Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 14 usuários online :: 0 registrados, 0 invisíveis e 14 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
Remover CE_UmbrellaCert
2 participantes
Página 1 de 2
Página 1 de 2 • 1, 2
Remover CE_UmbrellaCert
Bom dia, também estou com o problema com este certificado, toda vez que ligo o Pc aparece mensagem sobre a instalação desse certificado. Alguém pode me ajudar a resolver. Desde já agradeço.
BenjamimSouza1- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 28/07/2014
Re: Remover CE_UmbrellaCert
Olá Benjamim.
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remover CE_UmbrellaCert
Muito obrigado pela ajuda e de forma tão rápida!
Após a reinicialização do Pc a msg voltou aparecer.
# AdwCleaner v3.301 - Relatório criado 28/07/2014 às 15:31:28
# Atualizado 28/07/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate (64 bits)
# Usuário : Drogaria Meca - DROGARIAMECA-PC
# Executando de : C:\Users\Drogaria Meca\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : netfilter64
***** [ Arquivos / Pastas ] *****
[!] Pasta Deletada : C:\ProgramData\Babylon
[!] Pasta Deletada : C:\ProgramData\baidu
[!] Pasta Deletada : C:\ProgramData\Tarma Installer
[!] Pasta Deletada : C:\Program Files (x86)\baidu
[!] Pasta Deletada : C:\Program Files (x86)\goforfiles
[!] Pasta Deletada : C:\Users\DROGAR~1\AppData\Local\Temp\baidu
[!] Pasta Deletada : C:\Users\DROGAR~1\AppData\Local\Temp\NativeMessaging
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Local\Conduit
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Local\NativeMessaging
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\LocalLow\Conduit
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Roaming\baidu
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Roaming\goforfiles
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Roaming\pdfforge
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Roaming\VOPackage
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLVM Player
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
[!] Pasta Deletada : C:\Users\Public\Documents\baidu
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp
Arquivo Deletada : C:\END
Arquivo Deletada : C:\Windows\System32\drivers\netfilter64.sys
Arquivo Deletada : C:\Users\Drogaria Meca\AppData\Roaming\Mozilla\Firefox\Profiles\fkufeirs.default\invalidprefs.js
Arquivo Deletada : C:\Users\Drogaria Meca\AppData\Roaming\Mozilla\Firefox\Profiles\fkufeirs.default\searchplugins\Babylon.xml
Arquivo Deletada : C:\Users\Drogaria Meca\AppData\Roaming\Mozilla\Firefox\Profiles\fkufeirs.default\user.js
Arquivo Deletada : C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Tarefas ] *****
Tarefa Deletedo : GoforFilesUpdate
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\webcakeupdater
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_microsoft-net-framework_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_microsoft-net-framework_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Chave Deletedo : HKCU\Software\APN PIP
Chave Deletedo : HKCU\Software\BABSOLUTION
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\GoforFiles
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
Chave Deletedo : HKCU\Software\AppDataLow\Software\SmartBar
Chave Deletedo : HKLM\Software\AllDaySavings
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\GoforFiles
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\PIP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Chave Deletedo : [x64] HKLM\SOFTWARE\Tarma Installer
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.7600.16385
-\\ Mozilla Firefox v30.0 (pt-BR)
[ Arquivo : C:\Users\Drogaria Meca\AppData\Roaming\Mozilla\Firefox\Profiles\fkufeirs.default\prefs.js ]
Linha deletada : user_pref("extensions.delta.admin", false);
Linha deletada : user_pref("extensions.delta.aflt", "babsst");
Linha deletada : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Linha deletada : user_pref("extensions.delta.autoRvrt", "false");
Linha deletada : user_pref("extensions.delta.dfltLng", "pt");
Linha deletada : user_pref("extensions.delta.excTlbr", false);
Linha deletada : user_pref("extensions.delta.ffxUnstlRst", true);
Linha deletada : user_pref("extensions.delta.id", "764494e100000000000000270e3bef79");
Linha deletada : user_pref("extensions.delta.instlDay", "15915");
Linha deletada : user_pref("extensions.delta.instlRef", "sst");
Linha deletada : user_pref("extensions.delta.newTab", false);
Linha deletada : user_pref("extensions.delta.prdct", "delta");
Linha deletada : user_pref("extensions.delta.prtnrId", "delta");
Linha deletada : user_pref("extensions.delta.rvrt", "false");
Linha deletada : user_pref("extensions.delta.smplGrp", "none");
Linha deletada : user_pref("extensions.delta.tlbrId", "base");
Linha deletada : user_pref("extensions.delta.tlbrSrchUrl", "");
Linha deletada : user_pref("extensions.delta.vrsn", "1.8.22.0");
Linha deletada : user_pref("extensions.delta.vrsnTs", "1.8.22.016:52:43");
Linha deletada : user_pref("extensions.delta.vrsni", "1.8.22.0");
Linha deletada : user_pref("extensions.delta_i.babExt", "");
Linha deletada : user_pref("extensions.delta_i.babTrack", "affID=119294&tt=290713_ctrl&tsp=4958");
Linha deletada : user_pref("extensions.delta_i.srcExt", "ss");
-\\ Google Chrome v
[ Arquivo : C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deletedo [Extension] : cflheckfmhopnialghigdlggahiomebp
*************************
AdwCleaner[R0].txt - [18065 octets] - [28/07/2014 15:28:56]
AdwCleaner[S0].txt - [17010 octets] - [28/07/2014 15:31:28]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17071 octets] ##########
Após a reinicialização do Pc a msg voltou aparecer.
# AdwCleaner v3.301 - Relatório criado 28/07/2014 às 15:31:28
# Atualizado 28/07/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate (64 bits)
# Usuário : Drogaria Meca - DROGARIAMECA-PC
# Executando de : C:\Users\Drogaria Meca\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : netfilter64
***** [ Arquivos / Pastas ] *****
[!] Pasta Deletada : C:\ProgramData\Babylon
[!] Pasta Deletada : C:\ProgramData\baidu
[!] Pasta Deletada : C:\ProgramData\Tarma Installer
[!] Pasta Deletada : C:\Program Files (x86)\baidu
[!] Pasta Deletada : C:\Program Files (x86)\goforfiles
[!] Pasta Deletada : C:\Users\DROGAR~1\AppData\Local\Temp\baidu
[!] Pasta Deletada : C:\Users\DROGAR~1\AppData\Local\Temp\NativeMessaging
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Local\Conduit
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Local\NativeMessaging
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\LocalLow\Conduit
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Roaming\baidu
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Roaming\goforfiles
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Roaming\pdfforge
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Roaming\VOPackage
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLVM Player
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
[!] Pasta Deletada : C:\Users\Public\Documents\baidu
[!] Pasta Deletada : C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp
Arquivo Deletada : C:\END
Arquivo Deletada : C:\Windows\System32\drivers\netfilter64.sys
Arquivo Deletada : C:\Users\Drogaria Meca\AppData\Roaming\Mozilla\Firefox\Profiles\fkufeirs.default\invalidprefs.js
Arquivo Deletada : C:\Users\Drogaria Meca\AppData\Roaming\Mozilla\Firefox\Profiles\fkufeirs.default\searchplugins\Babylon.xml
Arquivo Deletada : C:\Users\Drogaria Meca\AppData\Roaming\Mozilla\Firefox\Profiles\fkufeirs.default\user.js
Arquivo Deletada : C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Tarefas ] *****
Tarefa Deletedo : GoforFilesUpdate
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Chave Deletedo : HKLM\SOFTWARE\Classes\Prod.cap
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\APN_ATU3__RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\webcakeupdater
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_microsoft-net-framework_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_microsoft-net-framework_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Chave Deletedo : HKCU\Software\APN PIP
Chave Deletedo : HKCU\Software\BABSOLUTION
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\GoforFiles
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
Chave Deletedo : HKCU\Software\AppDataLow\Software\SmartBar
Chave Deletedo : HKLM\Software\AllDaySavings
Chave Deletedo : HKLM\Software\DataMngr
Chave Deletedo : HKLM\Software\GoforFiles
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\PIP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Chave Deletedo : [x64] HKLM\SOFTWARE\Tarma Installer
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.7600.16385
-\\ Mozilla Firefox v30.0 (pt-BR)
[ Arquivo : C:\Users\Drogaria Meca\AppData\Roaming\Mozilla\Firefox\Profiles\fkufeirs.default\prefs.js ]
Linha deletada : user_pref("extensions.delta.admin", false);
Linha deletada : user_pref("extensions.delta.aflt", "babsst");
Linha deletada : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Linha deletada : user_pref("extensions.delta.autoRvrt", "false");
Linha deletada : user_pref("extensions.delta.dfltLng", "pt");
Linha deletada : user_pref("extensions.delta.excTlbr", false);
Linha deletada : user_pref("extensions.delta.ffxUnstlRst", true);
Linha deletada : user_pref("extensions.delta.id", "764494e100000000000000270e3bef79");
Linha deletada : user_pref("extensions.delta.instlDay", "15915");
Linha deletada : user_pref("extensions.delta.instlRef", "sst");
Linha deletada : user_pref("extensions.delta.newTab", false);
Linha deletada : user_pref("extensions.delta.prdct", "delta");
Linha deletada : user_pref("extensions.delta.prtnrId", "delta");
Linha deletada : user_pref("extensions.delta.rvrt", "false");
Linha deletada : user_pref("extensions.delta.smplGrp", "none");
Linha deletada : user_pref("extensions.delta.tlbrId", "base");
Linha deletada : user_pref("extensions.delta.tlbrSrchUrl", "");
Linha deletada : user_pref("extensions.delta.vrsn", "1.8.22.0");
Linha deletada : user_pref("extensions.delta.vrsnTs", "1.8.22.016:52:43");
Linha deletada : user_pref("extensions.delta.vrsni", "1.8.22.0");
Linha deletada : user_pref("extensions.delta_i.babExt", "");
Linha deletada : user_pref("extensions.delta_i.babTrack", "affID=119294&tt=290713_ctrl&tsp=4958");
Linha deletada : user_pref("extensions.delta_i.srcExt", "ss");
-\\ Google Chrome v
[ Arquivo : C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deletedo [Extension] : cflheckfmhopnialghigdlggahiomebp
*************************
AdwCleaner[R0].txt - [18065 octets] - [28/07/2014 15:28:56]
AdwCleaner[S0].txt - [17010 octets] - [28/07/2014 15:31:28]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17071 octets] ##########
BenjamimSouza1- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 28/07/2014
Re: Remover CE_UmbrellaCert
Neste relatório está constando que você executou o Adwcleaner no dia 28/07. Execute ele novamente seguindo as dicas do tutorial que te passei e poste o novo relatório dele por gentileza.# AdwCleaner v3.301 - Relatório criado 28/07/2014 às 15:31:28
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remover CE_UmbrellaCert
Realmente, tentei solucionar o problema sozinho porém sem sucesso... na hora do desespero... devia ter procurado a ajuda de vcs antes de tentar.
# AdwCleaner v3.301 - Relatório criado 30/07/2014 às 10:09:59
# Atualizado 28/07/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate (64 bits)
# Usuário : Drogaria Meca - DROGARIAMECA-PC
# Executando de : C:\Users\Drogaria Meca\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : netfilter64
***** [ Arquivos / Pastas ] *****
Arquivo Deletada : C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Tarefas ] *****
***** [ Atalhos ] *****
***** [ Registro ] *****
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.7600.16385
-\\ Mozilla Firefox v30.0 (pt-BR)
[ Arquivo : C:\Users\Drogaria Meca\AppData\Roaming\Mozilla\Firefox\Profiles\fkufeirs.default\prefs.js ]
-\\ Google Chrome v
[ Arquivo : C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [18065 octets] - [28/07/2014 15:28:56]
AdwCleaner[R1].txt - [1641 octets] - [29/07/2014 11:43:19]
AdwCleaner[R2].txt - [1527 octets] - [30/07/2014 10:07:55]
AdwCleaner[S0].txt - [17384 octets] - [28/07/2014 15:31:28]
AdwCleaner[S1].txt - [1575 octets] - [29/07/2014 12:00:35]
AdwCleaner[S2].txt - [1439 octets] - [30/07/2014 10:09:59]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1499 octets] ##########
# AdwCleaner v3.301 - Relatório criado 30/07/2014 às 10:09:59
# Atualizado 28/07/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate (64 bits)
# Usuário : Drogaria Meca - DROGARIAMECA-PC
# Executando de : C:\Users\Drogaria Meca\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : netfilter64
***** [ Arquivos / Pastas ] *****
Arquivo Deletada : C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Arquivo Deletada : C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Tarefas ] *****
***** [ Atalhos ] *****
***** [ Registro ] *****
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.7600.16385
-\\ Mozilla Firefox v30.0 (pt-BR)
[ Arquivo : C:\Users\Drogaria Meca\AppData\Roaming\Mozilla\Firefox\Profiles\fkufeirs.default\prefs.js ]
-\\ Google Chrome v
[ Arquivo : C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [18065 octets] - [28/07/2014 15:28:56]
AdwCleaner[R1].txt - [1641 octets] - [29/07/2014 11:43:19]
AdwCleaner[R2].txt - [1527 octets] - [30/07/2014 10:07:55]
AdwCleaner[S0].txt - [17384 octets] - [28/07/2014 15:31:28]
AdwCleaner[S1].txt - [1575 octets] - [29/07/2014 12:00:35]
AdwCleaner[S2].txt - [1439 octets] - [30/07/2014 10:09:59]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1499 octets] ##########
BenjamimSouza1- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 28/07/2014
Re: Remover CE_UmbrellaCert
Desative temporariamente seu antivírus para evitar conflitos.
* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executá-lo corretamente siga as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.
* Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executá-lo corretamente siga as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Assim que ele concluir a limpeza dos problemas acesse o log (relatório) do Zoek que estará em C:\zoek-results.txt e copie todo seu conteúdo e poste em sua próxima resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remover CE_UmbrellaCert
Durante o processo o aviso do CE_Umbrella apareceu e após o reinicio do Pc também.
Zoek.exe v5.0.0.0 Updated 29-07-2014
Tool run by Drogaria Meca on 30/07/2014 at 10:31:55,58.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Drogaria Meca\Downloads\zoek (1).exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-07-28-185257.log 1300 bytes
C:\zoek-results2014-07-28-201048.log 19462 bytes
C:\zoek-results2014-07-28-213629.log 18083 bytes
==== System Restore Info ======================
30/07/2014 10:33:32 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\DROGAR~1\AppData\Roaming\Mozilla\Firefox\Profiles\fkufeirs.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\DROGAR~1\AppData\Roaming\Mozilla\Firefox\Profiles\fkufeirs.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\Users\Drogaria Meca\Searches deleted
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Drogaria Meca\AppData\Roaming\Mozilla\Firefox\Profiles\fkufeirs.default
FB5621842FDABF9F8359775573498FBC - C:\Users\Drogaria Meca\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update
3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash
F556A64AB2DB1BD834E7C89CE211516B - C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10/10/2011 11:09]
Google Docs - Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Skype Click to Call - Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{61316F82-3E3B-4CA3-9F06-89EFD3A7CB55} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MXGB_pt-BRBR509"
==== Reset Google Chrome ======================
C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\Drogaria Meca\Desktop\Compra Fácil SERVIMED PE-Cliente.lnk -
C:\Users\Drogaria Meca\Desktop\Epan.lnk - C:\Panpharma\Epan\Epan.exe
C:\Users\Drogaria Meca\Desktop\FRACIONADOS.lnk - D:\FRACIONADOS1.xls
C:\Users\Drogaria Meca\Desktop\Google Chrome.lnk - C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Drogaria Meca\Desktop\Guia da Farmácia.lnk -
C:\Users\Drogaria Meca\Desktop\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\Drogaria Meca\Desktop\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Drogaria Meca\Desktop\NOTAS FISCAIS LANÇAMENTO.lnk -
C:\Users\Drogaria Meca\Desktop\Pedido Eletrônico Distrimed.lnk -
C:\Users\Drogaria Meca\Desktop\Pedido Eletrônico SantaCruz.LNK -
C:\Users\Drogaria Meca\Desktop\SNGPC Control.lnk - D:\arquivos de programas\SNGPC Control\SNGPC Control.exe
C:\Users\Drogaria Meca\Desktop\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\Users\Drogaria Meca\Desktop\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
C:\Users\Drogaria Meca\Desktop\µTorrent.lnk -
C:\Users\Drogaria Meca\Desktop\CHART\Adiministrador de Base.lnk - C:\CHART\DB\P_AdmBa.exe
C:\Users\Drogaria Meca\Desktop\CHART\Gerente Chart.lnk - C:\CHART\WMF\Wmfmenu0.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\Avira.lnk - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe /showMiniGui
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CyberLink DVD Suite.lnk - C:\Program Files (x86)\CyberLink\DVD Suite\PowerStarter.exe
C:\Users\Public\Desktop\DoveMail - DPC Pedido Eletrônico.lnk -
C:\Users\Public\Desktop\Gerente Avançado.lnk -
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk - C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\Validador Sintegra 2013.lnk - C:\Program Files (x86)\Validador Sintegra 2013\ValidadorSintegra2013.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\PowerDVD\CyberLink PowerDVD.lnk - C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\PowerDVD\PowerDVD Help file.lnk - C:\Program Files (x86)\CyberLink\PowerDVD\Language\Enu\PowerDVD.CHM
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\PowerDVD\Read Me.lnk - C:\Program Files (x86)\CyberLink\PowerDVD\Language\Enu\Readme.htm
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\PowerDVD\Uninstall PowerDVD.lnk - C:\Windows\system32\RunDll32.exe C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\Application\chrome.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira Free Antivirus.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\avwin.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira na Internet.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\weblink.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Iniciar Avira Free Antivirus.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\My Avira\Avira.lnk - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe /showMiniGui
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda Cloud Cleaner\Panda Cloud Cleaner.lnk - C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda Cloud Cleaner\Uninstall Panda Cloud Cleaner.lnk - C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyServer"="http=127.0.0.1:49177;https=127.0.0.1:49177;"
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000001
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Drogaria Meca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Drogaria Meca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=490 folders=110 18956172 bytes)
==== Empty Temp Folders ======================
C:\Users\Administrador\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Drogaria Meca\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\DROGAR~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Drogaria Meca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on 30/07/2014 at 10:50:44,93 ======================
Zoek.exe v5.0.0.0 Updated 29-07-2014
Tool run by Drogaria Meca on 30/07/2014 at 10:31:55,58.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Drogaria Meca\Downloads\zoek (1).exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-07-28-185257.log 1300 bytes
C:\zoek-results2014-07-28-201048.log 19462 bytes
C:\zoek-results2014-07-28-213629.log 18083 bytes
==== System Restore Info ======================
30/07/2014 10:33:32 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\DROGAR~1\AppData\Roaming\Mozilla\Firefox\Profiles\fkufeirs.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\DROGAR~1\AppData\Roaming\Mozilla\Firefox\Profiles\fkufeirs.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\Users\Drogaria Meca\Searches deleted
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Drogaria Meca\AppData\Roaming\Mozilla\Firefox\Profiles\fkufeirs.default
FB5621842FDABF9F8359775573498FBC - C:\Users\Drogaria Meca\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update
3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash
F556A64AB2DB1BD834E7C89CE211516B - C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10/10/2011 11:09]
Google Docs - Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Skype Click to Call - Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{61316F82-3E3B-4CA3-9F06-89EFD3A7CB55} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MXGB_pt-BRBR509"
==== Reset Google Chrome ======================
C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\Drogaria Meca\Desktop\Compra Fácil SERVIMED PE-Cliente.lnk -
C:\Users\Drogaria Meca\Desktop\Epan.lnk - C:\Panpharma\Epan\Epan.exe
C:\Users\Drogaria Meca\Desktop\FRACIONADOS.lnk - D:\FRACIONADOS1.xls
C:\Users\Drogaria Meca\Desktop\Google Chrome.lnk - C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Drogaria Meca\Desktop\Guia da Farmácia.lnk -
C:\Users\Drogaria Meca\Desktop\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\Drogaria Meca\Desktop\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Drogaria Meca\Desktop\NOTAS FISCAIS LANÇAMENTO.lnk -
C:\Users\Drogaria Meca\Desktop\Pedido Eletrônico Distrimed.lnk -
C:\Users\Drogaria Meca\Desktop\Pedido Eletrônico SantaCruz.LNK -
C:\Users\Drogaria Meca\Desktop\SNGPC Control.lnk - D:\arquivos de programas\SNGPC Control\SNGPC Control.exe
C:\Users\Drogaria Meca\Desktop\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\Users\Drogaria Meca\Desktop\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
C:\Users\Drogaria Meca\Desktop\µTorrent.lnk -
C:\Users\Drogaria Meca\Desktop\CHART\Adiministrador de Base.lnk - C:\CHART\DB\P_AdmBa.exe
C:\Users\Drogaria Meca\Desktop\CHART\Gerente Chart.lnk - C:\CHART\WMF\Wmfmenu0.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\aTube Catcher.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe
C:\Users\Public\Desktop\Avira.lnk - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe /showMiniGui
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\CyberLink DVD Suite.lnk - C:\Program Files (x86)\CyberLink\DVD Suite\PowerStarter.exe
C:\Users\Public\Desktop\DoveMail - DPC Pedido Eletrônico.lnk -
C:\Users\Public\Desktop\Gerente Avançado.lnk -
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk - C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe
C:\Users\Public\Desktop\Validador Sintegra 2013.lnk - C:\Program Files (x86)\Validador Sintegra 2013\ValidadorSintegra2013.exe
==== shortcuts in Users Start Menu ======================
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\PowerDVD\CyberLink PowerDVD.lnk - C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\PowerDVD\PowerDVD Help file.lnk - C:\Program Files (x86)\CyberLink\PowerDVD\Language\Enu\PowerDVD.CHM
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\PowerDVD\Read Me.lnk - C:\Program Files (x86)\CyberLink\PowerDVD\Language\Enu\Readme.htm
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite\PowerDVD\Uninstall PowerDVD.lnk - C:\Windows\system32\RunDll32.exe C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\Application\chrome.exe
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira Free Antivirus.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\avwin.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira na Internet.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\weblink.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Iniciar Avira Free Antivirus.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\My Avira\Avira.lnk - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe /showMiniGui
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda Cloud Cleaner\Panda Cloud Cleaner.lnk - C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda Cloud Cleaner\Uninstall Panda Cloud Cleaner.lnk - C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk - C:\Program Files (x86)\ZHPDiag\ZHPhep.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPFix.lnk - C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Drogaria Meca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyServer"="http=127.0.0.1:49177;https=127.0.0.1:49177;"
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000001
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrador\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Drogaria Meca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Drogaria Meca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=490 folders=110 18956172 bytes)
==== Empty Temp Folders ======================
C:\Users\Administrador\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Drogaria Meca\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\DROGAR~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Drogaria Meca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on 30/07/2014 at 10:50:44,93 ======================
BenjamimSouza1- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 28/07/2014
Re: Remover CE_UmbrellaCert
Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o programa acima é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para executar corretamente o programa acima é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remover CE_UmbrellaCert
O Pc não foi reinicializado. É preciso?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Drogaria Meca on 30/07/2014 at 11:02:05,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4260678768-670655637-3628071090-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bdutil_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bdutil_rasmancs
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Drogaria Meca\AppData\Roaming\mozilla\firefox\profiles\fkufeirs.default\minidumps [60 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30/07/2014 at 11:11:39,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Drogaria Meca on 30/07/2014 at 11:02:05,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4260678768-670655637-3628071090-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bdutil_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bdutil_rasmancs
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Drogaria Meca\AppData\Roaming\mozilla\firefox\profiles\fkufeirs.default\minidumps [60 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30/07/2014 at 11:11:39,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
BenjamimSouza1- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 28/07/2014
Re: Remover CE_UmbrellaCert
Não precisa.O Pc não foi reinicializado. É preciso?
_______________________________________________
Qual é a versão do Malwarebytes que você tem no seu computador?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remover CE_UmbrellaCert
Versão gratuita 2.0.2.1012
BenjamimSouza1- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 28/07/2014
Re: Remover CE_UmbrellaCert
Faça um update (atualização) nele.
Depois disto siga as dicas abaixo para alterar o idioma dele para o português (caso ainda esteja em outro idioma) e para fazer a limpeza completa:
Alterando o idioma do Malwarebytes para o português:
Caso o idioma do seu Malwarebytes esteja em inglês é bem simples mudá-lo para nossa língua. Para isto abra o Malwarebytes e clique em Settings como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Na próxima tela que surge, clique em Language e selecione a opção Portugueze (Brazil):
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
___________________________________________________________________________
Como executar uma verificação personalizada com o Malwarebytes:
- Abra o Malwarebytes > Clique em Verificar > clique em Verificação Personalizada > Clique em Verificar Agora:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Surgirá mais esta tela abaixo na qual você marcará todas as caixinhas do lado direito da tela para que todas as áreas de seu PC e mídias removíveis ligadas a ele possam ser escaneadas. E do lado esquerdo da tela deixe marcadas estas opções:
Verificar Objetos na Memória
Verificar as Configurações da Inicialização e do Registro
Verificar Arquivos Compactados
Quanto ao restante, deixe da forma já pré-configurada pelo Malwarebytes.
Depois disto clique no botão Iniciar Verificação como mostra a imagem abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Aguarde enquanto o escaneamento é realizado. Ele demora de acordo com a quantidade de arquivos que você possua em seu computador:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Assim que a verificação terminar, caso seja detectada alguma ameaça em seu PC surgirá uma mensagem como esta abaixo próximo ao relógio do Windows onde você clicará nela:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Neste momento aparecerá quais os malwares e itens potencialmente indesejáveis que foram detectados e os locais onde eles se encontram. Você notará que ele já mostra uma ação padrão para os itens (que normalmente é a de mover para a quarentena).
Para remover as infecções, deixe a opção Quarentena no menu Ação selecionada em todos os itens e clique no botão Aplicar Ações, como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Alguns malwares são rebeldes e podem necessitar de uma reinicialização do PC para que sejam removidos. Caso isto seja solicitado pelo Malwarebytes, clique em Sim (ou Yes) como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Depois disto é só postar o novo log de verificação que o Malwarebytes irá criar em sua próxima resposta.
Depois disto siga as dicas abaixo para alterar o idioma dele para o português (caso ainda esteja em outro idioma) e para fazer a limpeza completa:
Alterando o idioma do Malwarebytes para o português:
Caso o idioma do seu Malwarebytes esteja em inglês é bem simples mudá-lo para nossa língua. Para isto abra o Malwarebytes e clique em Settings como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Na próxima tela que surge, clique em Language e selecione a opção Portugueze (Brazil):
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
___________________________________________________________________________
Como executar uma verificação personalizada com o Malwarebytes:
- Abra o Malwarebytes > Clique em Verificar > clique em Verificação Personalizada > Clique em Verificar Agora:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Surgirá mais esta tela abaixo na qual você marcará todas as caixinhas do lado direito da tela para que todas as áreas de seu PC e mídias removíveis ligadas a ele possam ser escaneadas. E do lado esquerdo da tela deixe marcadas estas opções:
Verificar Objetos na Memória
Verificar as Configurações da Inicialização e do Registro
Verificar Arquivos Compactados
Quanto ao restante, deixe da forma já pré-configurada pelo Malwarebytes.
Depois disto clique no botão Iniciar Verificação como mostra a imagem abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Aguarde enquanto o escaneamento é realizado. Ele demora de acordo com a quantidade de arquivos que você possua em seu computador:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Assim que a verificação terminar, caso seja detectada alguma ameaça em seu PC surgirá uma mensagem como esta abaixo próximo ao relógio do Windows onde você clicará nela:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Neste momento aparecerá quais os malwares e itens potencialmente indesejáveis que foram detectados e os locais onde eles se encontram. Você notará que ele já mostra uma ação padrão para os itens (que normalmente é a de mover para a quarentena).
Para remover as infecções, deixe a opção Quarentena no menu Ação selecionada em todos os itens e clique no botão Aplicar Ações, como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Alguns malwares são rebeldes e podem necessitar de uma reinicialização do PC para que sejam removidos. Caso isto seja solicitado pelo Malwarebytes, clique em Sim (ou Yes) como mostra esta imagem:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Depois disto é só postar o novo log de verificação que o Malwarebytes irá criar em sua próxima resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remover CE_UmbrellaCert
Power Max, terei que sair para o almoço... O Malwarebytes ainda está fazendo o scan, já detectou 5 objetos e está rodando por 01:16h.
BenjamimSouza1- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 28/07/2014
Re: Remover CE_UmbrellaCert
Ok, depois quando ele acabar a limpeza você posta o relatório.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remover CE_UmbrellaCert
Power Max, o scan ainda continua... é normal esse tempo (02:20h)? O número de objetos verificados continua aumentando... o processo está no Filesystem Objects.
BenjamimSouza1- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 28/07/2014
Re: Remover CE_UmbrellaCert
é normal ele demorar mesmo, isto varia de acordo com a quantidade de arquivos que a pessoa tenha no PC.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remover CE_UmbrellaCert
Ainda em escaneamento... vou deixar o PC ligado, amanhã de manhã mando o relatório. Ok?
BenjamimSouza1- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 28/07/2014
Re: Remover CE_UmbrellaCert
Ou devo proceder de outra forma? Fico no serviço até perto das 19:00.
BenjamimSouza1- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 28/07/2014
Re: Remover CE_UmbrellaCert
Tem uns casos em que ele demora até umas 6 horas, dependendo da quantidade de arquivos. Fico no aguardo do relatório.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remover CE_UmbrellaCert
Ele já está com 06:41. Mais uma vez, muito obrigado pela ajuda.
BenjamimSouza1- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 28/07/2014
Re: Remover CE_UmbrellaCert
Ele já está com 06:41. Mais uma vez, muito obrigado pela ajuda.
BenjamimSouza1- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 28/07/2014
Re: Remover CE_UmbrellaCert
Bom dia Power Max, o Scan terminou, apliquei as recomendações, porém agora o PC ficou sem acesso a Internet e não consigo te enviar o log do Malware.
BenjamimSouza1- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 28/07/2014
Re: Remover CE_UmbrellaCert
Obs. A Internet está funcionando normalmente.
BenjamimSouza1- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 28/07/2014
Re: Remover CE_UmbrellaCert
Consegui resolver, eram as configurações de Proxy, rss... segue o Log:
Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Data de Verificação: 30/07/2014
Hora da Verificação: 11:37:40
Logfile: LOG MALWARE.txt
Administrador: Sim
Versão: 2.00.2.1012
Malware Database: v2014.07.30.04
Rootkit Database: v2014.07.17.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Self-protection: Desabilitado
OS: Windows 7
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Drogaria Meca
Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 869056
Tempo Decorrido: 7 hr, 20 min, 25 seg
Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processos: 1
PUP.Optional.ContentExplorer.A, C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer\ContentExplorer.exe, 2896, Delete-on-Reboot, [fcb02283b6c55bdb5a3a37b25ba76b95]
Módulos: 0
(No malicious items detected)
Chaves de Registro: 7
PUP.Optional.AdPeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AllDaySavingsService64, Quarantined, [c5e7d0d5275402342a8ae1cb2bd99070],
PUP.Optional.SearchSnacks.A, HKU\S-1-5-21-4260678768-670655637-3628071090-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Delete-on-Reboot, [8b21f2b3eb907abca1a7db84e41e936d],
PUP.Optional.SearchSnacks.A, HKU\S-1-5-21-4260678768-670655637-3628071090-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Delete-on-Reboot, [8b21f2b3eb907abca1a7db84e41e936d],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\WOW6432NODE\SearchSnacks, Quarantined, [3973198c49321b1b45a5d606d82a39c7],
PUP.Optional.AdPeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\netfilter64, Quarantined, [ddcf53520378d85ecb633e8f9f6359a7],
PUP.Optional.SearchSnacks, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ssnfd, Quarantined, [7b31b9ec97e43ef8be7105c828dab64a],
PUP.Optional.SuperFish.A, HKU\S-1-5-21-4260678768-670655637-3628071090-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Delete-on-Reboot, [317b3d6837446ec8b1024f84f70b6997],
Valores de Registro: 1
PUP.Optional.ContentExplorer.A, HKU\S-1-5-21-4260678768-670655637-3628071090-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ContentExplorer, "C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer\ContentExplorer.exe", Delete-on-Reboot, [fcb02283b6c55bdb5a3a37b25ba76b95]
Dados do Registro: 0
(No malicious items detected)
Pastas: 3
PUP.Optional.ContentExplorer.A, C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer, Delete-on-Reboot, [ffad1e8797e48fa7bcd9a742af53d12f],
PUP.Optional.Adpeak.A, C:\Program Files\AllDaySavings, Quarantined, [3a72b1f4fb80d462b8189432b34f6e92],
PUP.Optional.Adpeak.A, C:\Program Files\AllDaySavings\SSL, Quarantined, [3a72b1f4fb80d462b8189432b34f6e92],
Arquivos: 12
PUP.Optional.AdPeak.A, C:\Program Files (x86)\D20A6820-7C28-4015-945F-09F8551FCE45\cnfygfszki64.exe, Quarantined, [c5e7d0d5275402342a8ae1cb2bd99070],
PUP.Optional.AdPeak, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\netfilter64.sys.vir, Quarantined, [604cfca93d3e112584e0e4bfb051f907],
PUP.Optional.Superfish.A, C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Quarantined, [25874b5af8837cba2d4386599f63fb05],
PUP.Optional.Superfish.A, C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Quarantined, [3379e3c2f784eb4b3b3507d842c019e7],
PUP.Optional.ContentExplorer.A, C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer\ContentExplorer.exe, Delete-on-Reboot, [fcb02283b6c55bdb5a3a37b25ba76b95],
PUP.Optional.ContentExplorer.A, C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer\RootCert.cer, Quarantined, [ffad1e8797e48fa7bcd9a742af53d12f],
PUP.Optional.ContentExplorer.A, C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer\loader.dat, Quarantined, [ffad1e8797e48fa7bcd9a742af53d12f],
PUP.Optional.ContentExplorer.A, C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer\makecert.exe, Quarantined, [ffad1e8797e48fa7bcd9a742af53d12f],
PUP.Optional.ContentExplorer.A, C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer\storage.bin, Quarantined, [ffad1e8797e48fa7bcd9a742af53d12f],
PUP.Optional.ContentExplorer.A, C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer\uninstall.exe, Quarantined, [ffad1e8797e48fa7bcd9a742af53d12f],
PUP.Optional.Adpeak.A, C:\Program Files\AllDaySavings\mfs7E57.tmp, Quarantined, [3a72b1f4fb80d462b8189432b34f6e92],
PUP.Optional.Adpeak.A, C:\Program Files\AllDaySavings\mfsA6AF.tmp, Quarantined, [3a72b1f4fb80d462b8189432b34f6e92],
Physical Sectors: 0
(No malicious items detected)
(end)
Imprevisto de última hora,terei que levar minha mãe ao médico, consulta de rotina, assim que chegar aplico suas recomendações. Obrigado!
Malwarebytes Anti-Malware
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Data de Verificação: 30/07/2014
Hora da Verificação: 11:37:40
Logfile: LOG MALWARE.txt
Administrador: Sim
Versão: 2.00.2.1012
Malware Database: v2014.07.30.04
Rootkit Database: v2014.07.17.01
Licença: Grátis
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Self-protection: Desabilitado
OS: Windows 7
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Drogaria Meca
Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 869056
Tempo Decorrido: 7 hr, 20 min, 25 seg
Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processos: 1
PUP.Optional.ContentExplorer.A, C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer\ContentExplorer.exe, 2896, Delete-on-Reboot, [fcb02283b6c55bdb5a3a37b25ba76b95]
Módulos: 0
(No malicious items detected)
Chaves de Registro: 7
PUP.Optional.AdPeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AllDaySavingsService64, Quarantined, [c5e7d0d5275402342a8ae1cb2bd99070],
PUP.Optional.SearchSnacks.A, HKU\S-1-5-21-4260678768-670655637-3628071090-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Delete-on-Reboot, [8b21f2b3eb907abca1a7db84e41e936d],
PUP.Optional.SearchSnacks.A, HKU\S-1-5-21-4260678768-670655637-3628071090-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Delete-on-Reboot, [8b21f2b3eb907abca1a7db84e41e936d],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\WOW6432NODE\SearchSnacks, Quarantined, [3973198c49321b1b45a5d606d82a39c7],
PUP.Optional.AdPeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\netfilter64, Quarantined, [ddcf53520378d85ecb633e8f9f6359a7],
PUP.Optional.SearchSnacks, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ssnfd, Quarantined, [7b31b9ec97e43ef8be7105c828dab64a],
PUP.Optional.SuperFish.A, HKU\S-1-5-21-4260678768-670655637-3628071090-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Delete-on-Reboot, [317b3d6837446ec8b1024f84f70b6997],
Valores de Registro: 1
PUP.Optional.ContentExplorer.A, HKU\S-1-5-21-4260678768-670655637-3628071090-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ContentExplorer, "C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer\ContentExplorer.exe", Delete-on-Reboot, [fcb02283b6c55bdb5a3a37b25ba76b95]
Dados do Registro: 0
(No malicious items detected)
Pastas: 3
PUP.Optional.ContentExplorer.A, C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer, Delete-on-Reboot, [ffad1e8797e48fa7bcd9a742af53d12f],
PUP.Optional.Adpeak.A, C:\Program Files\AllDaySavings, Quarantined, [3a72b1f4fb80d462b8189432b34f6e92],
PUP.Optional.Adpeak.A, C:\Program Files\AllDaySavings\SSL, Quarantined, [3a72b1f4fb80d462b8189432b34f6e92],
Arquivos: 12
PUP.Optional.AdPeak.A, C:\Program Files (x86)\D20A6820-7C28-4015-945F-09F8551FCE45\cnfygfszki64.exe, Quarantined, [c5e7d0d5275402342a8ae1cb2bd99070],
PUP.Optional.AdPeak, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\netfilter64.sys.vir, Quarantined, [604cfca93d3e112584e0e4bfb051f907],
PUP.Optional.Superfish.A, C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Quarantined, [25874b5af8837cba2d4386599f63fb05],
PUP.Optional.Superfish.A, C:\Users\Drogaria Meca\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Quarantined, [3379e3c2f784eb4b3b3507d842c019e7],
PUP.Optional.ContentExplorer.A, C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer\ContentExplorer.exe, Delete-on-Reboot, [fcb02283b6c55bdb5a3a37b25ba76b95],
PUP.Optional.ContentExplorer.A, C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer\RootCert.cer, Quarantined, [ffad1e8797e48fa7bcd9a742af53d12f],
PUP.Optional.ContentExplorer.A, C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer\loader.dat, Quarantined, [ffad1e8797e48fa7bcd9a742af53d12f],
PUP.Optional.ContentExplorer.A, C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer\makecert.exe, Quarantined, [ffad1e8797e48fa7bcd9a742af53d12f],
PUP.Optional.ContentExplorer.A, C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer\storage.bin, Quarantined, [ffad1e8797e48fa7bcd9a742af53d12f],
PUP.Optional.ContentExplorer.A, C:\Users\Drogaria Meca\AppData\Roaming\ContentExplorer\uninstall.exe, Quarantined, [ffad1e8797e48fa7bcd9a742af53d12f],
PUP.Optional.Adpeak.A, C:\Program Files\AllDaySavings\mfs7E57.tmp, Quarantined, [3a72b1f4fb80d462b8189432b34f6e92],
PUP.Optional.Adpeak.A, C:\Program Files\AllDaySavings\mfsA6AF.tmp, Quarantined, [3a72b1f4fb80d462b8189432b34f6e92],
Physical Sectors: 0
(No malicious items detected)
(end)
Imprevisto de última hora,terei que levar minha mãe ao médico, consulta de rotina, assim que chegar aplico suas recomendações. Obrigado!
BenjamimSouza1- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 28/07/2014
Re: Remover CE_UmbrellaCert
Quando você voltar faça o seguinte, por gentileza:
Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )
Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )
Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Página 1 de 2 • 1, 2
Página 1 de 2
Permissões neste sub-fórum
Não podes responder a tópicos
|
|