O43 - CFD: 2/2/2014 - 9:02:17 PM - [] ----D C:\Program Files (x86)\ONGAME
O43 - CFD: 4/2/2014 - 1:02:32 AM - [] ----D C:\Program Files (x86)\Paint XP
O43 - CFD: 7/19/2013 - 2:19:59 PM - [0] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 10/24/2013 - 10:57:05 PM - [] ----D C:\Program Files (x86)\PlayPark
O43 - CFD: 10/22/2013 - 1:23:41 PM - [] ----D C:\Program Files (x86)\Silent Hill Homecoming
O43 - CFD: 1/24/2014 - 6:06:42 PM - [0] ----D C:\Program Files (x86)\Speed Gear
O43 - CFD: 12/26/2012 - 11:56:34 PM - [] ----D C:\Program Files (x86)\Warmux
O43 - CFD: 1/13/2013 - 11:06:30 PM - [] ----D C:\Program Files (x86)\WrapApp
O43 - CFD: 10/12/2012 - 10:22:30 AM - [] ----D C:\ProgramData\levelup downloader
O43 - CFD: 8/6/2013 - 10:28:37 PM - [] ----D C:\Users\User 1\AppData\Roaming\BoneTown
O43 - CFD: 6/3/2014 - 1:11:45 AM - [] ----D C:\Users\User 1\AppData\Roaming\ContentExplorer
O43 - CFD: 6/3/2014 - 1:07:17 AM - [] ----D C:\Users\User 1\AppData\Local\4kdownload.com
O43 - CFD: 10/12/2012 - 2:05:49 AM - [] ----D C:\Users\User 1\AppData\Local\Balanced Worlds
O43 - CFD: 10/12/2012 - 10:22:30 AM - [] ----D C:\Users\User 1\AppData\Local\Level Up!
O43 - CFD: 2/24/2013 - 10:44:53 PM - [] ----D C:\Users\User 1\AppData\Local\Roblox
O43 - CFD: 2/16/2014 - 9:30:07 PM - [] ----D C:\Users\User 1\AppData\Local\Veodin
O43 - CFD: 2/13/2014 - 1:59:01 AM - [] ----D C:\Users\User 1\AppData\Local\WmaMp3-Converter.com
O43 - CFD: 4/2/2013 - 1:21:39 AM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3DSexVilla2
O43 - CFD: 8/5/2013 - 7:44:39 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Define Ext
O43 - CFD: 10/14/2012 - 11:51:30 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up!
O43 - CFD: 11/12/2013 - 9:56:41 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up! Gerenciador
O43 - CFD: 2/10/2014 - 9:39:09 AM - [0] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Fighter 2 version 2.0a
O43 - CFD: 4/17/2013 - 6:29:50 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayPickle
O43 - CFD: 2/24/2013 - 10:08:23 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
O43 - CFD: 1/13/2013 - 11:09:10 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WrapApp
O43 - CFD: 2/2/2014 - 9:02:17 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zone4 Brasil
~ Program Folder: 291 Legitimates Filtered in 00mn AMs



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.42EA2023AEF7DF0700526FA93FA88488] - 6/3/2014 - 1:13:50 AM ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys   [85824]
O44 - LFC:[MD5.42AB71D1C7E65AF187961F70DEEA419D] - 6/3/2014 - 6:10:02 PM ---A- . (...) -- C:\zoek-results2014-06-03-211002.log   [62711]
O44 - LFC:[MD5.2919BBA38549DFC8AEFCAB6808502544] - 6/4/2014 - 5:21:17 PM ---A- . (...) -- C:\zoek-results2014-06-04-202117.log   [244238]
O44 - LFC:[MD5.B8CF08EA24052E288A826674DBA75EF7] - 6/4/2014 - 7:21:46 PM ---A- . (...) -- C:\Windows\System32\prfc0416.dat   [127896]
O44 - LFC:[MD5.18903A5111917D01F4453D44C5A1EAC7] - 6/4/2014 - 7:21:46 PM ---A- . (...) -- C:\Windows\System32\prfh0416.dat   [663606]
O44 - LFC:[MD5.BD7AE23A4476DF831A291F24425EB250] - 6/4/2014 - 8:06:37 PM ---A- . (...) -- C:\zoek-results.log   [1313]
~ Files: 14 Legitimates Filtered in 01mn AMs



---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks:  Scanned in 00mn AMs



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{7f401d78-b278-11e2-adaa-080027002c55}\AutoRun\command. (...) -- E:\Startme.exe (.not file.)
O51 - MPSK:{cc17553f-0e5c-11e3-a6f0-c89cdc4cca62}\AutoRun\command. (...) -- E:\Startme.exe (.not file.)
~ Keys:  Scanned in 00mn AMs



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Exetender  [Key] . (...) -- C:\Program Files (x86)\Free Ride Games\GPlayer.exe (.not file.)
~ SMSR Keys: 10 Legitimates Filtered in 00mn AMs



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn AMs



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn AMs



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:9/17/2012 - 7:58:30 PM R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys   [288688]
O58 - SDL:5/11/2014 - 12:33:20 PM ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys   [29208]  =>.ALWIL Software
O58 - SDL:5/11/2014 - 12:33:20 PM ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys   [65776]  =>.ALWIL Software
O58 - SDL:5/11/2014 - 12:33:20 PM ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys   [208416]  =>.ALWIL Software
O58 - SDL:3/11/2014 - 12:14:02 AM ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys   [85824]
O58 - SDL:7/13/2009 - 10:47:48 PM ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:6/10/2009 - 5:31:59 PM ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:1/4/2012 - 8:01:58 PM ---A- . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\Drivers\HssDrv.sys   [56832]
O58 - SDL:7/13/2009 - 10:45:55 PM ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:12/15/2011 - 8:29:42 PM ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys   [31232]
O58 - SDL:8/20/2012 - 11:07:58 PM ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901_openvpn_accl.sys   [37912]
O58 - SDL:1/4/2012 - 8:01:54 PM ---A- . (.AnchorFree Inc - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\taphss.sys   [37888]
O58 - SDL:7/15/2012 - 10:48:16 AM ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tapoas.sys   [30720]
O58 - SDL:5/8/2013 - 9:52:48 AM ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys   [49536]
O58 - SDL:9/23/2013 - 12:20:50 PM ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys   [31088]
~ Drivers: 81 Legitimates Filtered in 03mn AMs



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn AMs



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 5/11/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
~ Legacy: 92 Legitimates Filtered in 00mn AMs



---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn AMs



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Comodo - Comodo Dragon.) -- C:\Program Files (x86)\Comodo\Dragon\dragon.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe
~ Keys:  Scanned in 00mn AMs



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys:  Scanned in 00mn AMs



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][6/3/2014] (...) -- C:\Users\User 1\Desktop\zoek.exe   [1285120]
~ Files: 4 Legitimates Filtered in 00mn AMs



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{0D7D0FDF-20D9-4287-8B33-65391B0B540F}C:\users\user 1\downloads\utorrent.exe" | In - Public - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\users\user 1\downloads\utorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "UDP Query User{26D3ED2D-8C4D-40C6-9A2D-C51D9DB91A1F}C:\users\user 1\downloads\utorrent.exe" | In - Public - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\users\user 1\downloads\utorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{DEB31190-A0D2-43DF-BE0F-07C43A8D0B01}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Users\User 1\Downloads\uTorrent.exe  =>P2P.BitTorrent
O87 - FAEL: "{E11B2A84-8FF1-4E74-AA86-71964E31921F}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Users\User 1\Downloads\uTorrent.exe  =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 02mn AMs



---\\ Listagem dos dados da chave NameSpace (MNS) (O92)
O92 - MNS:  - {35B6525E-071A-4EA9-B3BD-F6A742572F08}
~ MNS: 1 Legitimates Filtered in 00mn AMs



---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.D28CBC8B668D3C8643E65A22C3F86C3B] [WIS][4/18/2013] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\f93f78.msi   [3673600]  =>PUP.SweetIM
~ WIS: 1 Legitimates Filtered in 03mn AMs



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultTabSearch_RASAPI32  =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultTabSearch_RASMANCS  =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FastFreeConverter_Somoto2_RASAPI32  =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FastFreeConverter_Somoto2_RASMANCS  =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\funmoods_RASAPI32  =>PUP.Funmoods
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\funmoods_RASMANCS  =>PUP.Funmoods
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_20120911_RASAPI32  =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_20120911_RASMANCS  =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Optimizer_Pro_RASAPI32  =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Optimizer_Pro_RASMANCS  =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\savings sidekick-bg_RASAPI32  =>Adware.GamePlayLabs
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\savings sidekick-bg_RASMANCS  =>Adware.GamePlayLabs
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASMANCS  =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32  =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS  =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz_RASAPI32  =>PUP.Duuqu
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz_RASMANCS  =>PUP.Duuqu
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeInstall_RASAPI32  =>Adware.VisualBeeToolbar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeInstall_RASMANCS  =>Adware.VisualBeeToolbar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Wajam_RocketFuelInstaller_RASAPI32  =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Wajam_RocketFuelInstaller_RASMANCS  =>PUP.Wajam
~ BTK: 833 Legitimates Filtered in 00mn AMs



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 7/10/1658 0 |  (03e661da) . (...) - c:\progra~3\winfil~1\WinFilterSvc.dll
SS - | Demand 12/21/2013 72704 |  (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SS - | Demand 5/14/2014 257712 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 4/26/2012 2438696 |  (CGVPNCliSrvc) . (.mobile concepts GmbH.) - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
SS - | Demand 12/18/2013 654848 |  (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 10/10/2012 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 10/10/2012 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/16/2012 115168 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 7/10/1658 0 |  (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des
SS - | Auto 10/23/2013 172192 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 2/4/2013 155824 |  (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
SS - | Auto 7/10/1658 0 |  (VIAKaraokeService) . (...) - C:\Windows\System32\viakaraokesrv.exe
SS - | Demand 7/10/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SS - | Disabled 7/13/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 5/10/2013 65640 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 5/11/2014 50344 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 2/28/2006 229376 |  (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
SR - | Auto 5/21/2014 2135232 |  (DragonUpdater) . (...) - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
SR - | Auto 5/13/2014 2228048 |  (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SR - | Auto 4/15/2014 377616 |  (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
SR - | Auto 12/20/2010 325656 |  (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 7/20/2009 935208 |  (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 3/10/2010 189728 |  (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 12/20/2010 2656280 |  (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 7/13/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 06mn AMs



---\\ Scâner Aditional (088)
Database Version : 13026 - (5/30/2014)
Clés trouvées (Keys found) : 26
Valeurs trouvées (Values found) : 2
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 2

[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\TidyNetwork.com]   =>Adware.TidyNetwork^
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}]   =>PUP.SpecialSavings
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635]   =>PUP.SweetIM
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv]   =>Trojan.Adclicker
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]   =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]   =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\360Safe]   =>Trojan.Lozavita
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156]   =>PUP.SweetIM^
[HKLM\Software\Wow6432Node\SK.Enhancer]   =>Adware.SurfAndKeep^
C:\Windows\Installer\f93f78.msi   =>PUP.SweetIM^
~ Additionnel Scan: 307517 Items scanned in 54mn AMs



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Hijacker.Proxy
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Hijacker.22Find
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.TidyNetwork
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.SurfAndKeep
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.SweetIM
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.Bandoo
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.MegaSearch
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.Funmoods
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.IMBooster
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.OptimizerPro
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.GamePlayLabs
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.Duuqu
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Adware.VisualBeeToolbar
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.Wajam
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.SpecialSavings
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>PUP.Tarma
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]  =>Trojan.Lozavita
~ MSI: 17 link(s) detected in 00mn AMs



~ 1045 Legitimates filtered by white list
End of the scan (638 lines in 34mn AMs)(0)
speed2050
speed2050
Iniciante
Iniciante

Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014

Ir para o topo Ir para baixo

CE_UmbrellaCert como remove-lo ? Empty Re: CE_UmbrellaCert como remove-lo ?

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Página 1 de 2 1, 2  Seguinte

Ir para o topo

- Tópicos semelhantes

Fórum PC Brasil :: Segurança da Informação :: Casos Resolvidos

 
Permissões neste sub-fórum
Não podes responder a tópicos