Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14412 usuários registrados
O último usuário registrado atende pelo nome de LucasDrBr

Os nossos membros postaram um total de 35075 mensagens em 3551 assuntos
Quem está conectado
2 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 2 Visitantes :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Julho 2017
SegTerQuaQuiSexSabDom
     12
3456789
10111213141516
17181920212223
24252627282930
31      

Calendário Calendário

Palavras chave


Computador travando constantemente.

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Computador travando constantemente.

Mensagem por janderson em Sab 10 Maio 2014, 11:03

bom dia pessoal!! vou deixar o log abaixo pra analize por favor vejam se tem como resolver o problema do meu pc infelizmente acho que vou ter que formatar    pois ele ta muito lento e de uns tempos pra ca da umas travadinhas basicas rsrs usei algumas dicas daqui mesmo mas nao deu resultado enfim segue o log


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:46:59, on 10/05/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Users\Usuário\Music\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Você precisa estar registrado e conectado para ver este link.]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: Watchdog do AVG (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7224 bytes
avatar
janderson
Membro
Membro

Mensagens : 67
Reputação : 1
Data de inscrição : 29/10/2013

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por Power Max em Sab 10 Maio 2014, 11:15

  Olá Janderson.

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

Remova adwares e toolbars maliciosas com o Adwcleaner

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por janderson em Sab 10 Maio 2014, 11:34

nossa me surpreendi acho vários lixos que pensei ter me livrado como o baidu segue o log


# AdwCleaner v3.207 - Relatório criado 10/05/2014 às 11:25:37
# Atualizado 05/05/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (64 bits)
# Usuário : Usuário - PC-CHIPS-A45G-
# Executando de : C:\Users\Usuário\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\SaveNeWaApppz
Pasta Deletada : C:\Users\Public\Documents\baidu
Pasta Deletada : C:\Users\Usuário\AppData\Local\torch
Pasta Deletada : C:\Users\Usuário\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Usuário\AppData\Roaming\SupTab
Pasta Deletada : C:\Users\Usuário\AppData\Roaming\Systweak
Arquivo Deletada : C:\Users\Usuário\AppData\Roaming\LiveSupport.exe_log.txt
Arquivo Deletada : C:\Users\Usuário\AppData\Roaming\regsvr32.exe_log.txt
Arquivo Deletada : C:\Users\Usuário\AppData\Roaming\Mozilla\Firefox\Profiles\gycv5ie5.default\user.js
Arquivo Deletada : C:\Windows\System32\Tasks\Driver Booster Update

***** [ Atalhos ] *****

Atalho Desinfectada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Atalho Desinfectada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Atalho Desinfectada : C:\Users\Usuário\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Atalho Desinfectada : C:\Users\Usuário\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Atalho Desinfectada : C:\Users\Usuário\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Atalho Desinfectada : C:\Users\Usuário\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Chave Deletedo : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Valor Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\RegisteredApplicationsEx
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Chave Deletedo : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Chave Deletedo : HKLM\Software\AVG Secure Search
Chave Deletedo : HKLM\Software\supTab
Chave Deletedo : HKLM\Software\supWPM
Chave Deletedo : HKLM\Software\systweak

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.17041

Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v28.0 (pt-BR)

[ Arquivo : C:\Users\Usuário\AppData\Roaming\Mozilla\Firefox\Profiles\gycv5ie5.default\prefs.js ]

Linha deletada : user_pref("browser.search.selectedEngine", "webssearches");
Linha deletada : user_pref("extensions.PZkXqi3fXmF.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.match(/re[...]
Linha deletada : user_pref("extensions.YTzTvv1p.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorobo\")>-1||url.in[...]
Linha deletada : user_pref("extensions._kXGC9H.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorobo\")>-1||url.ind[...]
Linha deletada : user_pref("extensions.bZMLTSIY.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.match(/ressbar.com[^f]+fid=65017/)||url.indexOf(\"form=u064ht&pc=u064\")>-[...]
Linha deletada : user_pref("extensions.rN56VJGZ.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.match(/ressb[...]
Linha deletada : user_pref("extensions.zNSpq_EO.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.match(/ressbar.com[^f]+fid=65017/)||url.indexOf(\"form=u064ht&pc=u064\")>-[...]

-\\ Google Chrome v33.0.1750.117

[ Arquivo : C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7061 octets] - [10/05/2014 11:24:31]
AdwCleaner[S0].txt - [5578 octets] - [10/05/2014 11:25:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5638 octets] ##########
avatar
janderson
Membro
Membro

Mensagens : 67
Reputação : 1
Data de inscrição : 29/10/2013

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por Power Max em Sab 10 Maio 2014, 11:40

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Sab 10 Maio 2014, 17:56, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por janderson em Sab 10 Maio 2014, 12:17

o log do Zoek.exe

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Usu rio on 10/05/2014 at 11:47:44,98.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Usuário\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10/05/2014 11:51:32 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\USURIO~2\AppData\Roaming\Mozilla\Firefox\Profiles\gycv5ie5.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.com.br/?gfe_rd=cr&ei=RkhaU8uxEeyU8QfTvIHwAg");
user_pref("browser.newtab.url", "https://www.google.com.br/");
user_pref("keyword.URL", "http://br.yhs4.search.yahoo.com/yhs/search");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\USURIO~2\AppData\Roaming\Mozilla\Firefox\Profiles\gycv5ie5.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\USURIO~2\AppData\Roaming\Mozilla\Firefox\Profiles\gycv5ie5.default

user.js not found
---- Lines extensions.PZkXqi3fXmF removed from prefs.js ----
user_pref("extensions.PZkXqi3fXmF.epoch", "1392818444");
user_pref("extensions.PZkXqi3fXmF.url", "http://webdireect.in/sync2/?q=hfZ9ofV9CShEAen0rjw7rchTB6lKDzt4oktitNtVh7n0rjnErTw6rjw9rjs9tMFHhd9FqdaGrjYFqda
---- Lines extensions.YTzTvv1p removed from prefs.js ----
user_pref("extensions.YTzTvv1p.epoch", "1393756740");
user_pref("extensions.YTzTvv1p.url", "http://foreveryshare.ru/sync2/?q=hfZ9oenHAMYMCyVUojaMg708BNmGWj8ckShGheDUojw9rdsGqda4rHsFqchIC7n0rjnErHaFrjaHpjw
---- Lines extensions._kXGC9H removed from prefs.js ----
user_pref("extensions._kXGC9H.epoch", "1393770301");
user_pref("extensions._kXGC9H.url", "http://foreveryboxzip.ru/sync2/?q=hfZ9oehUhGhEAen0rchTB6lKDzt4oktitNtVh7n0rjnErTs6rjr9rjwHtMFHhd9FqdaHrdwFqds8rjC
---- Lines extensions.bZMLTSIY removed from prefs.js ----
user_pref("extensions.bZMLTSIY.epoch", "1391612801");
user_pref("extensions.bZMLTSIY.url", "http://downloadusaweb.us/sync2/?q=hfZ9ofV9CShEAen0pjn8tMqLDe49CNU0nVsMCMlNhd9FqdaFrTYFpdw8qdUMBzqUojw9rdsEqdw8rd
---- Lines extensions.rN56VJGZ removed from prefs.js ----
user_pref("extensions.rN56VJGZ.epoch", "1392818444");
user_pref("extensions.rN56VJGZ.url", "http://websolutiion.in/sync2/?q=hfZ9ofDSC6gMCyVUojwFqTaMg708BNmGWj8ckShGheDUojw9rdsFqHwFqdwFrGhIC7n0rjnErTw5rjnE
---- Lines extensions.zNSpq_EO removed from prefs.js ----
user_pref("extensions.zNSpq_EO.epoch", "1391612801");
user_pref("extensions.zNSpq_EO.url", "http://firstblue.eu/sync2/?q=hfZ9ofDSC6gMCyVUojU9qihTB6lKDzt4oktitNtVh7n0rjnErjs5rjYFqjr5tMFHhd9FqdaGrdnFqja7rja
---- FireFox user.js and prefs.js backups ----

prefs_052014_1159_.backup
prefs_122013_0949_.backup

==== Deleting Files \ Folders ======================

"C:\Users\Usuário\AppData\Roaming\app" not found
"C:\Users\Usuário\AppData\Roaming\ATI" not found
"C:\Users\Usuário\AppData\Roaming\OTP" not found
"C:\Users\Usuário\AppData\Roaming\Reg" not found
"C:\Users\Usuário\AppData\Roaming\POST" not found
"C:\Users\Usuário\AppData\Roaming\TMNT" not found
"C:\Users\Usuário\AppData\Roaming\DBOBR" not found
"C:\Users\Usuário\AppData\Roaming\Dofus" not found
"C:\Users\Usuário\AppData\Roaming\Epson" not found
"C:\Users\Usuário\AppData\Roaming\HPoke" not found
"C:\Users\Usuário\AppData\Roaming\IObit" not found
"C:\Users\Usuário\AppData\Roaming\JSPKM" not found
"C:\Users\Usuário\AppData\Roaming\Orbit" not found
"C:\Users\Usuário\AppData\Roaming\PokCP" not found
"C:\Users\Usuário\AppData\Roaming\PokeO" not found
"C:\Users\Usuário\AppData\Roaming\PSafe" not found
"C:\Users\Usuário\AppData\Roaming\Tibia" not found
"C:\Users\Usuário\AppData\Roaming\Unity" not found
"C:\Users\Usuário\AppData\Roaming\Arcsoft" not found
"C:\Users\Usuário\AppData\Roaming\PokeBRO" not found
"C:\Users\Usuário\AppData\Roaming\Samsung" not found
"C:\Users\Usuário\AppData\Roaming\SecuROM" not found
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\Users\USURIO~2\AppData\LocalLow\{BCF99A58-B00F-C56D-212A-386DA58F1DCB} deleted
C:\Users\USURIO~2\AppData\LocalLow\{EBE669FE-43CB-B6CB-3AD6-D80DA4A476B4} deleted
C:\Users\USURIO~2\AppData\Local\Packages\windows_ie_ac_001\AC\{72EE3FD1-3365-46AF-1FA4-457B7525B519} deleted
C:\Users\USURIO~2\AppData\Local\Packages\windows_ie_ac_001\AC\{BCF99A58-B00F-C56D-212A-386DA58F1DCB} deleted
C:\Users\USURIO~2\AppData\Local\Packages\windows_ie_ac_001\AC\{D4D69B73-D47A-FF49-8CEB-358AF24C9122} deleted
C:\Users\USURIO~2\AppData\Local\Packages\windows_ie_ac_001\AC\{DAEE3EE3-E25E-AC3F-B7B5-6118FA415E90} deleted
C:\Users\USURIO~2\AppData\Local\Packages\windows_ie_ac_001\AC\{EBE669FE-43CB-B6CB-3AD6-D80DA4A476B4} deleted
C:\PROGRA~3\f29a40f6611deea9 deleted
C:\PROGRA~3\DigioSSavEr deleted
C:\PROGRA~3\YTNoAdS deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\GreatSoft deleted
C:\PROGRA~3\Package Cache deleted
C:\windows\SysNative\tasks\Baidu Antivirus Update deleted
C:\Users\USURIO~2\AppData\Roaming\unins000.exe deleted
C:\Users\USURIO~2\AppData\Roaming\unins001.exe deleted
"C:\Users\USURIO~2\AppData\Local\{1A82171E-06CA-48A4-B5E7-C713AC0DE517}" deleted
"C:\Users\Usuário\AppData\Roaming\D2Info0" deleted
"C:\Users\Usuário\AppData\Roaming\DofusAppId0_1" deleted
"C:\Users\Usuário\AppData\Roaming\DofusAppId0_2" deleted
"C:\PROGRA~3\bbalkelniajapkgghiddjeldabigooep\bbalkelniajapkgghiddjeldabigooep.crx" deleted
"C:\PROGRA~3\bbalkelniajapkgghiddjeldabigooep\update.xml" deleted
"C:\PROGRA~3\bbalkelniajapkgghiddjeldabigooep" deleted

==== Folders Found ======================

2014-05-10 14:25:37 2014-05-10 14:25:37 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-10 14:25:37 2014-05-10 14:25:37 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu
2014-04-25 14:08:54 2014-04-25 14:08:54 -------- d-----w- C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu
2014-05-04 18:39:01 2014-05-04 18:39:01 -------- d-----w- C:\ProgramData\Baidu Security
2014-05-04 18:39:01 2014-05-04 18:39:01 -------- d-----w- C:\Users\All Users\Baidu Security
2014-02-28 23:41:42 2014-04-01 21:51:56 -------- d-----w- C:\Users\Public\Documents\Baidu Security

==== Files Found ======================


--- C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\Baidu-TB-ASBar.exe ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1358792
Created time: 2012-04-10 09:30:26
Modified time: 2012-04-10 09:30:26
MD5: D848EF0636EA49D340F074F939DB817B
SHA1: 56A9D762D288AB173B7BFD42C9902E12B673BDB7


--- C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\Safari_baidu_script.js ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1556
Created time: 2014-04-09 18:43:30
Modified time: 2013-04-22 14:30:56
MD5: 670B367C3485AB4FA0046B9D1DDFF1B7
SHA1: DD0C159627F22F3BF83A8632A357EE62DE132EEC


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0\Setup]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-22 03-25-09-0892-[31795].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-03-22 03-25-10-0249-[31798].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Pcftray-2014-03-22 03-25-23-0228-[31840].tmp"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdCameraProtect64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdCameraProtect64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdCameraProtect64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Avast Software\WRC\SearchRules\baidu.com]

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
"url"="^http\\:\\/\\/www\\.baidu\\.com\\/.*"

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\PC App Store]

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\PC App Store\DataReport]

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\PC App Store\Setup]

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Avast Software\WRC\SearchRules\baidu.com]

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
"url"="^http\\:\\/\\/www\\.baidu\\.com\\/.*"

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{87F8774F-B485-47E2-A755-A40A8A5E8873}"="C:\Users\Usu rio\AppData\Local\GAS Tecnologia\GBBD\uni\xpi" [16/04/2014 06:22]

==== Firefox Extensions ======================

ProfilePath: C:\Users\USURIO~2\AppData\Roaming\Mozilla\Firefox\Profiles\gycv5ie5.default
- Undetermined - C:\Users\Usuário\AppData\Roaming\Mozilla\Firefox\Profiles\gycv5ie5.default\extensions\ascsurfingprotection@iobit.com
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- NewTabURL - %ProfilePath%\extensions\newtaburl_local.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Chrome Look ======================

Battlefield Heroes - USURIO~2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh
GBBD Guardião - Itaú 30 horas - USURIO~2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmpojlddncminmkddkpoegdjhojjipg
Google Wallet - USURIO~2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Bastion - USURIO~2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohphhdkahjlioohbalmicpokoefkgid
websave - USURIO~2\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bkoepgdpoolggcpfnpbbbgdeffcpbkkn
YiTBBoiookMeark - USURIO~2\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ckemhgnmaceihgfgkpkdakepopfomfid
YoutubeAdblocker - USURIO~2\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eaillmepkocipeaeepmehehkomipgpaj
weebsavve - USURIO~2\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eiomdeilfpmnfgelkhcdiennbhgocaif
Xbox LIVE Dashboard - USURIO~2\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oobdmiffgnobnpagcjjmpcajhdaoighg
YoutubeAdblocker - USURIO~2\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnnpefenlcgkkbfejdhdgkhmjpahpnni

==== Chrome Fix ======================

C:\Users\USURIO~2\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eaillmepkocipeaeepmehehkomipgpaj deleted successfully
C:\Users\USURIO~2\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnnpefenlcgkkbfejdhdgkhmjpahpnni deleted successfully
C:\Users\USURIO~2\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bkoepgdpoolggcpfnpbbbgdeffcpbkkn deleted successfully
C:\Users\USURIO~2\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ckemhgnmaceihgfgkpkdakepopfomfid deleted successfully
C:\Users\USURIO~2\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\eiomdeilfpmnfgelkhcdiennbhgocaif deleted successfully
C:\Users\USURIO~2\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oobdmiffgnobnpagcjjmpcajhdaoighg deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com.br/"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://find.localstrike.net"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://find.localstrike.net"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.google.com.br/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\USURIO~2\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\USURIO~2\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe

==== shortcuts in Users Start Menu ======================

C:\Users\USURIO~2\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\FormatFactory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Help.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe /help
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Uninstall.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\MV AntiSpy 4.0.lnk - C:\Program Files (x86)\Marcos Velasco Security\MV AntiSpy 4.0\ANTISPY.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Super Tela.lnk - C:\Program Files (x86)\Super Tela\Super Tela.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4.lnk - C:\Program Files (x86)\Glary Utilities 4\Integrator.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Ajuda.lnk - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe Start Help -help
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\AMD Catalyst Control Center.lnk - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Pro Evolution Soccer 2013.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4\Glary Utilities 4.lnk - C:\Program Files (x86)\Glary Utilities 4\Integrator.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4\Uninstall.lnk - C:\Program Files (x86)\Glary Utilities 4\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4\Website.lnk - C:\Program Files (x86)\Glary Utilities 4\Glary Utilities 4.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak\Kodak EasyShare\Software Kodak EasyShare.lnk - C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marcos Velasco Security\MV AntiSpy 4.0.lnk - C:\Program Files (x86)\Marcos Velasco Security\MV AntiSpy 4.0\ANTISPY.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape\Uninstall PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\uninstall.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 4.lnk - C:\Program Files (x86)\Glary Utilities 4\Integrator.exe
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk - C:\Program Files (x86)\Nero\Nero8\Nero Home\NeroHome.exe -ScParameter=65
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe -ScParameter=65
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk - C:\Windows\Installer\{08CA9554-B5FE-4313-938F-D4A417B81175}\QTPlayer.ico
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d91276b0be3e46b\pinned.lnk -
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [Você precisa estar registrado e conectado para ver este link.]
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe [Você precisa estar registrado e conectado para ver este link.]
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe [Você precisa estar registrado e conectado para ver este link.]
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\USURIO~2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"=""
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bce146af-64dd-428e-b41c-473ea23fa474 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Baidu Antivirus deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\USURIO~2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\USURIO~2\AppData\Local\Mozilla\Firefox\Profiles\gycv5ie5.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\USURIO~2\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=109 folders=39 8478364 bytes)

==== Empty Temp Folders ======================

C:\Users\USURIO~2\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\USURIO~2\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 10/05/2014 at 12:11:58,20 ======================
avatar
janderson
Membro
Membro

Mensagens : 67
Reputação : 1
Data de inscrição : 29/10/2013

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por Power Max em Sab 10 Maio 2014, 13:27

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Sab 10 Maio 2014, 17:56, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por janderson em Sab 10 Maio 2014, 17:42

desculpe pela demora aqui esta

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Usu rio on 10/05/2014 at 17:29:08,91.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Usuário\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-10-151158.log 36344 bytes
C:\zoek-results2014-05-10-202436.log 10362 bytes

==== System Restore Info ======================

10/05/2014 17:31:04 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdCameraProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdCameraProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BprotectEx deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCFApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCFApiUtil deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0\Setup]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-22 03-25-09-0892-[31795].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-03-22 03-25-10-0249-[31798].tmp"=-
"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Pcftray-2014-03-22 03-25-23-0228-[31840].tmp"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCFApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCFApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFApiUtil]
"ImagePath"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
"url"=-
[-HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\PC App Store]
[-HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\PC App Store\DataReport]
[-HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\PC App Store\Setup]
[-HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
"url"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu not found
C:\ProgramData\Baidu Security not found
C:\Users\All Users\Baidu Security not found
C:\Users\Public\Documents\Baidu Security not found
"C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\Safari_baidu_script.js" not found

==== Folders Found ======================

2014-05-10 14:25:37 2014-05-10 14:25:37 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-05-10 14:25:37 2014-05-10 14:25:37 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Public\Documents\baidu

==== Files Found ======================


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Avast Software\WRC\SearchRules\baidu.com]

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Avast Software\WRC\SearchRules\baidu.com]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=117 folders=48 10770400 bytes)

==== EOF on 10/05/2014 at 17:38:08,34 ======================
avatar
janderson
Membro
Membro

Mensagens : 67
Reputação : 1
Data de inscrição : 29/10/2013

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por Power Max em Sab 10 Maio 2014, 17:47

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Sab 10 Maio 2014, 17:55, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por janderson em Sab 10 Maio 2014, 17:53


Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Usu rio on 10/05/2014 at 17:50:53,71.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Usuário\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-10-151158.log 36344 bytes
C:\zoek-results2014-05-10-202436.log 10362 bytes
C:\zoek-results2014-05-10-203808.log 12353 bytes

==== System Restore Info ======================

10/05/2014 17:51:25 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
[-HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

==== Registry Search Results for "Baidu" ======================

No instances of string "Baidu" found.

==== C:\zoek_backup content ======================

C:\zoek_backup (files=117 folders=48 10770400 bytes)

==== EOF on 10/05/2014 at 17:52:28,16 ======================
avatar
janderson
Membro
Membro

Mensagens : 67
Reputação : 1
Data de inscrição : 29/10/2013

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por Power Max em Sab 10 Maio 2014, 17:55

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

Tutorial do Junkware Removal Tool

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por janderson em Sab 10 Maio 2014, 18:10

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Usu rio on 10/05/2014 at 17:59:04,72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Usu rio\appdata\local\{5D0AB2E1-8EE2-4200-A342-FEE7F553BECF}



~~~ FireFox

Emptied folder: C:\Users\Usu rio\AppData\Roaming\mozilla\firefox\profiles\gycv5ie5.default\minidumps [79 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/05/2014 at 18:08:24,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
janderson
Membro
Membro

Mensagens : 67
Reputação : 1
Data de inscrição : 29/10/2013

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por Power Max em Sab 10 Maio 2014, 18:16

Faça o download do < ZHPDiag2.exe > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

Tutorial de instalação e execução do aplicativo ZHPDiag

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por janderson em Sab 10 Maio 2014, 18:28

~ Relatório do ZHPDiag v2014.5.9.58 - Nicolas Coolman (09/05/2014)
~ Iniciado por Usuário (10/05/2014 18:21:49)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Fóruns de suporte gratuito para desinfecção : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17105
MFIE: Mozilla Firefox 29.0.1 (Defaut)
GCIE: Google Chrome v33.0.1750.117

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
AVG 2014 v14.0.3931
Malwarebytes Anti-Malware versão 2.0.1.1004
Windows Defender W7

---\\ Softwares d'optimização do sistema
CCleaner v4.13

---\\ Softwares de partilha do PeerToPeer (P2P)
Pando Media Booster v2.6.0.8

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader X
Java 7 Update 55

---\\ Informações sobre o sistema
~ Processor: AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3839 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 272 GB (58%) free of 465 GB

---\\ Modo de conexão ao sistema
~ Computer Name: PC-CHIPS-A45G-
~ User Name: Usuário
~ All Users Names: Usuário, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Usuário\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Usuário\AppData\Roaming\
~ %Desktop% : C:\Users\Usuário\Desktop\
~ %Favorites% : C:\Users\Usuário\Favorites\
~ %LocalAppData% : C:\Users\Usuário\AppData\Local\
~ %StartMenu% : C:\Users\Usuário\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 272 Go of 465 Go)
D: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/03/2014 - 03:22:40.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 10:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 10:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 08:06:41.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 06:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 10:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 3/579
~ Mes musiques (My Musics) : 5/686
~ Mes Videos (My Videos) : 2/1773
~ Mes Favoris (My Favorites) : 1/134
~ Mes Documents (My Documents) : 6/280
~ Mon Bureau (My Desktop) : 2/6
~ Menu demarrer (Programs) : 1/29
~ Hidden Files: Scanned in 00mn 01s



---\\ Processos lançados
[MD5.5FA7D3322DA8E6A6D92B49130E48A0D7] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432] [PID.1684]
[MD5.05BE9A378036323EC42CCD3F9BB03266] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7872000] [PID.2228]
[MD5.DBAEB3D23C653018629A76E53260E122] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912] [PID.1732]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176] [PID.2088]
~ Processes Running: Scanned in 00mn 00s



---\\ Opera, Plugins,Arranque,Pesquisa (P1,B0,B1)
B0 - SPO: operaprefs.ini [Usuário] Home URL=http://search.localstrike.com.ar
B1 - OSP: search.ini [Usuário] URL=http://find.localstrike.net?q=%s
~ Opera Browser: 2 Legitimates Filtered in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [Usuário - gycv5ie5.default\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (..)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Usuário\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/uni] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Usuário\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll
~ Firefox Browser: 7 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Barras do Internet Explorer (03))
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Chave orfã
~ Toolbar: Scanned in 00mn 00s



---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [Usuário]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuário\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Legitimates Filtered in 00mn 01s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E8D82BE6-18EF-40E3-96B4-9F97C817EA0B}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{E8D82BE6-18EF-40E3-96B4-9F97C817EA0B}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{E8D82BE6-18EF-40E3-96B4-9F97C817EA0B}: DhcpNameServer = 192.168.254.254
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Listagem dos dados do BootExecute (Bex) (034)
O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
~ BEX: 1 Legitimates Filtered in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [4844] (...) -- C:\Users\Usuário\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{012FF5F9-F873-42AA-8406-136BFDBE05E1}] (...) -- C:\Users\Usuário\Downloads\8-12_vista32_dd_ccc_wdm_enu_72275.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{19A6E91D-B9CF-44D0-BE2B-78505AB22857}] (...) -- C:\Users\Usuário\Documents\Pes 2013\Pro Evolution Soccer 2013 Repack\Desinstalar.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{1B08C824-085B-4407-AF11-769CBB57927F}] (...) -- C:\Users\Usuário\Downloads\Pokemon Evolution_1\Pokemon Evolution\Pokemon Evolution Install.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{29DC5EF5-699C-4B23-9647-4F1A26B49B28}] (...) -- C:\Users\Usuário\Downloads\Winning Eleven 9 By.Rexon\Winning Eleven 9\Winning Eleven 9.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2F89184E-5315-4BD1-96D6-BCFC7A31C2E7}] (...) -- C:\Users\Usuário\Downloads\DBO_CT_TW_Setup_20120531.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{304819C8-8A02-4006-9D4E-91FE9DDEB388}] (...) -- C:\Users\Usuário\Downloads\Winning Eleven 9 By.Rexon\Winning Eleven 9\Winning Eleven 9.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{316461E2-448B-4767-86DF-7935CD448B52}] (...) -- C:\Users\Usuário\Downloads\Winning Eleven 9 By.Rexon\Winning Eleven 9\Winning Eleven 9.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3DAB528F-019E-40E1-BE8B-174D5EB8C58C}] (...) -- C:\Users\Usuário\Downloads\brasfoot2013.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5024C21A-21FA-4D1D-A1E4-E62A191C2BFC}] (...) -- C:\Users\Usuário\Downloads\Pokemon_Screensaver_setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{610D6A38-EAD9-41EA-9472-12C1B51E0CC2}] (...) -- C:\Users\Usuário\Downloads\TMNT-2007-Asdka2.Com.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6240E2DC-7A68-49AF-840D-F68417A5A342}] (...) -- C:\Users\Usuário\Documents\Medal of Honor\CD1-MOHAA_SCOMACAO-DISK1\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{66B9AAF0-B5A0-4C27-8D6D-29FADE56D821}] (...) -- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7476D74E-ACF3-4F2C-9317-EE1032ADFD1E}] (...) -- C:\Users\Usuário\Documents\Documents\CD1-MOHAA_SCOMACAO-DISK1\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7ED7D1DA-F4D7-4C0B-B871-F79C81E5B6F7}] (...) -- c:\users\Usuário\appdata\local\lollipop\lollipop.bat (.not file.) [0] =>Adware.Lollipop
[MD5.00000000000000000000000000000000] [APT] [{8CBE935F-DA6D-46BE-AD44-90C83F813214}] (...) -- C:\Users\Usuário\Documents\FIFA 08\FIFA_08_www.oyuncehennemi.com\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{93597BDB-6137-4066-87F7-F920325FFCFF}] (...) -- D:\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AA692067-6181-4572-8DF7-E7F74FE293FC}] (...) -- C:\Users\Usuário\Documents\Dofus\Dofus2\app\UpLauncher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B673EBE9-167C-4C14-9592-7D899E3A77CE}] (...) -- C:\Users\Usuário\Downloads\Medal of Honor DISK 1\CD1-MOHAA_SCOMACAO-DISK1\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C13CF828-037B-4324-AE47-E5BFE78F0478}] (...) -- C:\Users\Usuário\Downloads\habbo moedas generator.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D6994E09-3860-470D-ACC8-2BF283D3DEBA}] (...) -- C:\Users\Usuário\Downloads\cliente zapto.exe (.not file.) [0]
[MD5.319ACB4EBB11CA03E8FD2F8B91F2CA02] [APT] [{D8B1E7D1-F7E0-4835-BE1C-E99195ED1451}] (...) -- C:\Program Files (x86)\Pokemon Psycho\Uninstal.exe [119368]
[MD5.00000000000000000000000000000000] [APT] [{EE0DE280-0EBB-4280-9338-6E1E607CB8BF}] (...) -- C:\Program Files\Eidos Interactive\Hitman 2 Silent Assassin\hitman2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EF6C88B5-DA39-4F30-9BE0-19FA83B35430}] (...) -- C:\Program Files\Eidos Interactive\Hitman 2 Silent Assassin\hitman2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F3863D60-5C54-4E2D-AB81-C503E1A5FF6F}] (...) -- C:\Users\Usuário\Desktop\tradu‡ao..cs 1.6\CS Tradutor - [Você precisa estar registrado e conectado para ver este link.] (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F5A5C073-2CD9-438F-AF08-B7A210AECB25}] (...) -- C:\Users\Usuário\Documents\FIFA 08\FIFA_08_www.oyuncehennemi.com\mk_icon.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\Tasks\060184C3-9766-46a0-B258-F4518A0B2633.job [372]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 [372]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GlaryInitialize 4 [334]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
~ Scheduled Task: 46 Legitimates Filtered in 00mn 05s



---\\ Software instalados (042)
O42 - Logiciel: Cross Fire AL - (.Z8Games.com.) [HKLM][64Bits] -- Cross Fire AL_is1
O42 - Logiciel: Dolphin - (.Dolphin Development Team.) [HKLM][64Bits] -- Dolphin
O42 - Logiciel: ESSPDock - (.Nome de sua empresa:.) [HKLM][64Bits] -- {FCDB1C92-03C6-4C76-8625-371224256091}
O42 - Logiciel: MV AntiSpy 4.0 - (...) [HKLM][64Bits] -- MV AntiSpy 4.0_is1
O42 - Logiciel: Naruto Shippuden Gekitou Ninja Taisen SP NarutoPlanet.ru NarutoPlanet.ru - (...) [HKLM][64Bits] -- Naruto Shippuden Gekitou Ninja Taisen SP NarutoPlanet.ru NarutoPlanet.ru
O42 - Logiciel: Super Tela - (...) [HKLM][64Bits] -- Super Tela
~ Logic: 12 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\CoolROM]
[HKCU\Software\GbAs]
[HKCU\Software\Install]
[HKCU\Software\Pando Networks]
[HKCU\Software\sXe Injected]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\Baidu Security] =>Adware.BDSearch
[HKLM\Software\SpeedBit]
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\WS.Booster] =>PUP.SafeWeb
[HKLM\Software\Wow6432Node\sXe_Injected]
~ Key Software: 327 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/08/2013 - 20:58:03 - [] ----D C:\Program Files (x86)\Asprate
O43 - CFD: 07/05/2014 - 16:07:51 - [] ----D C:\Program Files (x86)\Marcos Velasco Security
O43 - CFD: 15/02/2014 - 19:00:55 - [] ----D C:\Program Files (x86)\NarutoPlanet.ru
O43 - CFD: 25/10/2012 - 06:55:22 - [] ----D C:\Program Files (x86)\Oi
O43 - CFD: 02/02/2013 - 18:10:33 - [] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 04/05/2014 - 15:38:38 - [] ----D C:\Program Files (x86)\Super Tela
O43 - CFD: 25/10/2012 - 06:55:21 - [] ----D C:\ProgramData\Oi
O43 - CFD: 19/02/2013 - 16:23:16 - [] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 20/09/2013 - 08:54:49 - [] ----D C:\Users\Usuário\AppData\Roaming\360Safe =>Trojan.Lozavita
O43 - CFD: 10/04/2014 - 07:19:43 - [] ----D C:\Users\Usuário\AppData\Roaming\Baidu Security =>Adware.BDSearch
O43 - CFD: 10/12/2012 - 15:02:49 - [] ----D C:\Users\Usuário\AppData\Roaming\DBOBR
O43 - CFD: 17/03/2014 - 15:12:14 - [] ----D C:\Users\Usuário\AppData\Roaming\JSPKM
O43 - CFD: 07/03/2014 - 10:59:23 - [] ----D C:\Users\Usuário\AppData\Roaming\MP3Rocket
O43 - CFD: 16/11/2013 - 17:59:00 - [] ----D C:\Users\Usuário\AppData\Roaming\OTP
O43 - CFD: 10/01/2013 - 19:43:37 - [] ----D C:\Users\Usuário\AppData\Roaming\PokCP
O43 - CFD: 26/01/2013 - 17:58:52 - [] ----D C:\Users\Usuário\AppData\Roaming\PokeBRO
O43 - CFD: 22/12/2012 - 12:17:19 - [] ----D C:\Users\Usuário\AppData\Roaming\PokeO
O43 - CFD: 09/06/2013 - 12:24:56 - [] ----D C:\Users\Usuário\AppData\Roaming\POST
O43 - CFD: 06/04/2014 - 18:58:28 - [] ----D C:\Users\Usuário\AppData\Roaming\ProductData
O43 - CFD: 13/09/2013 - 11:41:23 - [] ----D C:\Users\Usuário\AppData\Roaming\Reg
O43 - CFD: 01/10/2013 - 13:13:31 - [] ----D C:\Users\Usuário\AppData\Roaming\Shareaza
O43 - CFD: 17/12/2012 - 15:27:46 - [] ----D C:\Users\Usuário\AppData\Roaming\ZezeniaOnline
O43 - CFD: 18/12/2012 - 14:18:40 - [] ----D C:\Users\Usuário\AppData\Local\Level Up!
O43 - CFD: 02/02/2013 - 18:10:27 - [] ----D C:\Users\Usuário\AppData\Local\Pando_Temp
~ Program Folder: 216 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - 01/05/2014 - 16:53:02 ---A- . (...) -- C:\Windows\ôõ1 [20]
O44 - LFC:[MD5.4F49E80C35B9E63A600E27908B804043] - 05/05/2014 - 10:16:45 ---A- . (...) -- C:\Windows\System32\energy-report.html [15809]
O44 - LFC:[MD5.1E2B63A0420E3BEA0640B98493EA8C7A] - 05/05/2014 - 11:07:23 ---A- . (...) -- C:\teste.html [28598]
O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 08/05/2014 - 17:34:12 ---A- . (...) -- C:\Windows\NeroDigital.ini [69]
O44 - LFC:[MD5.4AE1C8F2FA0EA999E834DF5756400AE1] - 09/05/2014 - 15:35:33 ---A- . (...) -- C:\Windows\System32\prfc0404.dat [115690]
O44 - LFC:[MD5.1BCB9294957B560CAD63665D08210E9A] - 09/05/2014 - 15:35:33 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [148256]
O44 - LFC:[MD5.B99FCB445DE5826F965C44EBCE0C247C] - 09/05/2014 - 15:35:33 ---A- . (...) -- C:\Windows\System32\prfc0804.dat [120192]
O44 - LFC:[MD5.906066323579B2EC8C0EFC44629254E0] - 09/05/2014 - 15:35:33 ---A- . (...) -- C:\Windows\System32\prfc0816.dat [153506]
O44 - LFC:[MD5.59A675E8AEEFC4B9DE501C5378920E7E] - 09/05/2014 - 15:35:33 ---A- . (...) -- C:\Windows\System32\prfh0404.dat [392938]
O44 - LFC:[MD5.7B201EC0BC0407F2528906A3641C78B7] - 09/05/2014 - 15:35:33 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [708476]
O44 - LFC:[MD5.32B670541E288211F56E833699C350F1] - 09/05/2014 - 15:35:33 ---A- . (...) -- C:\Windows\System32\prfh0804.dat [375766]
O44 - LFC:[MD5.373E31E25C0B3E72153CB9EA4B51BD58] - 09/05/2014 - 15:35:33 ---A- . (...) -- C:\Windows\System32\prfh0816.dat [723614]
O44 - LFC:[MD5.C04F16746FE80F47607C74BDC80ED485] - 10/05/2014 - 12:11:58 ---A- . (...) -- C:\zoek-results2014-05-10-151158.log [36344]
O44 - LFC:[MD5.DCA05A46E5B602B41454C484E37F3CEB] - 10/05/2014 - 17:24:36 ---A- . (...) -- C:\zoek-results2014-05-10-202436.log [10362]
O44 - LFC:[MD5.CC9B74C8B2D16B1DBD3498102D7DEDE6] - 10/05/2014 - 17:38:08 ---A- . (...) -- C:\zoek-results2014-05-10-203808.log [12353]
O44 - LFC:[MD5.D8860878A2DDF11E5A7118C913A7E377] - 10/05/2014 - 17:52:28 ---A- . (...) -- C:\zoek-results.log [2312]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/04/2014 - 11:22:49 ---A- . (...) -- C:\asc_rdflag [0]
~ Files: 66 Legitimates Filtered in 00mn 04s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{b10e30b5-7a7a-11e2-8bde-1078d24905e9}\AutoRun\command. (...) -- E:\Autorun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\OiVelox [Key] . (...) -- C:\Program Files (x86)\Oi\Programmer\OiVeloxCheck.exe
O53 - SMSR:HKLM\...\startupreg\Pando Media Booster [Key] . (.No owner - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
~ SMSR Keys: 13 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/09/2013 - 18:50:58 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [288688]
O58 - SDL:28/10/2013 - 09:44:34 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\aswTap.sys [44640]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:28/02/2014 - 20:43:08 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [381440]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:30/04/2013 - 05:51:09 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [40616]
~ Drivers: 71 Legitimates Filtered in 00mn 07s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 28/02/2014 - C:\Windows\system32\Drivers\sptd.sys (sptd) .(.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) - LEGACY_SPTD
~ Legacy: 106 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.94B74ED65DA127229C9CCDA74A1E15CE] [SPRF][22/02/2014] (...) -- C:\Users\Usuário\AppData\Roaming\unins000.dat [17147]
[MD5.51D5AC7670A6789D2ABA254F319BCD1B] [SPRF][04/03/2014] (...) -- C:\Users\Usuário\AppData\Roaming\unins001.dat [16748]
~ Files: 2 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{01BD1C47-3F6D-4D5B-B8E9-9F3075B39139}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuário\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{82C8C786-2221-40A0-B13D-2683087BF539}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuário\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{5CB19964-7CEF-43A4-941B-DC425F339B12}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuário\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{1ECE5139-8D01-42C3-B13A-747E7D0A4059}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuário\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 01s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASAPI32 =>Hijacker.BabSolution
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASMANCS =>Hijacker.BabSolution
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\biclient_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\biclient_RASMANCS =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bittorrent-772-build-28499-superdownloads-32-bits_RASAPI32 =>P2P.BitTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bittorrent-772-build-28499-superdownloads-32-bits_RASMANCS =>P2P.BitTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitTorrent-8_RASAPI32 =>P2P.BitTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitTorrent-8_RASMANCS =>P2P.BitTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitTorrent_RASAPI32 =>P2P.BitTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitTorrent_RASMANCS =>P2P.BitTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bi_client_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bi_client_RASMANCS =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASAPI32 =>Adware.OpenCandy
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASMANCS =>Adware.OpenCandy
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_somoto_14693_RASAPI32 =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_somoto_14693_RASMANCS =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyDeltaTB_RASAPI32 =>Toolbar.DeltaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyDeltaTB_RASMANCS =>Toolbar.DeltaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Optimizer_Pro_RASAPI32 =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Optimizer_Pro_RASMANCS =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\portaldosites_2203-cf3fd19d_RASAPI32 =>Hijacker.PortaldoSites
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\portaldosites_2203-cf3fd19d_RASMANCS =>Hijacker.PortaldoSites
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent (1)_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent (1)_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-11DC_RASAPI32 =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-11DC_RASMANCS =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASAPI32 =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASMANCS =>Adware.Yontoo
~ BTK: 727 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Disabled 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Disabled 11/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 14/01/2014 881952 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SS - | Disabled 26/03/2014 238080 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SS - | Auto 18/04/2014 3645456 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
SS - | Disabled 17/12/2007 163840 | (EPSON_EB_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.exe
SS - | Disabled 11/01/2007 126464 | (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.exe
SS - | Disabled 09/07/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 09/07/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 26/02/2014 2224976 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SS - | Disabled 05/04/2014 2153792 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Disabled 26/02/2014 377616 | (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
SS - | Auto 03/04/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SS - | Auto 03/04/2014 857912 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SS - | Disabled 08/06/2008 877864 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
SS - | Disabled 24/06/2008 537896 | (NMIndexingService) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
SS - | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des
SS - | Disabled 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\SysWOW64\IoctlSvc.exe
SS - | Disabled 25/02/2014 105448 | (RzKLService) . (.Razer Inc..) - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
SS - | Disabled 26/03/2014 27768 | (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe
SS - | Demand 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 06/12/2013 344064 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 27/03/2014 291912 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 07s



---\\ Lista dos emuladores de CD/DVD (MBR Hook)
O58 - SDL:28/02/2014 - 20:43:08 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [381440]
~ Emulateurs: Scanned in 00mn 07s



---\\ Scâner Aditional (088)
Database Version : 13045 - (09/05/2014)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 2

[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\eSafeSvc] =>PUP.eSafeSecurity
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita
C:\Users\Usuário\AppData\Roaming\360Safe =>Trojan.Lozavita^
C:\Users\Usuário\AppData\Roaming\Baidu Security =>Adware.BDSearch^
[HKLM\Software\Baidu Security] =>Adware.BDSearch^
[HKLM\Software\Wow6432Node\WS.Booster] =>PUP.SafeWeb^
~ Additionnel Scan: 406925 Items scanned in 00mn 19s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.] =>Adware.Lollipop
[Você precisa estar registrado e conectado para ver este link.] =>Adware.BDSearch
[Você precisa estar registrado e conectado para ver este link.] =>Trojan.Lozavita
[Você precisa estar registrado e conectado para ver este link.] =>Hijacker.BabSolution
[Você precisa estar registrado e conectado para ver este link.] =>Adware.MegaSearch
[Você precisa estar registrado e conectado para ver este link.] =>Adware.OpenCandy
[Você precisa estar registrado e conectado para ver este link.] =>Toolbar.DeltaSearch
[Você precisa estar registrado e conectado para ver este link.] =>PUP.OptimizerPro
[Você precisa estar registrado e conectado para ver este link.] =>Hijacker.PortaldoSites
[Você precisa estar registrado e conectado para ver este link.] =>Adware.Yontoo
[Você precisa estar registrado e conectado para ver este link.] =>PUP.eSafeSecurity
~ MSI: 11 link(s) detected in 00mn 00s



~ 981 Legitimates filtered by white list
End of the scan (531 lines in 01mn 19s)(0)
avatar
janderson
Membro
Membro

Mensagens : 67
Reputação : 1
Data de inscrição : 29/10/2013

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por Power Max em Sab 10 Maio 2014, 18:52

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta.


Última edição por Power Max em Ter 13 Maio 2014, 16:31, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por janderson em Sab 10 Maio 2014, 19:04

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Usuário at 10/05/2014 19:01:54
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 07s)
Reparação de atalhos do navegador

========== Chaves do Registo ==========
ELIMINÉ:* HKLM\Software\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\360Safe
ELIMINÉ: HKLM\Software\Wow6432Node\WS.Booster
ELIMINÉ CLSID MPSK: {b10e30b5-7a7a-11e2-8bde-1078d24905e9}
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32
ELIMINÉ:* HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\biclient_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\biclient_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bi_client_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bi_client_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_somoto_14693_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_somoto_14693_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyDeltaTB_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyDeltaTB_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Optimizer_Pro_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Optimizer_Pro_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\portaldosites_2203-cf3fd19d_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\portaldosites_2203-cf3fd19d_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-11DC_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-11DC_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASMANCS
ELIMINÉ: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\eSafeSvc

========== Valores do Registo ==========
ELIMINÉ: Toolbar: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Preferências do navegador ==========
ELIMINÉ: Opera Start Page: [Você precisa estar registrado e conectado para ver este link.]
ELIMINÉ: Opera Search Page: [Você precisa estar registrado e conectado para ver este link.]

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\windows\tasks\060184c3-9766-46a0-b258-f4518a0b2633.job
ELIMINA REINICIAR: c:\windows\system32\tasks\060184c3-9766-46a0-b258-f4518a0b2633
ELIMINÉ Temporários windows (125) (2.679.123 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Tarefa planificada ==========
ELIMINÉ: 4844
ELIMINÉ: {012FF5F9-F873-42AA-8406-136BFDBE05E1}
ELIMINÉ: {19A6E91D-B9CF-44D0-BE2B-78505AB22857}
ELIMINÉ: {1B08C824-085B-4407-AF11-769CBB57927F}
ELIMINÉ: {29DC5EF5-699C-4B23-9647-4F1A26B49B28}
ELIMINÉ: {2F89184E-5315-4BD1-96D6-BCFC7A31C2E7}
ELIMINÉ: {304819C8-8A02-4006-9D4E-91FE9DDEB388}
ELIMINÉ: {316461E2-448B-4767-86DF-7935CD448B52}
ELIMINÉ: {3DAB528F-019E-40E1-BE8B-174D5EB8C58C}
ELIMINÉ: {5024C21A-21FA-4D1D-A1E4-E62A191C2BFC}
ELIMINÉ: {610D6A38-EAD9-41EA-9472-12C1B51E0CC2}
ELIMINÉ: {6240E2DC-7A68-49AF-840D-F68417A5A342}
ELIMINÉ: {66B9AAF0-B5A0-4C27-8D6D-29FADE56D821}
ELIMINÉ: {7476D74E-ACF3-4F2C-9317-EE1032ADFD1E}
ELIMINÉ: {7ED7D1DA-F4D7-4C0B-B871-F79C81E5B6F7}
ELIMINÉ: {8CBE935F-DA6D-46BE-AD44-90C83F813214}
ELIMINÉ: {93597BDB-6137-4066-87F7-F920325FFCFF}
ELIMINÉ: {AA692067-6181-4572-8DF7-E7F74FE293FC}
ELIMINÉ: {B673EBE9-167C-4C14-9592-7D899E3A77CE}
ELIMINÉ: {C13CF828-037B-4324-AE47-E5BFE78F0478}
ELIMINÉ: {D6994E09-3860-470D-ACC8-2BF283D3DEBA}
ELIMINÉ: {D8B1E7D1-F7E0-4835-BE1C-E99195ED1451}
ELIMINÉ: {EE0DE280-0EBB-4280-9338-6E1E607CB8BF}
ELIMINÉ: {EF6C88B5-DA39-4F30-9BE0-19FA83B35430}
ELIMINÉ: {F3863D60-5C54-4E2D-AB81-C503E1A5FF6F}
ELIMINÉ: {F5A5C073-2CD9-438F-AF08-B7A210AECB25}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
27 : Chaves do Registo
7 : Valores do Registo
1 : Pastas
4 : Ficheiros
2 : Preferências do navegador
26 : Tarefa planificada
1 : Restauração Sistema


End of clean in 00mn 45s

========== Caminho do ficheiro do relatório ==========
C:\Users\Usuário\AppData\Roaming\ZHP\ZHPFix[R1].txt - 10/05/2014 19:02:01 [4804]
avatar
janderson
Membro
Membro

Mensagens : 67
Reputação : 1
Data de inscrição : 29/10/2013

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por Power Max em Sab 10 Maio 2014, 19:10

Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por janderson em Sab 10 Maio 2014, 19:18

~ Relatório do ZHPDiag v2014.5.9.58 - Nicolas Coolman (09/05/2014)
~ Iniciado por Usuário (10/05/2014 19:13:58)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Fóruns de suporte gratuito para desinfecção : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Deactivate by user


---\\ Navegadores Internet
MSIE: Internet Explorer v11.0.9600.17105
MFIE: Mozilla Firefox 29.0.1 (Defaut)
GCIE: Google Chrome v33.0.1750.117

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
AVG 2014 v14.0.3931
Malwarebytes Anti-Malware versão 2.0.1.1004
Windows Defender W7

---\\ Softwares d'optimização do sistema
CCleaner v4.13

---\\ Softwares de partilha do PeerToPeer (P2P)
Pando Media Booster v2.6.0.8

---\\ Monitoramento dos softwares
Adobe Flash Player 13 Plugin
Adobe Reader X
Java 7 Update 55

---\\ Informações sobre o sistema
~ Processor: AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3839 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 272 GB (58%) free of 465 GB

---\\ Modo de conexão ao sistema
~ Computer Name: PC-CHIPS-A45G-
~ User Name: Usuário
~ All Users Names: Usuário, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Usuário\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Usuário\AppData\Roaming\
~ %Desktop% : C:\Users\Usuário\Desktop\
~ %Favorites% : C:\Users\Usuário\Favorites\
~ %LocalAppData% : C:\Users\Usuário\AppData\Local\
~ %StartMenu% : C:\Users\Usuário\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 272 Go of 465 Go)
D: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 03:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F220BA78AB542C70211D73AE4729B2CD] - (.Microsoft Corporation - Internet Extensions para Win32.) (.06/03/2014 - 03:22:40.) -- C:\Windows\System32\wininet.dll [2260480]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 10:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 10:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.27/09/2013 - 22:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 06:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 06:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 07:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 06:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.23/01/2014 - 23:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 07:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 08:06:41.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 06:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 10:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 3/579
~ Mes musiques (My Musics) : 5/687
~ Mes Videos (My Videos) : 2/1773
~ Mes Favoris (My Favorites) : 1/134
~ Mes Documents (My Documents) : 6/280
~ Mon Bureau (My Desktop) : 2/5
~ Menu demarrer (Programs) : 1/29
~ Hidden Files: Scanned in 00mn 00s



---\\ Processos lançados
[MD5.5FA7D3322DA8E6A6D92B49130E48A0D7] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432] [PID.1684]
[MD5.05BE9A378036323EC42CCD3F9BB03266] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7872000] [PID.444]
[MD5.DBAEB3D23C653018629A76E53260E122] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912] [PID.1732]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176] [PID.2088]
~ Processes Running: Scanned in 00mn 00s



---\\ Opera, Plugins,Arranque,Pesquisa (P1,B0,B1)
B0 - SPO: operaprefs.ini [Usuário] Home URL=http://www.google.com/
B1 - OSP: search.ini [Usuário] URL=http://www.google.com/
~ Opera Browser: 2 Legitimates Filtered in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Usuário\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [Usuário - gycv5ie5.default\ascsurfingprotection@iobit.com] [] Advanced SystemCare Surfing Protection v1.0 (..)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/cef] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Usuário\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/uni] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Usuário\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll
~ Firefox Browser: 7 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Outras conexões do utilizador (04)
O4 - GS\QuickLaunch [Usuário]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuário\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Legitimates Filtered in 00mn 00s



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E8D82BE6-18EF-40E3-96B4-9F97C817EA0B}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{E8D82BE6-18EF-40E3-96B4-9F97C817EA0B}: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{E8D82BE6-18EF-40E3-96B4-9F97C817EA0B}: DhcpNameServer = 192.168.254.254
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Listagem dos dados do BootExecute (Bex) (034)
O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
~ BEX: 1 Legitimates Filtered in 00mn 00s



---\\ Tarefas planificadas automaticamente (039)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [902]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GlaryInitialize 4 [334]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
~ Scheduled Task: 19 Legitimates Filtered in 00mn 02s



---\\ Software instalados (042)
O42 - Logiciel: Cross Fire AL - (.Z8Games.com.) [HKLM][64Bits] -- Cross Fire AL_is1
O42 - Logiciel: Dolphin - (.Dolphin Development Team.) [HKLM][64Bits] -- Dolphin
O42 - Logiciel: ESSPDock - (.Nome de sua empresa:.) [HKLM][64Bits] -- {FCDB1C92-03C6-4C76-8625-371224256091}
O42 - Logiciel: MV AntiSpy 4.0 - (...) [HKLM][64Bits] -- MV AntiSpy 4.0_is1
O42 - Logiciel: Naruto Shippuden Gekitou Ninja Taisen SP NarutoPlanet.ru NarutoPlanet.ru - (...) [HKLM][64Bits] -- Naruto Shippuden Gekitou Ninja Taisen SP NarutoPlanet.ru NarutoPlanet.ru
O42 - Logiciel: Super Tela - (...) [HKLM][64Bits] -- Super Tela
~ Logic: 12 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\CoolROM]
[HKCU\Software\GbAs]
[HKCU\Software\Install]
[HKCU\Software\Pando Networks]
[HKCU\Software\sXe Injected]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\SpeedBit]
[HKLM\Software\Wow6432Node\AutoHelpDesk]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\sXe_Injected]
~ Key Software: 324 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/08/2013 - 20:58:03 - [] ----D C:\Program Files (x86)\Asprate
O43 - CFD: 07/05/2014 - 16:07:51 - [] ----D C:\Program Files (x86)\Marcos Velasco Security
O43 - CFD: 15/02/2014 - 19:00:55 - [] ----D C:\Program Files (x86)\NarutoPlanet.ru
O43 - CFD: 25/10/2012 - 06:55:22 - [] ----D C:\Program Files (x86)\Oi
O43 - CFD: 02/02/2013 - 18:10:33 - [] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 04/05/2014 - 15:38:38 - [] ----D C:\Program Files (x86)\Super Tela
O43 - CFD: 25/10/2012 - 06:55:21 - [] ----D C:\ProgramData\Oi
O43 - CFD: 10/12/2012 - 15:02:49 - [] ----D C:\Users\Usuário\AppData\Roaming\DBOBR
O43 - CFD: 17/03/2014 - 15:12:14 - [] ----D C:\Users\Usuário\AppData\Roaming\JSPKM
O43 - CFD: 07/03/2014 - 10:59:23 - [] ----D C:\Users\Usuário\AppData\Roaming\MP3Rocket
O43 - CFD: 16/11/2013 - 17:59:00 - [] ----D C:\Users\Usuário\AppData\Roaming\OTP
O43 - CFD: 10/01/2013 - 19:43:37 - [] ----D C:\Users\Usuário\AppData\Roaming\PokCP
O43 - CFD: 26/01/2013 - 17:58:52 - [] ----D C:\Users\Usuário\AppData\Roaming\PokeBRO
O43 - CFD: 22/12/2012 - 12:17:19 - [] ----D C:\Users\Usuário\AppData\Roaming\PokeO
O43 - CFD: 09/06/2013 - 12:24:56 - [] ----D C:\Users\Usuário\AppData\Roaming\POST
O43 - CFD: 06/04/2014 - 18:58:28 - [] ----D C:\Users\Usuário\AppData\Roaming\ProductData
O43 - CFD: 13/09/2013 - 11:41:23 - [] ----D C:\Users\Usuário\AppData\Roaming\Reg
O43 - CFD: 01/10/2013 - 13:13:31 - [] ----D C:\Users\Usuário\AppData\Roaming\Shareaza
O43 - CFD: 17/12/2012 - 15:27:46 - [] ----D C:\Users\Usuário\AppData\Roaming\ZezeniaOnline
O43 - CFD: 18/12/2012 - 14:18:40 - [] ----D C:\Users\Usuário\AppData\Local\Level Up!
O43 - CFD: 02/02/2013 - 18:10:27 - [] ----D C:\Users\Usuário\AppData\Local\Pando_Temp
~ Program Folder: 213 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - 01/05/2014 - 16:53:02 ---A- . (...) -- C:\Windows\ôõ1 [20]
O44 - LFC:[MD5.4F49E80C35B9E63A600E27908B804043] - 05/05/2014 - 10:16:45 ---A- . (...) -- C:\Windows\System32\energy-report.html [15809]
O44 - LFC:[MD5.1E2B63A0420E3BEA0640B98493EA8C7A] - 05/05/2014 - 11:07:23 ---A- . (...) -- C:\teste.html [28598]
O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 08/05/2014 - 17:34:12 ---A- . (...) -- C:\Windows\NeroDigital.ini [69]
O44 - LFC:[MD5.4AE1C8F2FA0EA999E834DF5756400AE1] - 09/05/2014 - 15:35:33 ---A- . (...) -- C:\Windows\System32\prfc0404.dat [115690]
O44 - LFC:[MD5.1BCB9294957B560CAD63665D08210E9A] - 09/05/2014 - 15:35:33 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [148256]
O44 - LFC:[MD5.B99FCB445DE5826F965C44EBCE0C247C] - 09/05/2014 - 15:35:33 ---A- . (...) -- C:\Windows\System32\prfc0804.dat [120192]
O44 - LFC:[MD5.906066323579B2EC8C0EFC44629254E0] - 09/05/2014 - 15:35:33 ---A- . (...) -- C:\Windows\System32\prfc0816.dat [153506]
O44 - LFC:[MD5.59A675E8AEEFC4B9DE501C5378920E7E] - 09/05/2014 - 15:35:33 ---A- . (...) -- C:\Windows\System32\prfh0404.dat [392938]
O44 - LFC:[MD5.7B201EC0BC0407F2528906A3641C78B7] - 09/05/2014 - 15:35:33 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [708476]
O44 - LFC:[MD5.32B670541E288211F56E833699C350F1] - 09/05/2014 - 15:35:33 ---A- . (...) -- C:\Windows\System32\prfh0804.dat [375766]
O44 - LFC:[MD5.373E31E25C0B3E72153CB9EA4B51BD58] - 09/05/2014 - 15:35:33 ---A- . (...) -- C:\Windows\System32\prfh0816.dat [723614]
O44 - LFC:[MD5.C04F16746FE80F47607C74BDC80ED485] - 10/05/2014 - 12:11:58 ---A- . (...) -- C:\zoek-results2014-05-10-151158.log [36344]
O44 - LFC:[MD5.DCA05A46E5B602B41454C484E37F3CEB] - 10/05/2014 - 17:24:36 ---A- . (...) -- C:\zoek-results2014-05-10-202436.log [10362]
O44 - LFC:[MD5.CC9B74C8B2D16B1DBD3498102D7DEDE6] - 10/05/2014 - 17:38:08 ---A- . (...) -- C:\zoek-results2014-05-10-203808.log [12353]
O44 - LFC:[MD5.D8860878A2DDF11E5A7118C913A7E377] - 10/05/2014 - 17:52:28 ---A- . (...) -- C:\zoek-results.log [2312]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/04/2014 - 11:22:49 ---A- . (...) -- C:\asc_rdflag [0]
~ Files: 66 Legitimates Filtered in 00mn 02s



---\\ Enumeração das chaves do registo StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\OiVelox [Key] . (...) -- C:\Program Files (x86)\Oi\Programmer\OiVeloxCheck.exe
O53 - SMSR:HKLM\...\startupreg\Pando Media Booster [Key] . (.No owner - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
~ SMSR Keys: 13 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:13/09/2013 - 18:50:58 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [288688]
O58 - SDL:28/10/2013 - 09:44:34 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\aswTap.sys [44640]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:28/02/2014 - 20:43:08 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [381440]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:30/04/2013 - 05:51:09 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [40616]
~ Drivers: 71 Legitimates Filtered in 00mn 00s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 28/02/2014 - C:\Windows\system32\Drivers\sptd.sys (sptd) .(.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) - LEGACY_SPTD
~ Legacy: 106 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.94B74ED65DA127229C9CCDA74A1E15CE] [SPRF][22/02/2014] (...) -- C:\Users\Usuário\AppData\Roaming\unins000.dat [17147]
[MD5.51D5AC7670A6789D2ABA254F319BCD1B] [SPRF][04/03/2014] (...) -- C:\Users\Usuário\AppData\Roaming\unins001.dat [16748]
~ Files: 2 Legitimates Filtered in 00mn 00s



---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "{01BD1C47-3F6D-4D5B-B8E9-9F3075B39139}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuário\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{82C8C786-2221-40A0-B13D-2683087BF539}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuário\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{5CB19964-7CEF-43A4-941B-DC425F339B12}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuário\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{1ECE5139-8D01-42C3-B13A-747E7D0A4059}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Usuário\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 4 Legitimates Filtered in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bittorrent-772-build-28499-superdownloads-32-bits_RASAPI32 =>P2P.BitTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bittorrent-772-build-28499-superdownloads-32-bits_RASMANCS =>P2P.BitTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitTorrent-8_RASAPI32 =>P2P.BitTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitTorrent-8_RASMANCS =>P2P.BitTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitTorrent_RASAPI32 =>P2P.BitTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BitTorrent_RASMANCS =>P2P.BitTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent (1)_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent (1)_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent-323-build-28705-baixaki-32-bits_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
~ BTK: 705 Legitimates Filtered in 00mn 00s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Disabled 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Disabled 11/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 14/01/2014 881952 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SS - | Disabled 26/03/2014 238080 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SS - | Auto 18/04/2014 3645456 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
SS - | Disabled 17/12/2007 163840 | (EPSON_EB_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.exe
SS - | Disabled 11/01/2007 126464 | (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.exe
SS - | Disabled 09/07/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 09/07/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Disabled 26/02/2014 2224976 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SS - | Disabled 05/04/2014 2153792 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Disabled 26/02/2014 377616 | (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
SS - | Auto 03/04/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SS - | Auto 03/04/2014 857912 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SS - | Disabled 08/06/2008 877864 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
SS - | Disabled 24/06/2008 537896 | (NMIndexingService) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
SS - | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des
SS - | Disabled 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\SysWOW64\IoctlSvc.exe
SS - | Disabled 25/02/2014 105448 | (RzKLService) . (.Razer Inc..) - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
SS - | Disabled 26/03/2014 27768 | (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe
SS - | Demand 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 06/12/2013 344064 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 27/03/2014 291912 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 06s



---\\ Lista dos emuladores de CD/DVD (MBR Hook)
O58 - SDL:28/02/2014 - 20:43:08 ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [381440]
~ Emulateurs: Scanned in 00mn 06s



---\\ Scâner Aditional (088)
Database Version : 13045 - (09/05/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 406527 Items scanned in 00mn 19s



---\\ Sumário das deteções encontradas na sua estação
~ MSI: 0 link(s) detected in 00mn 00s



~ 948 Legitimates filtered by white list
End of the scan (446 lines in 00mn 50s)(0)
avatar
janderson
Membro
Membro

Mensagens : 67
Reputação : 1
Data de inscrição : 29/10/2013

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por Power Max em Sab 10 Maio 2014, 19:23

Como está o PC após estes procedimentos?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por janderson em Sab 10 Maio 2014, 19:46

olha eu reiniciei ele e iniciou um pouco mais rapido parece que deu sim uma pequena melhorada. vcs tem algum topico pra fazer um upgrad no hardwer pra saber qual processador é compativel com minha placa essas coisas pois meu pc nao é muito bom talvez ajude se eu aumentar tambem a memoria se tiver um lugar pra fazer essas perguntas  :rindo_ate_agor 
avatar
janderson
Membro
Membro

Mensagens : 67
Reputação : 1
Data de inscrição : 29/10/2013

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por Power Max em Sab 10 Maio 2014, 20:40

Depois que este problema começou a acontecer você fez uma verificação completa com o Malwarebytes? Caso tenha feito, poste o log dele aqui em seu tópico.

Caso não tenha feito, siga as dicas abaixo para fazer a limpeza completa:

Alterando o idioma do Malwarebytes para o português:

Caso o idioma do seu Malwarebytes esteja em inglês é bem simples mudá-lo para nossa língua. Para isto abra o Malwarebytes e clique em Settings como mostra esta imagem:

[Você precisa estar registrado e conectado para ver esta imagem.]

Na próxima tela que surge, clique em Language e selecione a opção Portugueze (Brazil):

[Você precisa estar registrado e conectado para ver esta imagem.]
___________________________________________________________________________

Como executar uma verificação personalizada com o Malwarebytes:

- Abra o Malwarebytes > Clique em Verificar > clique em Verificação Personalizada > Clique em Verificar Agora:

[Você precisa estar registrado e conectado para ver esta imagem.]

Surgirá mais esta tela abaixo na qual você marcará todas as caixinhas do lado direito da tela para que todas as áreas de seu PC e mídias removíveis ligadas a ele possam ser escaneadas. E do lado esquerdo da tela deixe marcadas estas opções:

Verificar Objetos na Memória
Verificar as Configurações da Inicialização e do Registro
Verificar Arquivos Compactados


Quanto ao restante, deixe da forma já pré-configurada pelo Malwarebytes.

Depois disto clique no botão Iniciar Verificação como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

Aguarde enquanto o escaneamento é realizado. Ele demora de acordo com a quantidade de arquivos que você possua em seu computador:

[Você precisa estar registrado e conectado para ver esta imagem.]

Assim que a verificação terminar, caso seja detectada alguma ameaça em seu PC surgirá uma mensagem como esta abaixo próximo ao relógio do Windows onde você clicará nela:

[Você precisa estar registrado e conectado para ver esta imagem.]

Neste momento aparecerá quais os malwares e itens potencialmente indesejáveis que foram detectados e os locais onde eles se encontram. Você notará que ele já mostra uma ação padrão para os itens (que normalmente é a de mover para a quarentena).

Para remover as infecções, deixe a opção Quarentena no menu Ação selecionada em todos os itens e clique no botão Aplicar Ações, como mostra esta imagem:

[Você precisa estar registrado e conectado para ver esta imagem.]

Alguns malwares são rebeldes e podem necessitar de uma reinicialização do PC para que sejam removidos. Caso isto seja solicitado pelo Malwarebytes, clique em Sim (ou Yes) como mostra esta imagem:

[Você precisa estar registrado e conectado para ver esta imagem.]

Depois disto é só postar o novo log de verificação que o Malwarebytes irá criar em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por janderson em Ter 13 Maio 2014, 16:24

Demoro pacas  Sleep finalmente o log

Malwarebytes Anti-Malware
[Você precisa estar registrado e conectado para ver este link.]

Data de Verificação: 13/05/2014
Hora da Verificação: 16:17:17
Logfile: log MAM.txt
Administrador: Sim

Versão: 2.00.1.1004
Malware Database: v2014.05.13.06
Rootkit Database: v2014.03.27.01
Licença: Trial
Proteção de Malware: Desabilitado
Proteção de Site Malicioso: Desabilitado
Chameleon: Desabilitado

OS: Windows 7 Service Pack 1
CPU: x64
Sistema de Arquivo: NTFS
Usuário: Usuário

Tipo da Verificação: Verificação Personalizada
Resultado: Completado
Arquivos Verificados: 862630
Tempo Decorrido: 8 hr, 14 min, 8 seg

Memória: Enabled
Inicialização: Enabled
Filesystem: Enabled
Arquivos: Enabled
Rootkits: Desabilitado
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processos: 0
(No malicious items detected)

Módulos: 0
(No malicious items detected)

Chaves de Registro: 0
(No malicious items detected)

Valores de Registro: 0
(No malicious items detected)

Dados do Registro: 0
(No malicious items detected)

Pastas: 0
(No malicious items detected)

Arquivos: 0
(No malicious items detected)


Physical Sectors: 0
(No malicious items detected)


(end)
avatar
janderson
Membro
Membro

Mensagens : 67
Reputação : 1
Data de inscrição : 29/10/2013

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por Power Max em Ter 13 Maio 2014, 16:30

Como está o computador?

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por janderson em Ter 13 Maio 2014, 18:51

acho que melhorou um pouquinho
avatar
janderson
Membro
Membro

Mensagens : 67
Reputação : 1
Data de inscrição : 29/10/2013

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por Power Max em Ter 13 Maio 2014, 19:26

Desative temporariamente seu antivirus para evitar conflitos.

Baixe: < Shortcut_Module > ( de g3n-h@ckm@n )
|- Ao acessar o link acima, role a página e clique em Télécharger para fazer o download: [Você precisa estar registrado e conectado para ver esta imagem.]

 Execute-o da forma indicada nesta postagem:

Desinfecte atalhos infectados e exclua adwares com a ferramenta Shortcut_Module

Assim que a limpeza for concluída, poste o log (relatório) que estará em C:\Shortcut_Module_07_05_2014_17_05_22.txt (estes números em vermelho irão variar pois eles mostram a data e hora em que o escaneamento foi realizado).

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por janderson em Ter 13 Maio 2014, 20:17

¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module | g3n-h@ckm@n | 11.05.2014.1

¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 19:33:56 - 13/05/2014

Atualizado : 11/05/2014 | 12.25 Por g3n-h@ckm@n

Contact : [Você precisa estar registrado e conectado para ver este link.]

Feedbacks : [Você precisa estar registrado e conectado para ver este link.]
Boot : Normal  

Sistema : Windows 7 Ultimate (64 bits) Ultimate Service Pack 1

Memória RAM = Total (MB) : 3931 | Livre (MB) : 2235
Pagefile = Total (MB) : 7861 | Livre (MB) : 5872
Virtual = Total (MB) : 4194 | Livre (MB) : 4020


¤¤¤¤¤¤¤¤¤¤ | Windows atualizado

Nenhuma atualização descoberta !!!

¤¤¤¤¤¤¤¤¤¤ | Navegadores

IE : 11.0.9600.17041     (© Microsoft Corporation. Todos os direitos reservados.)
FF : 29.0.1.5239     (©Firefox and Mozilla Developers; available under the MPL 2 license.)
GC : 33.0.1750.117     (Copyright 2012 Google Inc. All rights reserved.)

¤¤¤¤¤¤¤¤¤¤ | Security

AM : Malwarebytes' Anti-Malware   (1.0.0.500)     [2013.12.22.03]
FW :
WMI : OK
WU: Windows Update Service [Auto(2)] = Começado
AS: Windows Defender [Manual(3)] = Ordem
FW: Windows FireWall Service [Auto(2)] = Começado

¤¤¤¤¤¤¤¤¤¤ | FlashPlayer

FlashPlayer ActiveX : 12.0.0.77
FlashPlayer Plugin : 13.0.0.182

¤¤¤¤¤¤¤¤¤¤ | Processos mortos

1408 | [Owner : SISTEMA |Parent : 728] - (.Microsoft Corporation - Aplicativo de subsistema de spooler.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1532 | [Owner : SISTEMA |Parent : 728] - (.Advanced Micro Devices, Inc. - AMD Fuel Service.) - (1.0.0.0) = C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
1696 | [Owner : SISTEMA |Parent : 728] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - (14.0.0.4563) = C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
1740 | [Owner : Usuário |Parent : 1668] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe
1916 | [Owner : Usuário |Parent : 728] - (.Microsoft Corporation - Processo de Host para Tarefas do Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe
2328 | [Owner : SISTEMA |Parent : 728] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2476 | [Owner : SISTEMA |Parent : 2328] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2884 | [Owner : SISTEMA |Parent : 728] - (.Microsoft Corporation - Indexador do Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
2140 | [Owner : SISTEMA |Parent : 856] - (.Microsoft Corporation - Mecanismo do Agendador de Tarefas.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
2544 | [Owner : SISTEMA |Parent : 2140] - (.Google Inc. - Google Installer.) - (1.2.183.21) = C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2988 | [Owner : SERVIÇO DE REDE |Parent : 728] - (.Microsoft Corporation - Serviço de Compartilhamento de Rede do Windows Media Player.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe
3680 | [Owner : Usuário |Parent : 2368] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) - (14.0.0.4567) = C:\Program Files (x86)\AVG\AVG2014\avgui.exe
3840 | [Owner : Usuário |Parent : 3680] - (.Microsoft Corporation - Carregador CTF.) - (6.1.7600.16385) = C:\Windows\SysWOW64\ctfmon.exe
3612 | [Owner : Usuário |Parent : 3384] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - (5.0.2.0) = C:\Windows\System32\spool\drivers\x64\3\E_IAMTFBB.EXE

¤¤¤¤¤¤¤¤¤¤ | Processos começados

280 | [Owner : SISTEMA |Parent : 4] - (.Microsoft Corporation - Gerenciador de Sessão do Windows.) - (6.1.7601.18229) = C:\Windows\System32\smss.exe
608 | [Owner : SISTEMA |Parent : 600] - (.Microsoft Corporation - Processo do tempo de Execução do Servidor do Cliente.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe
676 | [Owner : SISTEMA |Parent : 600] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe
692 | [Owner : SISTEMA |Parent : 668] - (.Microsoft Corporation - Processo do tempo de Execução do Servidor do Cliente.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe
728 | [Owner : SISTEMA |Parent : 676] - (.Microsoft Corporation - Aplicativo de serviços e controle.) - (6.1.7600.16385) = C:\Windows\System32\services.exe
752 | [Owner : SISTEMA |Parent : 676] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.18270) = C:\Windows\System32\lsass.exe
760 | [Owner : SISTEMA |Parent : 676] - (.Microsoft Corporation - Serviço do Gerenciador de Sessão Local.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe
824 | [Owner : SISTEMA |Parent : 668] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) - (6.1.7601.17514) = C:\Windows\System32\winlogon.exe
896 | [Owner : SISTEMA |Parent : 728] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
984 | [Owner : SERVIÇO DE REDE |Parent : 728] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
572 | [Owner : SERVIÇO LOCAL |Parent : 728] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
668 | [Owner : SISTEMA |Parent : 728] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
856 | [Owner : SISTEMA |Parent : 728] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1108 | [Owner : SISTEMA |Parent : 728] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1156 | [Owner : SERVIÇO LOCAL |Parent : 728] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1236 | [Owner : SERVIÇO DE REDE |Parent : 728] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1436 | [Owner : SERVIÇO LOCAL |Parent : 728] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
1676 | [Owner : Usuário |Parent : 668] - (.Microsoft Corporation - Gerenciador de Janelas da Área de Trabalho.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe
2252 | [Owner : SERVIÇO LOCAL |Parent : 728] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
2824 | [Owner : SERVIÇO DE REDE |Parent : 728] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
3148 | [Owner : SERVIÇO LOCAL |Parent : 728] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
3312 | [Owner : SERVIÇO LOCAL |Parent : 728] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
2452 | [Owner : SISTEMA |Parent : 728] - (.Microsoft Corporation - Processo de Host para Serviços do Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe
6452 | [Owner : SERVIÇO LOCAL |Parent : 572] - (.Microsoft Corporation - Isolamento de Gráfico de Dispositivo de Áudio do Windows .) - (6.1.7601.17514) = C:\Windows\System32\audiodg.exe
3140 | [Owner : Usuário |Parent : 1740] - (. - Shortcut_Module.) - (11.5.2014.1) = C:\Users\Usuário\Desktop\Shortcut_Module.exe
880 | [Owner : SISTEMA |Parent : 728] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - (14.0.0.4563) = C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
6988 | [Owner : Usuário |Parent : 3140] - (. - Process Stopper.) - (1.0.0.0) = C:\Shortcut_Module\Protect_Module.exe

¤¤¤¤¤¤¤¤¤¤ | RUN

04 - [64] HKLM\..\Run : [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

¤¤¤¤¤¤¤¤¤¤ | Serviços


funcionando : MMCSS
funcionando : Dhcp
Serviço parado : Dhcp
funcionando : TcpIp
funcionando : SSDPSRV
funcionando : MPSSvc
Serviço parado : MPSSvc
funcionando : LanmanServer
funcionando : DNScache
Serviço parado : DNScache

¤¤¤¤¤¤¤¤¤¤ | Hosts

C:\Windows\System32\Drivers\etc\hosts : Reponha para zerar prosperamente

¤¤¤¤¤¤¤¤¤¤ | Registro

Apagado prosperamente : [64]HKLM\Software\Classes\AniGIFCtrl.AniGIF
Apagado prosperamente : [64]HKLM\Software\Classes\AniGIFPpg.AniGIFPpg.1
Apagado prosperamente : [64]HKLM\Software\Classes\AniGIFPpg2.AniGIFPpg2.1
Apagado prosperamente : [64]HKLM\Software\Classes\ASCPlugin_Protection.TASCBrowserProtection
Apagado prosperamente : [64]HKLM\Software\Classes\Groove.FormsToolSearchDialogDelegate
Apagado prosperamente : [64]HKLM\Software\Classes\AniGIFPpg.AniGIFPpg
Apagado prosperamente : [32]HKLM\Software\Classes\AniGIFPpg2.AniGIFPpg2
Apagado prosperamente : [HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts]|[C:\Users\Usuário\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driver Booster\Driver Booster.lnk]
Apagado prosperamente : [HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts]|[C:\Users\Usuário\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driver Booster\Desinstalar Driver Booster.lnk]
Apagado prosperamente : [64]HKLM\Software\Classes\CLSID\{252F94DF-8424-40A4-9EEF-B4C9811EF1F7} : AVGrabber
Apagado prosperamente : [64]HKLM\Software\Classes\CLSID\{283a0ed6-4fba-4bd9-af69-a7fc664388b5} : NMCFEventManager Class
Apagado prosperamente : [64]HKLM\Software\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000} : AniGIFPpg2 Class
Apagado prosperamente : [64]HKLM\Software\Classes\CLSID\{6DC82D15-92F2-11D1-A255-00A0C932C7DF} : AniGIFPpg Class
Apagado prosperamente : [64]HKLM\Software\Classes\CLSID\{ba1709eb-6de5-48ff-8443-1b51629cf8aa} : NMBAppGlobalSettingsTV_Card Class
Apagado prosperamente : [64]HKLM\Software\Classes\CLSID\{e1d24ab8-53df-49ac-bae6-63a06d55a112} : NMBAppGlobalSettingsTV_Folder Class
Apagado prosperamente : [64]HKLM\Software\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF} : C:\Windows\SysWow64\AniGIF.ocx
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{03C3860D-86B7-4F36-924C-3B1AD93B4C79} : ISafeReportItem
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{068DED0E-382E-4F75-A810-689995894BC1} : INMSearchQueryResultEnumerator
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{06AAB3DD-A5FA-42E8-803C-03E571E0F9CD} : INMSearchQueryContext
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{0A95BE2D-1543-46BE-AD6D-18653034BF87} : ISafeMailItem
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{12E41153-E975-422F-A4BE-D33BE5AA026E} : INMTVOptionTimeShift
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{1BF7F7EA-503F-4F1A-BB4A-95D201351034} : INMSearchQueryConstSyntaxTree
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{3120A5E4-552D-4EDF-8C48-70C5D5FF22D2} : ISafeContactItem
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{319E5BB7-8F0D-4181-857A-8A30ABFA2336} : INMSearchQueryConfigManager
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{31CE2164-4D5C-4508-BCA7-B10E11D08E6B} : ISafeMAPIFolder
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{35EFAD55-134A-47BF-912A-44A9D9FD556F} : ISafeAppointmentItem
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{37D74E21-ED4B-4081-994E-F231F329B8DF} : INMSearchQuerySource
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{4327F6E9-8345-471D-9BA6-FAE99B981A08} : INMSearchQueryConfigHolder
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{43345B1E-AF6F-414C-8EF8-E882A96E1D15} : INMCFEventTransformer
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{5252AC41-94BB-11D1-B2E7-444553540000} : IAniGIFEvents
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{5C61669E-F0CE-4126-B365-316588E6228F} : ISafeRecipient
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{62255EF1-21B0-46AB-9BE1-9D8B5A97DB8D} : INMCFEventManager
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{632CFD20-794A-4B34-9AC5-89972BDF7D93} : DGrooveAggregatedDeltaProcessingStatusListener
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{6A057ABC-67DD-4C87-80FF-6E01880A5765} : INMSearchQueryErrorEvent
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{6A5D680A-8F9F-4752-A056-2C0273F60B4E} : ISafePostItem
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{6E4C6020-2932-4DDD-BDA8-998AE4CDF50D} : ISafeInspector
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{780AB883-CEC9-49AF-96FF-C076CB50F34A} : INMSearchQueryRefinement
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{7B66381E-1A66-4477-BBC6-FF65A9C9CCCD} : INMTVTimeShiftBufferHandle
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{82351440-9094-11D1-A24B-00A0C932C7DF} : IAniGIF
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{8577F44B-CE8E-4CDB-A504-F8B763D17EA3} : INMSearchQueryCallback
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{8964EFBA-51D2-4917-9C81-339ED8ABF52F} : INMCFEventReceiver
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{95FFA065-5981-4E38-BA55-CDD0FFBB21DE} : INMCFEventProvider
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{9BECB328-B2EC-4AF7-9AE7-388AE37F1883} : INMSearchQuerySourceDeprecated
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{A2ABAA24-0550-4A8F-B616-35666B48A5D4} : INMCFEventQueue
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{A367989B-5D34-426E-BCF3-3AAA6A29F4B3} : INMSearchQueryResultEvent
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{A50CD81F-639D-4E08-929B-00D3D3D17247} : INMSearchQuerySyntaxTree
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{AABCB659-E5CD-4ED5-BF4B-82A82E3F5AF9} : INMCFEventSubscription
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63} : ISearchQueryHelper
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{C04F11DE-CE33-4CE0-A0F5-E87D142790F2} : INMSearchQueryHandle
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{C99E0FAF-09C5-4FDD-ADE2-1C808D18A66B} : INMSearchQueryResult
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{CACB61E0-AEEA-404D-88E1-7F3BCA8B8726} : ISafeRecipients
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{CCB37EAC-C88A-44FB-A584-9BD646986FF3} : INMCFEvent
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{CD5B9523-6EAF-4D63-8FE8-C081C51D1673} : ISafeTable
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{D7E6FB7C-A22F-4A9D-A89D-653D1AA37324} : ISafeCurrentUser
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{D80AC53D-E102-4A55-A265-529A626515E5} : ISafeItems
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{DBCAD616-BFD4-4C72-8D87-C5926921D378} : _ISafeItem
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{E3EC74BB-5522-462D-A00F-2728C53FCA04} : ISafeJournalItem
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{E61CEEA7-4575-4D94-8A2C-E6DDAC35CCC3} : INMCFEventContext
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{EBB4EBA9-D546-4C85-A05A-167BF875FB83} : ISafeDistList
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{F76F3E58-3A52-4FD4-8960-3D1F0EDA9B11} : INMSearchQueryResult2
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{F7919641-3978-4668-8388-7310329C800E} : ISafeMeetingItem
Apagado prosperamente : [64]HKLM\Software\Classes\Interface\{F961CE9D-AE2B-4CFB-887C-3A055FF685C9} : ISafeTaskItem
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{03C3860D-86B7-4F36-924C-3B1AD93B4C79} : ISafeReportItem
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{0A95BE2D-1543-46BE-AD6D-18653034BF87} : ISafeMailItem
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{3120A5E4-552D-4EDF-8C48-70C5D5FF22D2} : ISafeContactItem
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{31CE2164-4D5C-4508-BCA7-B10E11D08E6B} : ISafeMAPIFolder
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{35EFAD55-134A-47BF-912A-44A9D9FD556F} : ISafeAppointmentItem
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{5252AC41-94BB-11D1-B2E7-444553540000} : IAniGIFEvents
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{5C61669E-F0CE-4126-B365-316588E6228F} : ISafeRecipient
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{6A5D680A-8F9F-4752-A056-2C0273F60B4E} : ISafePostItem
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{6E4C6020-2932-4DDD-BDA8-998AE4CDF50D} : ISafeInspector
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{82351440-9094-11D1-A24B-00A0C932C7DF} : IAniGIF
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{CACB61E0-AEEA-404D-88E1-7F3BCA8B8726} : ISafeRecipients
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{CD5B9523-6EAF-4D63-8FE8-C081C51D1673} : ISafeTable
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{D7E6FB7C-A22F-4A9D-A89D-653D1AA37324} : ISafeCurrentUser
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{D80AC53D-E102-4A55-A265-529A626515E5} : ISafeItems
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{DBCAD616-BFD4-4C72-8D87-C5926921D378} : _ISafeItem
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{E3EC74BB-5522-462D-A00F-2728C53FCA04} : ISafeJournalItem
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{EBB4EBA9-D546-4C85-A05A-167BF875FB83} : ISafeDistList
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{F7919641-3978-4668-8388-7310329C800E} : ISafeMeetingItem
Apagado prosperamente : [32]HKLM\Software\Classes\Interface\{F961CE9D-AE2B-4CFB-887C-3A055FF685C9} : ISafeTaskItem
Apagado prosperamente : [64]HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]|[Freeven Pro 1.4-bg.exe] : 8000
Apagado prosperamente : [64]HKLM\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]|[MediaPlayerplus-bg.exe] : 8000
Apagado prosperamente : [64]HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\allsearch.ws
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clearask.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\codecouponsite.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cool-web-search.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\dailytoolbar.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\esafebill.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\greatcouponclub.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hitlistlyrics.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\iesafetywarning.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\isafe-antivirus.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\isafeantivirus.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\isafeantvirus.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\isearch.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\lavasoftfirewall.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\lavasoftpersonallfirewall.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\lyricsandsongs.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mp3tube.info
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mywebsearch.net
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\nellyslyrics.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\oneclicksearch.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\onlinesafetypage.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\searchbarcash.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\searchmadesafe.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\searchoutlaw.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\surfwebsafely.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\thecoupondiscount.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\thespybot.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\viruswebprotect.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\web-search.tk
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\websafenotice.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\websearchnetwork.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\yourcountycoupon.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\youriesafety.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\yoursearchbar.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\yoursearchresults.net
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zango.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\esafetylist.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\isafeantivir.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\isaferantivirus.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\lavasoftpersonalfirewall.com
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\zangocash.com
Apagado prosperamente : [64]HKLM\Software\Microsoft\Tracing\BrowserManagerSetup_RASAPI32
Apagado prosperamente : [64]HKLM\Software\Microsoft\Tracing\deskSvc_RASAPI32
Apagado prosperamente : [64]HKLM\Software\Microsoft\Tracing\Need-For-Speed-Most-Wanted_1024x768_RASAPI32
Apagado prosperamente : [64]HKLM\Software\Microsoft\Tracing\BrowserManagerSetup_RASMANCS
Apagado prosperamente : [64]HKLM\Software\Microsoft\Tracing\deskSvc_RASMANCS
Apagado prosperamente : [64]HKLM\Software\Microsoft\Tracing\Need-For-Speed-Most-Wanted_1024x768_RASMANCS
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000HKLM\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1
Apagado prosperamente : [32]HKLM\SOFTWARE\SpeedBit
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Akamai
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Trolltech
Apagado prosperamente : HKU\S-1-5-18\Software\AskPartnerNetwork
Apagado prosperamente : HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}(\_1a34a8e0\eae10f9d|[0dc3ee96]) : /P////%%
Apagado prosperamente : HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}(\_1a34a8e0\eae10f9d|[0dc3ee96]) : /P////%%
Apagado prosperamente : HKU\S-1-5-18\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}(\_1a34a8e0\eae10f9d|[0dc3ee96]) : /P////%%
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465} : ShopperReports.dll
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} : alotBHO.dll;alotBHO.dll
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{22D8E815-4A5E-4DFB-845E-AAB64207F5BD} : eBayTB.dll
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754} : ShoppingReport.dll
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7} : PCTBrowserDefender.dll
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B} : BabylonToolbar.dll
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825} : PCTBrowserDefender.dll
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{57F02779-3D88-4958-8AD3-83C12D86ADC7} : advancedsearchbar.dll
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} : alot.dll;alot.dll
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{92085AD4-F48A-450D-BD93-B28CC7DF67CE} : eBayTB.dll
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} : BabylonToolbar.dll
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} : ShoppingReport.dll
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CDEEC43D-3572-4E95-A2A5-F519D29F00C0} : advancedsearchbar.dll
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} : BabylonToolbarTlbr.dll
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8143d3e2-497f-4a22-adad-ba8bf794ed0e} : C:\Program Files (x86)\MediaPlayerplus
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cbb396ad-303a-4f52-b07d-bcf7e3ec9590} : C:\Program Files (x86)\MediaPlayerplus
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb4a7d72-7f66-410d-a653-7478364b6a43} : C:\Program Files (x86)\Freeven Pro 1.4
Apagado prosperamente : [64]HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cdd57a33-8fca-4ea7-8cdc-3e0aeeececc1} : C:\Program Files (x86)\Freeven Pro 1.4
Apagado prosperamente : [32]HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8143d3e2-497f-4a22-adad-ba8bf794ed0e} : C:\Program Files (x86)\MediaPlayerplus
Apagado prosperamente : [32]HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cbb396ad-303a-4f52-b07d-bcf7e3ec9590} : C:\Program Files (x86)\MediaPlayerplus
Apagado prosperamente : [32]HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb4a7d72-7f66-410d-a653-7478364b6a43} : C:\Program Files (x86)\Freeven Pro 1.4
Apagado prosperamente : [32]HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cdd57a33-8fca-4ea7-8cdc-3e0aeeececc1} : C:\Program Files (x86)\Freeven Pro 1.4
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A00526-8DD6-41B4-999B-9B4762776CEC} : C:\Program Files (x86)\Freeven Pro 1.4
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{202EB824-1FFA-42FE-BE4A-10DF8C359AE8} : C:\Program Files (x86)\MediaPlayerplus
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6EF0195F-236B-45C7-A8A3-578F9B2ADD81} : C:\Program Files (x86)\MediaPlayerplus
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A0A490B-1BA8-4013-9850-C33C1FBAB2CA} : C:\Program Files (x86)\MediaPlayerplus
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cdd57a33-8fca-4ea7-8cdc-3e0aeeececc1} : C:\Program Files (x86)\Freeven Pro 1.4
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E2A40355-F8A4-4B94-9540-13D3B3A5A633} : C:\Program Files (x86)\Freeven Pro 1.4
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb4a7d72-7f66-410d-a653-7478364b6a43} : C:\Program Files (x86)\Freeven Pro 1.4
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1AC01211-E010-4DDD-B86F-688DF63544DA} : C:\Program Files (x86)\Freeven Pro 1.4
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8143d3e2-497f-4a22-adad-ba8bf794ed0e} : C:\Program Files (x86)\MediaPlayerplus
Apagado prosperamente : HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E52B3637-C75D-432B-8EE6-FB9C49C062C1} : C:\Program Files (x86)\Freeven Pro 1.4
Apagado prosperamente : [64]HKLM\Software\Classes\Installer\Features\CC69E458C66237845AF0DC5F63E78E84 : AvgAddonsFea
Apagado prosperamente : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 : 01:\Software\Smartbar\version
Apagado prosperamente : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D : 02:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP\UserSettings
Apagado prosperamente : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3127348328-4204076854-1704267095-1000\Components\020079C0CE4AC02EED1888A2AE8CE447 : 01:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Akamai NetSession Interface
Apagado prosperamente : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3127348328-4204076854-1704267095-1000\Components\18E8444AC870505B88DF1F2634E2B91E : C:\Users\Usuário\AppData\Local\Akamai\accepteula.txt
Apagado prosperamente : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3127348328-4204076854-1704267095-1000\Components\580682D1C0159847CCEC037C03087E26 : C:\Users\Usuário\AppData\Local\Akamai\client.ini
Apagado prosperamente : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3127348328-4204076854-1704267095-1000\Components\70F555577657DA47AE56C133D2D294E8 : 01:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Akamai\InstallLocation
Apagado prosperamente : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3127348328-4204076854-1704267095-1000\Components\8D541BF13BA1EE09CD1F6EA7B1FBFC67 : 01:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Akamai\UninstallString
Apagado prosperamente : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3127348328-4204076854-1704267095-1000\Components\C5E5634748AA8DC5623BE48DDFCF8A04 : C:\Users\Usuário\AppData\Local\Akamai\rswinui.exe
Apagado prosperamente : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3127348328-4204076854-1704267095-1000\Components\E1B47BBDD70D8978E1D52D309B624221 : C:\Users\Usuário\AppData\Local\Akamai\ControlPanel_Installer.exe
Apagado prosperamente : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3127348328-4204076854-1704267095-1000\Components\E8B49D60B33C29DBB0BF46CF7F6AD30F : C:\Users\Usuário\AppData\Local\Akamai\installer_uploader.exe
Apagado prosperamente : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3127348328-4204076854-1704267095-1000\Components\0C42A6CD31370C8B4C429F1D10D847E7 : C:\Users\Usuário\AppData\Local\Akamai\admintool.exe
Apagado prosperamente : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3127348328-4204076854-1704267095-1000\Components\5B0A6CB367C495325A48DA1AB46E4E93 : C:\Users\Usuário\AppData\Local\Akamai\user.dat
Apagado prosperamente : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3127348328-4204076854-1704267095-1000\Components\AFAF4DC50343A11A1551AF29AEA69F90 : C:\Users\Usuário\AppData\Local\Akamai\netsession_win.exe
Apagado prosperamente : [32]HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3127348328-4204076854-1704267095-1000\Components\E34EEFC4F89581706B658D492BF98506 : 01:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Akamai\DisplayName
Apagado prosperamente : [64]HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Driver Booster_is1

¤¤¤¤¤¤¤¤¤¤ | IFEO


¤¤¤¤¤¤¤¤¤¤ | Arquivos

Apagado prosperamente : C:\Program Files (x86)\Glary Utilities 4\OneClickMaintenance.exe     (Copyright (c) 2003-2013 Glarysoft Ltd.-.Glary Utilities)     OneClickMaintenance.exe
Apagado prosperamente : C:\Program Files (x86)\Glary Utilities 4\SoftwareUpdate.exe     (Copyright(c) 2003-2013 Glarysoft Ltd.-.Glary Utilties)     SoftwareUpdate.exe
Apagado prosperamente : C:\Windows\System32\AniGIF.ocx     (Copyright 1996 - 1998, Jin Hui - Animation GIF Control)     [OFN : ANIGIF.OCX]
Apagado prosperamente : C:\Windows\System32\NdfEventView.xml     ()    
Apagado prosperamente : C:\Users\All Users\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe     (Copyright (C) 2011 .  All rights reserved..-.)[OFN : ReOfferCampaign.exe]
Apagado prosperamente : C:\Users\All Users\IObit\Driver Booster
Apagado prosperamente : C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Driver Booster
Apagado prosperamente : C:\Users\Usuário\AppData\Local\VS Revo Group\Revo Uninstaller Pro\BackUpsData\Lollipop-11052013-103442
Apagado prosperamente : C:\Users\Usuário\AppData\LocalLow\SpeedBIT
Apagado prosperamente : C:\Users\Usuário\AppData\LocalLow\Unity\WebPlayer
Apagado prosperamente : C:\Users\Usuário\AppData\Roaming\IObit\Driver Booster
Apagado prosperamente : [Usuário | FF] : [Você precisa estar registrado e conectado para ver este link.] = ascsurfingprotection@iobit
Apagado prosperamente : C:\Users\Usuário\AppData\Roaming\Mozilla\Firefox\Profiles\gycv5ie5.default\user.js.orig     (.-.)    
Apagado prosperamente : C:\Users\Usuário\AppData\Roaming\Unity\WebPlayerPrefs

¤¤¤¤¤¤¤¤¤¤ | Malversações de atalhos


¤¤¤¤¤¤¤¤¤¤ | Proxy

Consertado : [HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1

¤¤¤¤¤¤¤¤¤¤ | Malversações internet Explorer

Consertado : [HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\system32\blank.htm -> C:\Windows\SysWOW64\blank.htm
Consertado : [HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Microsoft\Internet Explorer\Main]|[Default_Search_URL] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [HKU\S-1-5-21-3127348328-4204076854-1704267095-1000\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Main\Window Title]|[] :  -> Internet Explorer
Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Bar] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\SYSTEM32\blank.htm -> C:\Windows\SysWOW64\blank.htm
Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Search_URL] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[BrowserMngr Start Page] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Main]|[CustomizeSearch] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[Search Bar] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[Start Page] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[Local Page] :  -> C:\Windows\SysWOW64\blank.htm
Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[Search Page] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[Default_Search_URL] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[Default_Page_URL] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[BrowserMngr Start Page] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [64][HKLM\Software\Microsoft\Internet Explorer\Search]|[CustomizeSearch] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Main\Window Title]|[] :  -> Internet Explorer
Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Bar] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\System32\blank.htm -> C:\Windows\SysWOW64\blank.htm
Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[Search Page] : [Você precisa estar registrado e conectado para ver este link.] -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[BrowserMngr Start Page] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Main]|[CustomizeSearch] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[Search Bar] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[Start Page] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[Local Page] :  -> C:\Windows\SysWOW64\blank.htm
Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[Search Page] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[Default_Search_URL] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[Default_Page_URL] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[BrowserMngr Start Page] :  -> [Você precisa estar registrado e conectado para ver este link.]
Consertado : [32][HKLM\Software\Microsoft\Internet Explorer\Search]|[CustomizeSearch] :  -> [Você precisa estar registrado e conectado para ver este link.]

¤¤¤¤¤¤¤¤¤¤ | Malversações Google Chrome


Apagado prosperamente : [64]HKLM\Software\Policies\Google
[Usuário] Reponha para zerar prosperamente : SearchURL
[Usuário] Reponha para zerar prosperamente : Preferences

[Usuário] : aohghmighlieiainnegkcijnfilokake =  : Google & co - Google & co
[Usuário] : apdfllckaahabafndbhieahigkjlhalf =  : Google & co - [Você precisa estar registrado e conectado para ver este link.] - Google & co
[Usuário] : blpcfgokakmgnkcojhhkbfbldkacnbeo =  : Google & co - [Você precisa estar registrado e conectado para ver este link.] - [Você precisa estar registrado e conectado para ver este link.] - Google & co
[Usuário] : coobgpohoikkiipiblmjeljniedjpjpf =  : Google & co - [Você precisa estar registrado e conectado para ver este link.] - Google & co
[Usuário] : nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co
[Usuário] : pjkljhegncpnkpknbcohdijeoejaedia =  : Google & co - [Você precisa estar registrado e conectado para ver este link.] - Google & co

¤¤¤¤¤¤¤¤¤¤ | Malversações Firefox

[Usuário] Apagado prosperamente : C:\Users\Usuário\AppData\Roaming\Mozilla\Firefox\Profiles\gycv5ie5.default\sessionstore.js
[Usuário] Apagado prosperamente : user_pref("extensions.dealply.channel", "pcdealply");
[Usuário] Apagado prosperamente : user_pref("extensions.dealply.installId", "v24870268953688282059702013092715034320");
[Usuário] Apagado prosperamente : user_pref("extensions.dealply.installIdSource", "inst");
[Usuário] Apagado prosperamente : user_pref("extensions.dealply.partner", "vn");
[Usuário] Apagado prosperamente : user_pref("extensions.dealply.sampleGroup", "0");
[Usuário] Apagado prosperamente : user_pref("extensions.enabledAddons", "ascsurfingprotection%40iobit.com:1.0,%7B87F8774F-B485-47E2-A755-A40A8A5E8873%7D:3.8.0.1,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1");
[Usuário] Apagado prosperamente : user_pref("extensions.flashEnhancer.client_id", "b49f11339552b67ac319d5d17eb4a73c");
[Usuário] Apagado prosperamente : user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1399742529380,\"rdfTime\":1399742528381}}},{\"name\":\"winreg-app-user\",\"addons\":{\"{87F8774F-B485-47E2-A755-A40A8A5E886D}\":{\"descriptor\":\"C:\\\\Users\\\\Usuário\\\\AppData\\\\Local\\\\GAS Tecnologia\\\\GBBD\\\\cef\\\\xpi\",\"mtime\":1396821510651,\"rdfTime\":1393075219504},\"{87F8774F-B485-47E2-A755-A40A8A5E8873}\":{\"descriptor\":\"C:\\\\Users\\\\Usuário\\\\AppData\\\\Local\\\\GAS Tecnologia\\\\GBBD\\\\uni\\\\xpi\",\"mtime\":1397640135162,\"rdfTime\":1397640135162}}},{\"name\":\"app-profile\",\"addons\":{\"ascsurfingprotection@iobit.com\":{\"descriptor\":\"C:\\\\Users\\\\Usuário\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gycv5ie5.default\\\\extensions\\\\ascsurfingprotection@iobit.com\",\"mtime\":1397069012509,\"rdfTime\":1337975796000}}}]");

[Usuário] : newtaburl_local.xpi :  -  -

¤¤¤¤¤¤¤¤¤¤ | Opera


¤¤¤¤¤¤¤¤¤¤ | Malversação de chaves StartMenuInternet

Consertado : [64][HKLM\Software\Clients\StartMenuInternet\Firefox.exe\shell\open\command] : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -> "C:\Program Files\Mozilla Firefox\Firefox.exe"
Consertado : [64][HKLM\Software\Clients\StartMenuInternet\Firefox.exe\shell\safemode\command] : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode -> "C:\Program Files\Mozilla Firefox\Firefox.exe" -safe-mode
Consertado : [64][HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : iexplore.exe -> "C:\Program Files\Internet Explorer\iexplore.exe"
Consertado : [64][HKLM\Software\Clients\StartMenuInternet\Google Chrome\shell\open\command] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -> "C:\Program Files\Google\Chrome\Application\chrome.exe"

¤¤¤¤¤¤¤¤¤¤ | AppInit_DLLs

[64][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1
[32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1

¤¤¤¤¤¤¤¤¤¤ | Malversações Javascript


¤¤¤¤¤¤¤¤¤¤ | Firewall

Consertado : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]|[EnableFirewall] : 1 -> 0
Consertado : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]|[EnableFirewall] : 1 -> 0
Consertado : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]|[EnableFirewall] : 1 -> 0

Apagado prosperamente : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]|[{8EADC68B-5C4A-4AF7-A479-F8AE348CDA6A}] : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=49186|Name=Akamai NetSession Interface|

¤¤¤¤¤¤¤¤¤¤ | Arquivos temporários

[All Users] Arquivos temporários Apagado : 0 Ko
[Default] Arquivos temporários Apagado : 0 Ko
[Default User] Arquivos temporários Apagado : 0 Ko
[Public] Arquivos temporários Apagado : 0 Ko
[Todos os Usuários] Arquivos temporários Apagado : 0 Ko
[Usuário] Arquivos temporários Apagado : 84471 Ko
[Usuário Padrão] Arquivos temporários Apagado : 0 Ko
[Usußrio] Arquivos temporários Apagado : 0 Ko
[C:\Windows\Temp] Arquivos temporários Apagado : 0 Ko
[C:\Temp] Arquivos temporários Apagado : 57 Ko


Outros relatórios


[X] : [3367 Ko]

Elementos analisados : 333838 | Infetado : 258

¤¤¤¤¤¤¤¤¤¤ |EOF| ¤¤¤¤¤¤¤¤¤¤ | 20:07:57 | [49 Ko]
avatar
janderson
Membro
Membro

Mensagens : 67
Reputação : 1
Data de inscrição : 29/10/2013

Voltar ao Topo Ir em baixo

Re: Computador travando constantemente.

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum