Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14838 usuários registradosO último membro registrado é Lanterna Verde com Disco
Os nossos membros postaram um total de 36058 mensagens em 3689 assuntos
Quem está conectado?
Há 100 usuários online :: 0 registrados, 0 invisíveis e 100 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
CE_UmbrellaCert como remove-lo ?
3 participantes
Página 2 de 2
Página 2 de 2 • 1, 2
Re: CE_UmbrellaCert como remove-lo ?
Sugiro que desinstale o Bonjour, que é desnecessário.
_______________________________________________________________________________________________________________________
Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.
Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
______________________________________________________________________________________________________________________
Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta.
_______________________________________________________________________________________________________________________
Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.
Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
______________________________________________________________________________________________________________________
Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta.
Última edição por Power Max em Qui 05 Jun 2014, 01:02, editado 1 vez(es)
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO)hm
bom resolvendo o problema do CE_UmbrellaCert ja vai estar bom pra min meu amigo ai depois eu utilizarei o ccleaner como
você recomendou mas agora estou no aguardo da criação de logs pelo zhp fix .
você recomendou mas agora estou no aguardo da criação de logs pelo zhp fix .
speed2050- Iniciante
- Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014
(RESOLVIDO)logs zhp
Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by User 1 at 6/4/2014 11:51:23 PM
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit (Build 7600)
Reciclagem vazia (53mn AMs)
Reparação de atalhos do navegador
========== Softwares ==========
AUSENTE Uninstall Process: c:\program files (x86)\acelerador de downloads\unins000.exe
AUSENTE Uninstall Process: c:\users\user 1\appdata\roaming\contentexplorer\uninstall.exe
========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{33BB1D6F-2708-4B3F-92FC-639B9540F1A1}_is1]
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ContentExplorer]
ELIMINÉ: Service: 03e661da
ELIMINÉ: HKCU\Software\ContentExplorer
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\360Safe
ELIMINÉ: HKLM\Software\Wow6432Node\SK.Enhancer
ELIMINÉ: HKLM\Software\Wow6432Node\ZUpdater
ELIMINÉ CLSID MPSK: {7f401d78-b278-11e2-adaa-080027002c55}
ELIMINÉ CLSID MPSK: {cc17553f-0e5c-11e3-a6f0-c89cdc4cca62}
ELIMINÉ:* StartupReg: Exetender
ELIMINÉ:* CLSID NameSpace: {35B6525E-071A-4EA9-B3BD-F6A742572F08}
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultTabSearch_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultTabSearch_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FastFreeConverter_Somoto2_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FastFreeConverter_Somoto2_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\funmoods_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\funmoods_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_20120911_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_20120911_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Optimizer_Pro_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Optimizer_Pro_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\savings sidekick-bg_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\savings sidekick-bg_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeInstall_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeInstall_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Wajam_RocketFuelInstaller_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Wajam_RocketFuelInstaller_RASMANCS
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\TidyNetwork.com
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
ELIMINÉ: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
========== Valores do Registo ==========
ELIMINÉ RunValue: RGSC
ELIMINÉ RunValue: Weather
ELIMINÉ RunValue: PSwitch
ELIMINÉ RunValue: VeodinKeyRocket
ELIMINÉ RunValue: Akamai NetSession Interface
ELIMINÉ RunValue: ContentExplorer
ELIMINÉ RunValue: Exetender
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
ELIMINÉ: R1 Search Page =
========== Preferências do navegador ==========
ELIMINÉ: Opera Start Page: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\users\user 1\desktop\ddtank.lnk
ELIMINA REINICIAR: c:\users\user 1\appdata\local\akamai\netsession_win.exe
ELIMINA REINICIAR: c:\users\user 1\appdata\roaming\contentexplorer\contentexplorer.exe
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotectex.sys
ELIMINÉ: C:\Windows\Installer\f93f78.msi
ELIMINÉ Temporários windows (122) (2,604,861 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Tarefa planificada ==========
ELIMINÉ: Baidu PC Faster Service
ELIMINÉ: Baidu PC Faster Update
ELIMINÉ: Registry Optimizer
ELIMINÉ: {54A1D7F2-178E-4BF0-8CCC-6D5692CD7135}
ELIMINÉ: {D7CB7C34-C82C-4E01-84DC-C7BD1FC12609}
ELIMINÉ: {E295344F-AB0A-4B74-806B-1C89D6B7B80B}
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
55 : Chaves do Registo
13 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
7 : Ficheiros
2 : Softwares
1 : Preferências do navegador
6 : Tarefa planificada
1 : Restauração Sistema
End of clean in 21mn AMs
========== Caminho do ficheiro do relatório ==========
C:\Users\User 1\AppData\Roaming\ZHP\ZHPFix[R1].txt - 6/4/2014 11:52:17 PM [7781]
Fichier d'export Registre :
Run by User 1 at 6/4/2014 11:51:23 PM
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit (Build 7600)
Reciclagem vazia (53mn AMs)
Reparação de atalhos do navegador
========== Softwares ==========
AUSENTE Uninstall Process: c:\program files (x86)\acelerador de downloads\unins000.exe
AUSENTE Uninstall Process: c:\users\user 1\appdata\roaming\contentexplorer\uninstall.exe
========== Chaves do Registo ==========
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{33BB1D6F-2708-4B3F-92FC-639B9540F1A1}_is1]
ELIMINÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ContentExplorer]
ELIMINÉ: Service: 03e661da
ELIMINÉ: HKCU\Software\ContentExplorer
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\360Safe
ELIMINÉ: HKLM\Software\Wow6432Node\SK.Enhancer
ELIMINÉ: HKLM\Software\Wow6432Node\ZUpdater
ELIMINÉ CLSID MPSK: {7f401d78-b278-11e2-adaa-080027002c55}
ELIMINÉ CLSID MPSK: {cc17553f-0e5c-11e3-a6f0-c89cdc4cca62}
ELIMINÉ:* StartupReg: Exetender
ELIMINÉ:* CLSID NameSpace: {35B6525E-071A-4EA9-B3BD-F6A742572F08}
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultTabSearch_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DefaultTabSearch_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FastFreeConverter_Somoto2_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\FastFreeConverter_Somoto2_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\funmoods_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\funmoods_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_20120911_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IminentSetup_20120911_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Optimizer_Pro_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Optimizer_Pro_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\savings sidekick-bg_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\savings sidekick-bg_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeInstall_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeInstall_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Wajam_RocketFuelInstaller_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Wajam_RocketFuelInstaller_RASMANCS
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\TidyNetwork.com
ELIMINÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
ELIMINÉ: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
========== Valores do Registo ==========
ELIMINÉ RunValue: RGSC
ELIMINÉ RunValue: Weather
ELIMINÉ RunValue: PSwitch
ELIMINÉ RunValue: VeodinKeyRocket
ELIMINÉ RunValue: Akamai NetSession Interface
ELIMINÉ RunValue: ContentExplorer
ELIMINÉ RunValue: Exetender
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
ELIMINÉ: R1 Search Page =
========== Preferências do navegador ==========
ELIMINÉ: Opera Start Page: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\users\user 1\desktop\ddtank.lnk
ELIMINA REINICIAR: c:\users\user 1\appdata\local\akamai\netsession_win.exe
ELIMINA REINICIAR: c:\users\user 1\appdata\roaming\contentexplorer\contentexplorer.exe
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotectex.sys
ELIMINÉ: C:\Windows\Installer\f93f78.msi
ELIMINÉ Temporários windows (122) (2,604,861 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Tarefa planificada ==========
ELIMINÉ: Baidu PC Faster Service
ELIMINÉ: Baidu PC Faster Update
ELIMINÉ: Registry Optimizer
ELIMINÉ: {54A1D7F2-178E-4BF0-8CCC-6D5692CD7135}
ELIMINÉ: {D7CB7C34-C82C-4E01-84DC-C7BD1FC12609}
ELIMINÉ: {E295344F-AB0A-4B74-806B-1C89D6B7B80B}
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
55 : Chaves do Registo
13 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
7 : Ficheiros
2 : Softwares
1 : Preferências do navegador
6 : Tarefa planificada
1 : Restauração Sistema
End of clean in 21mn AMs
========== Caminho do ficheiro do relatório ==========
C:\Users\User 1\AppData\Roaming\ZHP\ZHPFix[R1].txt - 6/4/2014 11:52:17 PM [7781]
speed2050- Iniciante
- Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014
Re: CE_UmbrellaCert como remove-lo ?
Reinicie o PC para o ZHP completar a limpeza dele. Depois de reiniciar faça o seguinte:
Abra novamente o ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Abra novamente o ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO)part 1 zhp txt
~ Tradução pelo utilizador
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 12.0
GCIE: Google Chrome v35.0.1916.114
OPIE: Opera v12.17
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit (Build 7600)
Windows Server License Manager Script : OK
---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2018
Malwarebytes Anti-Malware versão 1.75.0.1300
Windows Defender W7 (Activate)
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
µTorrent v3.2.3.28705 =>P2P.µTorrent
---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader X
Java 7 Update 21
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4002.9 MB (58% free)
System Restore: Activé (Enable)
System drive C: has 308 GB (66%) free of 466 GB
---\\ Modo de conexão ao sistema
~ Computer Name: USER1-PC
~ User Name: User 1
~ All Users Names: User 1, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\User 1\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\User 1\AppData\Roaming\
~ %Desktop% : C:\Users\User 1\Desktop\
~ %Favorites% : C:\Users\User 1\Favorites\
~ %LocalAppData% : C:\Users\User 1\AppData\Local\
~ %StartMenu% : C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 308 Go of 466 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 49 Legitimates Filtered in 00mn AMs
---\\ Pesquisa particular de ficheiros genéricos
[MD5.C235A51CB740E45FFA0EBFB9BAFCDA64] - (.Microsoft Corporation - Windows Explorer.) (.7/13/2009 - 10:39:10 PM.) -- C:\Windows\Explorer.exe [2868224]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.7/13/2009 - 10:39:52 PM.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.B1037F0131C9A010D611F6914E03CD92] - (.Microsoft Corporation - Internet Extensions para Win32.) (.7/13/2009 - 10:41:56 PM.) -- C:\Windows\System32\wininet.dll [1193472]
[MD5.132328DF455B0028F13BF0ABEE51A63A] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.7/13/2009 - 10:39:52 PM.) -- C:\Windows\System32\Winlogon.exe [389120]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.7/13/2009 - 10:41:54 PM.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.B9384E03479D2506BC924C16A3DB87BC] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.7/13/2009 - 8:21:42 PM.) -- C:\Windows\system32\Drivers\AFD.sys [500224]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/13/2009 - 10:52:21 PM.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.7/13/2009 - 8:19:47 PM.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.7/13/2009 - 8:19:54 PM.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.3F1DC527070ACB87E40AFE46EF6DA749] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.7/13/2009 - 8:23:44 PM.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.7/13/2009 - 9:06:13 PM.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.7/13/2009 - 8:19:57 PM.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.7/13/2009 - 9:10:03 PM.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.CFDCD8CA87C2A657DEBC150AC35B5E08] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.7/13/2009 - 8:24:00 PM.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157184]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.7/13/2009 - 8:21:29 PM.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.356698A13C4630D5B31C37378D469196] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.7/13/2009 - 10:48:27 PM.) -- C:\Windows\system32\Drivers\ntfs.sys [1659984]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.7/13/2009 - 9:00:41 PM.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.7/13/2009 - 9:10:12 PM.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.7/13/2009 - 9:18:02 PM.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.7/13/2009 - 9:09:09 PM.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.7/13/2009 - 8:21:15 PM.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.7/13/2009 - 10:45:55 PM.) -- C:\Windows\system32\Drivers\volsnap.sys [294992]
~ Generic Processes: Scanned in 00mn AMs
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/15
~ Mes Videos (My Videos) : 1/65
~ Mes Favoris (My Favorites) : 1/22
~ Mes Documents (My Documents) : 2/253
~ Mon Bureau (My Desktop) : 3/4694
~ Menu demarrer (Programs) : 1/65
~ Hidden Files: Scanned in 07mn AMs
---\\ Processos lançados
[MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3344]
[MD5.92BC91BEB19BE1F03DB9664AD47120B2] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [3888648] [PID.3380]
[MD5.2F0DEB0C6413D9DEABFD95A950A422CD] - (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736] [PID.3408]
[MD5.EF175F7E495F0EEF516BE76A3F3D3011] - (.Comodo - Comodo Dragon.) -- C:\Program Files (x86)\Comodo\Dragon\dragon.exe [1261248] [PID.4060]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488] [PID.2564]
[MD5.6D652B06EB3916DC41A9DBBBC4EDEED1] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8020480] [PID.3872]
~ Processes Running: Scanned in 00mn AMs
---\\ Opera, Plugins,Arranque,Pesquisa (P1,B0,B1)
B0 - SPO: operaprefs.ini [User 1] Home URL=http://www.google.com/
~ Opera Browser: 1 Legitimates Filtered in 00mn AMs
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn AMs
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\prefs.js
M3 - MFPP: Plugins - [User 1] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\buscape.xml
M3 - MFPP: Plugins - [User 1] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\mercadolivre.xml
M3 - MFPP: Plugins - [User 1] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-br.xml
M3 - MFPP: Plugins - [User 1] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-br.xml
P2 - FPN: [HKCU] [BalancedWorlds.com/WebLauncher] - (.BalancedWorlds - web plugin used to launch client.) -- C:\Users\User 1\AppData\Local\Balanced Worlds\BWGameEngine\npWebLauncher.dll
~ Firefox Browser: 10 Legitimates Filtered in 00mn AMs
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:54893;https=127.0.0.1:54893; =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn AMs
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn AMs
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn AMs
~ Nombre de lignes (Lines number): 21
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (...) -- (.not file.)
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Chave orfã
~ Toolbar: Scanned in 00mn AMs
---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [User 1]: µTorrent.lnk . (...) -- C:\Program Files (x86)\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
~ Global Startup: 1 Legitimates Filtered in 04mn AMs
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Users\User 1\Daemon tools lite\DTLite.exe =>.DT Soft Ltd
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3871448519-1215792208-1213526283-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Users\User 1\Daemon tools lite\DTLite.exe =>.DT Soft Ltd
~ Application: Scanned in 00mn AMs
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn AMs
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains] http.aeriagames.com
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn AMs
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3D3C7E4D-846B-4760-938D-6A838DB7FEAE}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{63589A80-2960-4539-9986-BC1B314358B4}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{8B45A0FF-26B3-447B-A665-86480CBF9224}: NameServer = 10.17.92.253 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{63589A80-2960-4539-9986-BC1B314358B4}: DhcpNameServer = 172.31.1.1 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.31.1.1 8.8.8.8 8.8.4.4
~ Domain: Scanned in 00mn AMs
---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn AMs
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn AMs
---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\Tasks\Final Media Player Update Checker.job [412]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Final Media Player Update Checker [412]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1064]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1068]
~ Scheduled Task: 16 Legitimates Filtered in 03mn AMs
---\\ Software instalados (042)
O42 - Logiciel: 3DSexVilla2 - (.ThriXXX.) [HKCU][64Bits] -- 3DSexVilla2
O42 - Logiciel: BMICalculator - (...) [HKLM][64Bits] -- BMICalculator
O42 - Logiciel: Bomberman Online World 4.5 BR versão 4.5.0 - (...) [HKLM][64Bits] -- {8F9B6DF7-24F7-4F40-9F27-B76F8F2D1BEA}_is1
O42 - Logiciel: Bá Vương Online - (.PlayPark.vn.) [HKLM][64Bits] -- {45CCF4CB-EB83-4CE9-9D57-4D95C94A45C9}_is1
O42 - Logiciel: DETRAN-PE - Prova Eletrônica 4.1 - (.DETRAN-PE.) [HKLM][64Bits] -- {D529C0D9-C9D7-4E6E-82F1-66F1A821EAD6}_is1
O42 - Logiciel: DMO Egg Adder version 1.1 - (.Cheater, Inc..) [HKLM][64Bits] -- {69487137-DB13-4CDB-B7B1-5F800A9F19E9}_is1
O42 - Logiciel: Define Ext - (.DefineExt.com.) [HKCU][64Bits] -- Define Ext
O42 - Logiciel: EZ Macros - (...) [HKLM][64Bits] -- EZMacros
O42 - Logiciel: Efficient WMA MP3 Converter version 0.99.9.3 - (...) [HKLM][64Bits] -- Efficient WMA MP3 Converter_is1
O42 - Logiciel: GDMO - (...) [HKLM][64Bits] -- DMO
O42 - Logiciel: Gerenciador de Downloads - (.Level Up! Gerenciador.) [HKCU][64Bits] -- a54e16f5d00985b6
O42 - Logiciel: Grand Chase - (.KOG.) [HKLM][64Bits] -- GrandChaseInstaller_is1
O42 - Logiciel: Little Fighter - (...) [HKLM][64Bits] -- Little Fighter
O42 - Logiciel: MuAwaY versão 97d+1.0 Custons Completo - (.MuAwaY, Inc..) [HKLM][64Bits] -- {36ABC48E-0DB5-4DA8-A6EE-1F491D2C563C}_is1
O42 - Logiciel: Paint XP version 1.1 - (.MSPAINTXP.COM.) [HKLM][64Bits] -- {2367FAB6-055A-4923-835F-F57F7BBBA363}_is1
O42 - Logiciel: Play Pickle Games Console - (.Play Turtle,LLC.) [HKCU][64Bits] -- PlayPickle
O42 - Logiciel: Responding Heads - (.AdSa Software Development.) [HKLM][64Bits] -- {72273B4F-D703-4F02-BB03-A5D04A30B260}
O42 - Logiciel: Sexy Beach 3 Platinum Pack - (.ILLUSION.) [HKLM][64Bits] -- {BE43FDDD-F003-494F-952A-69731FF82197}
O42 - Logiciel: Super nude patch 3 1.0 - (.Pandora sims.) [HKLM][64Bits] -- Super_nude_patch_II_1.0
O42 - Logiciel: Tintii - (...) [HKLM][64Bits] -- tintii
O42 - Logiciel: Warmux - (...) [HKLM][64Bits] -- Warmux
O42 - Logiciel: Zone4 Brasil - (...) [HKCU][64Bits] -- Zone4 Brasil
~ Logic: 44 Legitimates Filtered in 01mn AMs
---\\ HKCU & HKLM Software Keys
[HKCU\Software\4kdownload.com]
[HKCU\Software\AI_RecycleBin]
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\IncrediMail]
[HKCU\Software\Install]
[HKCU\Software\Misfit Code]
[HKCU\Software\Nimonix]
[HKCU\Software\ONGAME]
[HKCU\Software\Pando Networks]
[HKCU\Software\Pelikan13]
[HKCU\Software\RobloxReg]
[HKCU\Software\StudioQTRobloxReg]
[HKCU\Software\TidyNetwork.com] =>Adware.TidyNetwork
[HKCU\Software\UltraDownloads.com.br]
[HKCU\Software\WrapApp]
[HKCU\Software\indii.org]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Define Ext]
[HKLM\Software\Wow6432Node\Deskmedia]
[HKLM\Software\Wow6432Node\File Type Helper]
[HKLM\Software\Wow6432Node\ILLUSION]
[HKLM\Software\Wow6432Node\LessTabs]
[HKLM\Software\Wow6432Node\Level Up! Interactive]
[HKLM\Software\Wow6432Node\Level Up!]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\PlayPark]
[HKLM\Software\Wow6432Node\indii.org]
~ Key Software: 527 Legitimates Filtered in 01mn AMs
~ Estatuto da versão : Nova Versão disponivel
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 12.0
GCIE: Google Chrome v35.0.1916.114
OPIE: Opera v12.17
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit (Build 7600)
Windows Server License Manager Script : OK
---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2018
Malwarebytes Anti-Malware versão 1.75.0.1300
Windows Defender W7 (Activate)
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
µTorrent v3.2.3.28705 =>P2P.µTorrent
---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader X
Java 7 Update 21
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4002.9 MB (58% free)
System Restore: Activé (Enable)
System drive C: has 308 GB (66%) free of 466 GB
---\\ Modo de conexão ao sistema
~ Computer Name: USER1-PC
~ User Name: User 1
~ All Users Names: User 1, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\User 1\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\User 1\AppData\Roaming\
~ %Desktop% : C:\Users\User 1\Desktop\
~ %Favorites% : C:\Users\User 1\Favorites\
~ %LocalAppData% : C:\Users\User 1\AppData\Local\
~ %StartMenu% : C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 308 Go of 466 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 49 Legitimates Filtered in 00mn AMs
---\\ Pesquisa particular de ficheiros genéricos
[MD5.C235A51CB740E45FFA0EBFB9BAFCDA64] - (.Microsoft Corporation - Windows Explorer.) (.7/13/2009 - 10:39:10 PM.) -- C:\Windows\Explorer.exe [2868224]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.7/13/2009 - 10:39:52 PM.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.B1037F0131C9A010D611F6914E03CD92] - (.Microsoft Corporation - Internet Extensions para Win32.) (.7/13/2009 - 10:41:56 PM.) -- C:\Windows\System32\wininet.dll [1193472]
[MD5.132328DF455B0028F13BF0ABEE51A63A] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.7/13/2009 - 10:39:52 PM.) -- C:\Windows\System32\Winlogon.exe [389120]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.7/13/2009 - 10:41:54 PM.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.B9384E03479D2506BC924C16A3DB87BC] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.7/13/2009 - 8:21:42 PM.) -- C:\Windows\system32\Drivers\AFD.sys [500224]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/13/2009 - 10:52:21 PM.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.7/13/2009 - 8:19:47 PM.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.7/13/2009 - 8:19:54 PM.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.3F1DC527070ACB87E40AFE46EF6DA749] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.7/13/2009 - 8:23:44 PM.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.7/13/2009 - 9:06:13 PM.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.7/13/2009 - 8:19:57 PM.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.7/13/2009 - 9:10:03 PM.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.CFDCD8CA87C2A657DEBC150AC35B5E08] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.7/13/2009 - 8:24:00 PM.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157184]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.7/13/2009 - 8:21:29 PM.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.356698A13C4630D5B31C37378D469196] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.7/13/2009 - 10:48:27 PM.) -- C:\Windows\system32\Drivers\ntfs.sys [1659984]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.7/13/2009 - 9:00:41 PM.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.7/13/2009 - 9:10:12 PM.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.7/13/2009 - 9:18:02 PM.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.7/13/2009 - 9:09:09 PM.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.7/13/2009 - 8:21:15 PM.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.7/13/2009 - 10:45:55 PM.) -- C:\Windows\system32\Drivers\volsnap.sys [294992]
~ Generic Processes: Scanned in 00mn AMs
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 1/15
~ Mes Videos (My Videos) : 1/65
~ Mes Favoris (My Favorites) : 1/22
~ Mes Documents (My Documents) : 2/253
~ Mon Bureau (My Desktop) : 3/4694
~ Menu demarrer (Programs) : 1/65
~ Hidden Files: Scanned in 07mn AMs
---\\ Processos lançados
[MD5.CE5C9977DA751DDC30952AC4DCBCA788] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3344]
[MD5.92BC91BEB19BE1F03DB9664AD47120B2] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [3888648] [PID.3380]
[MD5.2F0DEB0C6413D9DEABFD95A950A422CD] - (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736] [PID.3408]
[MD5.EF175F7E495F0EEF516BE76A3F3D3011] - (.Comodo - Comodo Dragon.) -- C:\Program Files (x86)\Comodo\Dragon\dragon.exe [1261248] [PID.4060]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488] [PID.2564]
[MD5.6D652B06EB3916DC41A9DBBBC4EDEED1] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8020480] [PID.3872]
~ Processes Running: Scanned in 00mn AMs
---\\ Opera, Plugins,Arranque,Pesquisa (P1,B0,B1)
B0 - SPO: operaprefs.ini [User 1] Home URL=http://www.google.com/
~ Opera Browser: 1 Legitimates Filtered in 00mn AMs
---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\User 1\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn AMs
---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
C:\Users\User 1\AppData\Roaming\Mozilla\Firefox\Profiles\7wjtq2xo.default\prefs.js
M3 - MFPP: Plugins - [User 1] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\buscape.xml
M3 - MFPP: Plugins - [User 1] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\mercadolivre.xml
M3 - MFPP: Plugins - [User 1] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-br.xml
M3 - MFPP: Plugins - [User 1] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-br.xml
P2 - FPN: [HKCU] [BalancedWorlds.com/WebLauncher] - (.BalancedWorlds - web plugin used to launch client.) -- C:\Users\User 1\AppData\Local\Balanced Worlds\BWGameEngine\npWebLauncher.dll
~ Firefox Browser: 10 Legitimates Filtered in 00mn AMs
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:54893;https=127.0.0.1:54893; =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn AMs
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn AMs
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn AMs
~ Nombre de lignes (Lines number): 21
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (...) -- (.not file.)
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Chave orfã
~ Toolbar: Scanned in 00mn AMs
---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [User 1]: µTorrent.lnk . (...) -- C:\Program Files (x86)\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
~ Global Startup: 1 Legitimates Filtered in 04mn AMs
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Users\User 1\Daemon tools lite\DTLite.exe =>.DT Soft Ltd
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3871448519-1215792208-1213526283-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Users\User 1\Daemon tools lite\DTLite.exe =>.DT Soft Ltd
~ Application: Scanned in 00mn AMs
---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Anotações Vinculadas do OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn AMs
---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\Domains] http.aeriagames.com
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
~ IE Zone Confiance: Scanned in 00mn AMs
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3D3C7E4D-846B-4760-938D-6A838DB7FEAE}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{63589A80-2960-4539-9986-BC1B314358B4}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{8B45A0FF-26B3-447B-A665-86480CBF9224}: NameServer = 10.17.92.253 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{63589A80-2960-4539-9986-BC1B314358B4}: DhcpNameServer = 172.31.1.1 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.31.1.1 8.8.8.8 8.8.4.4
~ Domain: Scanned in 00mn AMs
---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn AMs
---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn AMs
---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\Tasks\Final Media Player Update Checker.job [412]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Final Media Player Update Checker [412]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1064]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1068]
~ Scheduled Task: 16 Legitimates Filtered in 03mn AMs
---\\ Software instalados (042)
O42 - Logiciel: 3DSexVilla2 - (.ThriXXX.) [HKCU][64Bits] -- 3DSexVilla2
O42 - Logiciel: BMICalculator - (...) [HKLM][64Bits] -- BMICalculator
O42 - Logiciel: Bomberman Online World 4.5 BR versão 4.5.0 - (...) [HKLM][64Bits] -- {8F9B6DF7-24F7-4F40-9F27-B76F8F2D1BEA}_is1
O42 - Logiciel: Bá Vương Online - (.PlayPark.vn.) [HKLM][64Bits] -- {45CCF4CB-EB83-4CE9-9D57-4D95C94A45C9}_is1
O42 - Logiciel: DETRAN-PE - Prova Eletrônica 4.1 - (.DETRAN-PE.) [HKLM][64Bits] -- {D529C0D9-C9D7-4E6E-82F1-66F1A821EAD6}_is1
O42 - Logiciel: DMO Egg Adder version 1.1 - (.Cheater, Inc..) [HKLM][64Bits] -- {69487137-DB13-4CDB-B7B1-5F800A9F19E9}_is1
O42 - Logiciel: Define Ext - (.DefineExt.com.) [HKCU][64Bits] -- Define Ext
O42 - Logiciel: EZ Macros - (...) [HKLM][64Bits] -- EZMacros
O42 - Logiciel: Efficient WMA MP3 Converter version 0.99.9.3 - (...) [HKLM][64Bits] -- Efficient WMA MP3 Converter_is1
O42 - Logiciel: GDMO - (...) [HKLM][64Bits] -- DMO
O42 - Logiciel: Gerenciador de Downloads - (.Level Up! Gerenciador.) [HKCU][64Bits] -- a54e16f5d00985b6
O42 - Logiciel: Grand Chase - (.KOG.) [HKLM][64Bits] -- GrandChaseInstaller_is1
O42 - Logiciel: Little Fighter - (...) [HKLM][64Bits] -- Little Fighter
O42 - Logiciel: MuAwaY versão 97d+1.0 Custons Completo - (.MuAwaY, Inc..) [HKLM][64Bits] -- {36ABC48E-0DB5-4DA8-A6EE-1F491D2C563C}_is1
O42 - Logiciel: Paint XP version 1.1 - (.MSPAINTXP.COM.) [HKLM][64Bits] -- {2367FAB6-055A-4923-835F-F57F7BBBA363}_is1
O42 - Logiciel: Play Pickle Games Console - (.Play Turtle,LLC.) [HKCU][64Bits] -- PlayPickle
O42 - Logiciel: Responding Heads - (.AdSa Software Development.) [HKLM][64Bits] -- {72273B4F-D703-4F02-BB03-A5D04A30B260}
O42 - Logiciel: Sexy Beach 3 Platinum Pack - (.ILLUSION.) [HKLM][64Bits] -- {BE43FDDD-F003-494F-952A-69731FF82197}
O42 - Logiciel: Super nude patch 3 1.0 - (.Pandora sims.) [HKLM][64Bits] -- Super_nude_patch_II_1.0
O42 - Logiciel: Tintii - (...) [HKLM][64Bits] -- tintii
O42 - Logiciel: Warmux - (...) [HKLM][64Bits] -- Warmux
O42 - Logiciel: Zone4 Brasil - (...) [HKCU][64Bits] -- Zone4 Brasil
~ Logic: 44 Legitimates Filtered in 01mn AMs
---\\ HKCU & HKLM Software Keys
[HKCU\Software\4kdownload.com]
[HKCU\Software\AI_RecycleBin]
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\IncrediMail]
[HKCU\Software\Install]
[HKCU\Software\Misfit Code]
[HKCU\Software\Nimonix]
[HKCU\Software\ONGAME]
[HKCU\Software\Pando Networks]
[HKCU\Software\Pelikan13]
[HKCU\Software\RobloxReg]
[HKCU\Software\StudioQTRobloxReg]
[HKCU\Software\TidyNetwork.com] =>Adware.TidyNetwork
[HKCU\Software\UltraDownloads.com.br]
[HKCU\Software\WrapApp]
[HKCU\Software\indii.org]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Define Ext]
[HKLM\Software\Wow6432Node\Deskmedia]
[HKLM\Software\Wow6432Node\File Type Helper]
[HKLM\Software\Wow6432Node\ILLUSION]
[HKLM\Software\Wow6432Node\LessTabs]
[HKLM\Software\Wow6432Node\Level Up! Interactive]
[HKLM\Software\Wow6432Node\Level Up!]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\PlayPark]
[HKLM\Software\Wow6432Node\indii.org]
~ Key Software: 527 Legitimates Filtered in 01mn AMs
speed2050- Iniciante
- Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014
(RESOLVIDO)zhp part 2
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 6/3/2014 - 1:05:02 AM - [] ----D C:\Program Files (x86)\4KDownload
O43 - CFD: 1/13/2013 - 11:10:17 PM - [0] ----D C:\Program Files (x86)\BMICalculator
O43 - CFD: 5/23/2013 - 9:21:30 AM - [] ----D C:\Program Files (x86)\DETRAN-PE - Prova Eletrônica
O43 - CFD: 4/6/2014 - 12:45:11 AM - [0] ----D C:\Program Files (x86)\DMO Egg Adder
O43 - CFD: 2/13/2014 - 1:58:33 AM - [] ----D C:\Program Files (x86)\Efficient WMA MP3 Converter
O43 - CFD: 4/24/2014 - 1:15:46 AM - [] ----D C:\Program Files (x86)\FarCry 3
O43 - CFD: 2/2/2014 - 9:02:17 PM - [] ----D C:\Program Files (x86)\ONGAME
O43 - CFD: 4/2/2014 - 1:02:32 AM - [] ----D C:\Program Files (x86)\Paint XP
O43 - CFD: 7/19/2013 - 2:19:59 PM - [0] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 10/24/2013 - 10:57:05 PM - [] ----D C:\Program Files (x86)\PlayPark
O43 - CFD: 10/22/2013 - 1:23:41 PM - [] ----D C:\Program Files (x86)\Silent Hill Homecoming
O43 - CFD: 1/24/2014 - 6:06:42 PM - [0] ----D C:\Program Files (x86)\Speed Gear
O43 - CFD: 12/26/2012 - 11:56:34 PM - [] ----D C:\Program Files (x86)\Warmux
O43 - CFD: 1/13/2013 - 11:06:30 PM - [] ----D C:\Program Files (x86)\WrapApp
O43 - CFD: 10/12/2012 - 10:22:30 AM - [] ----D C:\ProgramData\levelup downloader
O43 - CFD: 8/6/2013 - 10:28:37 PM - [] ----D C:\Users\User 1\AppData\Roaming\BoneTown
O43 - CFD: 6/5/2014 - 12:08:10 AM - [0] ----D C:\Users\User 1\AppData\Roaming\ContentExplorer
O43 - CFD: 6/3/2014 - 1:07:17 AM - [] ----D C:\Users\User 1\AppData\Local\4kdownload.com
O43 - CFD: 10/12/2012 - 2:05:49 AM - [] ----D C:\Users\User 1\AppData\Local\Balanced Worlds
O43 - CFD: 10/12/2012 - 10:22:30 AM - [] ----D C:\Users\User 1\AppData\Local\Level Up!
O43 - CFD: 2/24/2013 - 10:44:53 PM - [] ----D C:\Users\User 1\AppData\Local\Roblox
O43 - CFD: 2/16/2014 - 9:30:07 PM - [] ----D C:\Users\User 1\AppData\Local\Veodin
O43 - CFD: 2/13/2014 - 1:59:01 AM - [] ----D C:\Users\User 1\AppData\Local\WmaMp3-Converter.com
O43 - CFD: 4/2/2013 - 1:21:39 AM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3DSexVilla2
O43 - CFD: 8/5/2013 - 7:44:39 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Define Ext
O43 - CFD: 10/14/2012 - 11:51:30 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up!
O43 - CFD: 11/12/2013 - 9:56:41 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up! Gerenciador
O43 - CFD: 2/10/2014 - 9:39:09 AM - [0] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Fighter 2 version 2.0a
O43 - CFD: 4/17/2013 - 6:29:50 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayPickle
O43 - CFD: 2/24/2013 - 10:08:23 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
O43 - CFD: 1/13/2013 - 11:09:10 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WrapApp
O43 - CFD: 2/2/2014 - 9:02:17 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zone4 Brasil
~ Program Folder: 290 Legitimates Filtered in 02mn AMs
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.42EA2023AEF7DF0700526FA93FA88488] - 6/3/2014 - 1:13:50 AM ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [85824]
O44 - LFC:[MD5.42AB71D1C7E65AF187961F70DEEA419D] - 6/3/2014 - 6:10:02 PM ---A- . (...) -- C:\zoek-results2014-06-03-211002.log [62711]
O44 - LFC:[MD5.2919BBA38549DFC8AEFCAB6808502544] - 6/4/2014 - 5:21:17 PM ---A- . (...) -- C:\zoek-results2014-06-04-202117.log [244238]
O44 - LFC:[MD5.B8CF08EA24052E288A826674DBA75EF7] - 6/4/2014 - 7:21:46 PM ---A- . (...) -- C:\Windows\System32\prfc0416.dat [127896]
O44 - LFC:[MD5.18903A5111917D01F4453D44C5A1EAC7] - 6/4/2014 - 7:21:46 PM ---A- . (...) -- C:\Windows\System32\prfh0416.dat [663606]
O44 - LFC:[MD5.BD7AE23A4476DF831A291F24425EB250] - 6/4/2014 - 8:06:37 PM ---A- . (...) -- C:\zoek-results.log [1313]
~ Files: 14 Legitimates Filtered in 07mn AMs
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn AMs
---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Akamai NetSession Interface [Key] . (...) -- C:\Users\User 1\AppData\Local\Akamai\netsession_win.exe (.not file.)
~ SMSR Keys: 9 Legitimates Filtered in 00mn AMs
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn AMs
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn AMs
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:9/17/2012 - 7:58:30 PM R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [288688]
O58 - SDL:5/11/2014 - 12:33:20 PM ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:5/11/2014 - 12:33:20 PM ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:5/11/2014 - 12:33:20 PM ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416] =>.ALWIL Software
O58 - SDL:3/11/2014 - 12:14:02 AM ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [85824]
O58 - SDL:7/13/2009 - 10:47:48 PM ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:6/10/2009 - 5:31:59 PM ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:1/4/2012 - 8:01:58 PM ---A- . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\Drivers\HssDrv.sys [56832]
O58 - SDL:7/13/2009 - 10:45:55 PM ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:12/15/2011 - 8:29:42 PM ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [31232]
O58 - SDL:8/20/2012 - 11:07:58 PM ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901_openvpn_accl.sys [37912]
O58 - SDL:1/4/2012 - 8:01:54 PM ---A- . (.AnchorFree Inc - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\taphss.sys [37888]
O58 - SDL:7/15/2012 - 10:48:16 AM ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tapoas.sys [30720]
O58 - SDL:5/8/2013 - 9:52:48 AM ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys [49536]
O58 - SDL:9/23/2013 - 12:20:50 PM ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
~ Drivers: 81 Legitimates Filtered in 02mn AMs
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn AMs
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 5/11/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
~ Legacy: 92 Legitimates Filtered in 00mn AMs
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn AMs
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Comodo - Comodo Dragon.) -- C:\Program Files (x86)\Comodo\Dragon\dragon.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe
~ Keys: Scanned in 00mn AMs
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn AMs
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][6/3/2014] (...) -- C:\Users\User 1\Desktop\zoek.exe [1285120]
~ Files: 4 Legitimates Filtered in 00mn AMs
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{0D7D0FDF-20D9-4287-8B33-65391B0B540F}C:\users\user 1\downloads\utorrent.exe" | In - Public - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\users\user 1\downloads\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "UDP Query User{26D3ED2D-8C4D-40C6-9A2D-C51D9DB91A1F}C:\users\user 1\downloads\utorrent.exe" | In - Public - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\users\user 1\downloads\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{DEB31190-A0D2-43DF-BE0F-07C43A8D0B01}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Users\User 1\Downloads\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{E11B2A84-8FF1-4E74-AA86-71964E31921F}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Users\User 1\Downloads\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 02mn AMs
---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 815 Legitimates Filtered in 00mn AMs
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 12/21/2013 72704 | (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SS - | Demand 5/14/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 4/26/2012 2438696 | (CGVPNCliSrvc) . (.mobile concepts GmbH.) - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
SS - | Demand 12/18/2013 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 10/10/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 10/10/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/16/2012 115168 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 7/10/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des
SS - | Auto 10/23/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 2/4/2013 155824 | (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
SS - | Auto 7/10/1658 0 | (VIAKaraokeService) . (...) - C:\Windows\System32\viakaraokesrv.exe
SS - | Demand 7/10/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Disabled 7/13/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 5/10/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 5/11/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 2/28/2006 229376 | (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
SR - | Auto 5/21/2014 2135232 | (DragonUpdater) . (...) - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
SR - | Auto 5/13/2014 2228048 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SR - | Auto 4/15/2014 377616 | (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
SR - | Auto 12/20/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 7/20/2009 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 3/10/2010 189728 | (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 12/20/2010 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 7/13/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 06mn AMs
---\\ Scâner Aditional (088)
Database Version : 13026 - (5/30/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1
[HKCU\Software\TidyNetwork.com] =>Adware.TidyNetwork^
~ Additionnel Scan: 306998 Items scanned in 10mn AMs
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Proxy
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.TidyNetwork
~ MSI: 2 link(s) detected in 00mn AMs
~ 1029 Legitimates filtered by white list
End of the scan (520 lines in 11mn AMs)(0)
O43 - CFD: 6/3/2014 - 1:05:02 AM - [] ----D C:\Program Files (x86)\4KDownload
O43 - CFD: 1/13/2013 - 11:10:17 PM - [0] ----D C:\Program Files (x86)\BMICalculator
O43 - CFD: 5/23/2013 - 9:21:30 AM - [] ----D C:\Program Files (x86)\DETRAN-PE - Prova Eletrônica
O43 - CFD: 4/6/2014 - 12:45:11 AM - [0] ----D C:\Program Files (x86)\DMO Egg Adder
O43 - CFD: 2/13/2014 - 1:58:33 AM - [] ----D C:\Program Files (x86)\Efficient WMA MP3 Converter
O43 - CFD: 4/24/2014 - 1:15:46 AM - [] ----D C:\Program Files (x86)\FarCry 3
O43 - CFD: 2/2/2014 - 9:02:17 PM - [] ----D C:\Program Files (x86)\ONGAME
O43 - CFD: 4/2/2014 - 1:02:32 AM - [] ----D C:\Program Files (x86)\Paint XP
O43 - CFD: 7/19/2013 - 2:19:59 PM - [0] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 10/24/2013 - 10:57:05 PM - [] ----D C:\Program Files (x86)\PlayPark
O43 - CFD: 10/22/2013 - 1:23:41 PM - [] ----D C:\Program Files (x86)\Silent Hill Homecoming
O43 - CFD: 1/24/2014 - 6:06:42 PM - [0] ----D C:\Program Files (x86)\Speed Gear
O43 - CFD: 12/26/2012 - 11:56:34 PM - [] ----D C:\Program Files (x86)\Warmux
O43 - CFD: 1/13/2013 - 11:06:30 PM - [] ----D C:\Program Files (x86)\WrapApp
O43 - CFD: 10/12/2012 - 10:22:30 AM - [] ----D C:\ProgramData\levelup downloader
O43 - CFD: 8/6/2013 - 10:28:37 PM - [] ----D C:\Users\User 1\AppData\Roaming\BoneTown
O43 - CFD: 6/5/2014 - 12:08:10 AM - [0] ----D C:\Users\User 1\AppData\Roaming\ContentExplorer
O43 - CFD: 6/3/2014 - 1:07:17 AM - [] ----D C:\Users\User 1\AppData\Local\4kdownload.com
O43 - CFD: 10/12/2012 - 2:05:49 AM - [] ----D C:\Users\User 1\AppData\Local\Balanced Worlds
O43 - CFD: 10/12/2012 - 10:22:30 AM - [] ----D C:\Users\User 1\AppData\Local\Level Up!
O43 - CFD: 2/24/2013 - 10:44:53 PM - [] ----D C:\Users\User 1\AppData\Local\Roblox
O43 - CFD: 2/16/2014 - 9:30:07 PM - [] ----D C:\Users\User 1\AppData\Local\Veodin
O43 - CFD: 2/13/2014 - 1:59:01 AM - [] ----D C:\Users\User 1\AppData\Local\WmaMp3-Converter.com
O43 - CFD: 4/2/2013 - 1:21:39 AM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3DSexVilla2
O43 - CFD: 8/5/2013 - 7:44:39 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Define Ext
O43 - CFD: 10/14/2012 - 11:51:30 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up!
O43 - CFD: 11/12/2013 - 9:56:41 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up! Gerenciador
O43 - CFD: 2/10/2014 - 9:39:09 AM - [0] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Fighter 2 version 2.0a
O43 - CFD: 4/17/2013 - 6:29:50 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayPickle
O43 - CFD: 2/24/2013 - 10:08:23 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
O43 - CFD: 1/13/2013 - 11:09:10 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WrapApp
O43 - CFD: 2/2/2014 - 9:02:17 PM - [] ----D C:\Users\User 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zone4 Brasil
~ Program Folder: 290 Legitimates Filtered in 02mn AMs
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.42EA2023AEF7DF0700526FA93FA88488] - 6/3/2014 - 1:13:50 AM ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [85824]
O44 - LFC:[MD5.42AB71D1C7E65AF187961F70DEEA419D] - 6/3/2014 - 6:10:02 PM ---A- . (...) -- C:\zoek-results2014-06-03-211002.log [62711]
O44 - LFC:[MD5.2919BBA38549DFC8AEFCAB6808502544] - 6/4/2014 - 5:21:17 PM ---A- . (...) -- C:\zoek-results2014-06-04-202117.log [244238]
O44 - LFC:[MD5.B8CF08EA24052E288A826674DBA75EF7] - 6/4/2014 - 7:21:46 PM ---A- . (...) -- C:\Windows\System32\prfc0416.dat [127896]
O44 - LFC:[MD5.18903A5111917D01F4453D44C5A1EAC7] - 6/4/2014 - 7:21:46 PM ---A- . (...) -- C:\Windows\System32\prfh0416.dat [663606]
O44 - LFC:[MD5.BD7AE23A4476DF831A291F24425EB250] - 6/4/2014 - 8:06:37 PM ---A- . (...) -- C:\zoek-results.log [1313]
~ Files: 14 Legitimates Filtered in 07mn AMs
---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn AMs
---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Akamai NetSession Interface [Key] . (...) -- C:\Users\User 1\AppData\Local\Akamai\netsession_win.exe (.not file.)
~ SMSR Keys: 9 Legitimates Filtered in 00mn AMs
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn AMs
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn AMs
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:9/17/2012 - 7:58:30 PM R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [288688]
O58 - SDL:5/11/2014 - 12:33:20 PM ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:5/11/2014 - 12:33:20 PM ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:5/11/2014 - 12:33:20 PM ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416] =>.ALWIL Software
O58 - SDL:3/11/2014 - 12:14:02 AM ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\BprotectEx.sys [85824]
O58 - SDL:7/13/2009 - 10:47:48 PM ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:6/10/2009 - 5:31:59 PM ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:1/4/2012 - 8:01:58 PM ---A- . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\Drivers\HssDrv.sys [56832]
O58 - SDL:7/13/2009 - 10:45:55 PM ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:12/15/2011 - 8:29:42 PM ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [31232]
O58 - SDL:8/20/2012 - 11:07:58 PM ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901_openvpn_accl.sys [37912]
O58 - SDL:1/4/2012 - 8:01:54 PM ---A- . (.AnchorFree Inc - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\taphss.sys [37888]
O58 - SDL:7/15/2012 - 10:48:16 AM ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tapoas.sys [30720]
O58 - SDL:5/8/2013 - 9:52:48 AM ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpkm.sys [49536]
O58 - SDL:9/23/2013 - 12:20:50 PM ---A- . (.GbPlugin NDIS Device Driver - GbPlugin NDIS Device Driver.) -- C:\Windows\SysWOW64\drivers\gbpndisrd.sys [31088]
~ Drivers: 81 Legitimates Filtered in 02mn AMs
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn AMs
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 5/11/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
~ Legacy: 92 Legitimates Filtered in 00mn AMs
---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Legitimates Filtered in 00mn AMs
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn AMs
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn AMs
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][6/3/2014] (...) -- C:\Users\User 1\Desktop\zoek.exe [1285120]
~ Files: 4 Legitimates Filtered in 00mn AMs
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{0D7D0FDF-20D9-4287-8B33-65391B0B540F}C:\users\user 1\downloads\utorrent.exe" | In - Public - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\users\user 1\downloads\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "UDP Query User{26D3ED2D-8C4D-40C6-9A2D-C51D9DB91A1F}C:\users\user 1\downloads\utorrent.exe" | In - Public - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\users\user 1\downloads\utorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{DEB31190-A0D2-43DF-BE0F-07C43A8D0B01}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Users\User 1\Downloads\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{E11B2A84-8FF1-4E74-AA86-71964E31921F}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Users\User 1\Downloads\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 02mn AMs
---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 815 Legitimates Filtered in 00mn AMs
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 12/21/2013 72704 | (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SS - | Demand 5/14/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 4/26/2012 2438696 | (CGVPNCliSrvc) . (.mobile concepts GmbH.) - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
SS - | Demand 12/18/2013 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 10/10/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 10/10/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/16/2012 115168 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 7/10/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des
SS - | Auto 10/23/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 2/4/2013 155824 | (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
SS - | Auto 7/10/1658 0 | (VIAKaraokeService) . (...) - C:\Windows\System32\viakaraokesrv.exe
SS - | Demand 7/10/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Disabled 7/13/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 5/10/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 5/11/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 2/28/2006 229376 | (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
SR - | Auto 5/21/2014 2135232 | (DragonUpdater) . (...) - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
SR - | Auto 5/13/2014 2228048 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SR - | Auto 4/15/2014 377616 | (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
SR - | Auto 12/20/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 7/20/2009 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 3/10/2010 189728 | (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 12/20/2010 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 7/13/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 06mn AMs
---\\ Scâner Aditional (088)
Database Version : 13026 - (5/30/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1
[HKCU\Software\TidyNetwork.com] =>Adware.TidyNetwork^
~ Additionnel Scan: 306998 Items scanned in 10mn AMs
---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Hijacker.Proxy
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.TidyNetwork
~ MSI: 2 link(s) detected in 00mn AMs
~ 1029 Legitimates filtered by white list
End of the scan (520 lines in 11mn AMs)(0)
speed2050- Iniciante
- Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014
Re: CE_UmbrellaCert como remove-lo ?
Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta e nos diga como está o PC depois disto.
_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.
Copie este relatório e poste em sua próxima resposta e nos diga como está o PC depois disto.
Última edição por Power Max em Qui 05 Jun 2014, 01:01, editado 1 vez(es)
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO)a mensagem
A mensagem parou de Abrir , não sei si é por agora e tals , mas meu pc está mais rapido
e tranquilo é realmente necessario dar esse outro passo ?
e tranquilo é realmente necessario dar esse outro passo ?
speed2050- Iniciante
- Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014
Re: CE_UmbrellaCert como remove-lo ?
faça como te passei acima e poste o log do zhp
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO)logs
Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by User 1 at 6/5/2014 12:55:02 AM
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit (Build 7600)
Reciclagem vazia (03mn AMs)
Reparação de atalhos do navegador
========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\TidyNetwork.com
ELIMINÉ:* StartupReg: Akamai NetSession Interface
========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
ELIMINÉ: R1 Search Page =
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotectex.sys
ELIMINÉ Temporários windows (3) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
2 : Chaves do Registo
6 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
3 : Ficheiros
1 : Restauração Sistema
End of clean in 13mn AMs
========== Caminho do ficheiro do relatório ==========
C:\Users\User 1\AppData\Roaming\ZHP\ZHPFix[R1].txt - 6/4/2014 11:52:17 PM [7863]
C:\Users\User 1\AppData\Roaming\ZHP\ZHPFix[R2].txt - 6/5/2014 12:55:05 AM [1441]
Fichier d'export Registre :
Run by User 1 at 6/5/2014 12:55:02 AM
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit (Build 7600)
Reciclagem vazia (03mn AMs)
Reparação de atalhos do navegador
========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\TidyNetwork.com
ELIMINÉ:* StartupReg: Akamai NetSession Interface
========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
ELIMINÉ: R1 Search Page =
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotectex.sys
ELIMINÉ Temporários windows (3) (0 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
2 : Chaves do Registo
6 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
3 : Ficheiros
1 : Restauração Sistema
End of clean in 13mn AMs
========== Caminho do ficheiro do relatório ==========
C:\Users\User 1\AppData\Roaming\ZHP\ZHPFix[R1].txt - 6/4/2014 11:52:17 PM [7863]
C:\Users\User 1\AppData\Roaming\ZHP\ZHPFix[R2].txt - 6/5/2014 12:55:05 AM [1441]
speed2050- Iniciante
- Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014
Re: CE_UmbrellaCert como remove-lo ?
O problema foi resolvido?
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO)sim
sim eu te amo power max !!!!
speed2050- Iniciante
- Mensagens : 22
Reputação : 0
Data de inscrição : 03/06/2014
Re: CE_UmbrellaCert como remove-lo ?
Fico feliz que o problema tenha sido resolvido.
Só para finalizar faça uma atualização do Malwarebytes que você já tem instalado no seu PC, faça uma verificação completa com ele e remova os problemas que ele encontrar. Depois disto siga estes tutoriais abaixo, por gentileza:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
Só para finalizar faça uma atualização do Malwarebytes que você já tem instalado no seu PC, faça uma verificação completa com ele e remova os problemas que ele encontrar. Depois disto siga estes tutoriais abaixo, por gentileza:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
_________________
Caixa de Dicas = Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: CE_UmbrellaCert como remove-lo ?
CASO RESOLVIDO
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Danii- Membro Pleno
- Mensagens : 571
Reputação : 80
Data de inscrição : 04/04/2014
Localização : Brasil
Página 2 de 2 • 1, 2
Tópicos semelhantes
» Baidu: como removê-lo do PC?
» Kaspersky detecta baidu antivirus e não consigo removê-lo
» Se infectei meu PC com baidu e webssearches como remove-los ?
» Meu computador está com vírus, o que faço para removê-lo?
» Kaspersky detecta baidu antivirus e não consigo removê-lo
» Kaspersky detecta baidu antivirus e não consigo removê-lo
» Se infectei meu PC com baidu e webssearches como remove-los ?
» Meu computador está com vírus, o que faço para removê-lo?
» Kaspersky detecta baidu antivirus e não consigo removê-lo
Página 2 de 2
Permissões neste sub-fórum
Não podes responder a tópicos