Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14412 usuários registrados
O último usuário registrado atende pelo nome de LucasDrBr

Os nossos membros postaram um total de 35075 mensagens em 3551 assuntos
Quem está conectado
1 usuário online :: Nenhum usuário registrado, Nenhum Invisível e 1 Visitante

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Julho 2017
SegTerQuaQuiSexSabDom
     12
3456789
10111213141516
17181920212223
24252627282930
31      

Calendário Calendário

Palavras chave


Notebook Lento!!

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Notebook Lento!!

Mensagem por Fuçador em Seg 02 Jun 2014, 12:11

até o mouse ta lento,segue o log do hijackthis,esse é outro notbook

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:10:40, on 02/06/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Ares\Ares.exe
C:\Users\Usuarios\AppData\Local\PriceMeter\pricemeterw.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Users\Usuarios\AppData\Roaming\VIVO INTERNET\ouc.exe
C:\Users\Usuarios\AppData\Local\PriceMeter\pricemeter.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Bench\BService\bservice.exe
C:\Program Files (x86)\Bench\Wd\wd.exe
C:\Users\Usuarios\AppData\Local\PriceMeter\pricemeter.exe
C:\Users\Usuarios\AppData\Local\PriceMeter\pricemeter.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Usuarios\AppData\Local\PriceMeter\pricemeter.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Usuarios\AppData\Local\PriceMeter\pricemeter.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Documentos - Usuário\Downloads\HijackThis (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 54.204.28.26 nikdaiaidiiiogaidkkekcmokcgcdeac
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Discount Dragon BHO - {EA34C851-D481-49F5-A356-3A8B0A8F3B7E} - C:\Program Files (x86)\Discount Dragon\FrameworkBHO.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ToolboxFX] "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Baidu Antivirus] "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe" -auto
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BService] C:\Program Files (x86)\Bench\BService\bservice.exe
O4 - HKLM\..\Run: [Wd] C:\Program Files (x86)\Bench\Wd\wd.exe
O4 - HKLM\..\RunOnce: [Discount Dragon-repairJob] wscript.exe "C:\Users\Usuarios\AppData\Local\Discount Dragon\repair.js" "Discount Dragon-repairJob"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Usuarios\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [PriceMeterW] "C:\Users\Usuarios\AppData\Local\PriceMeter\pricemeterw.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] "C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe"
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Você precisa estar registrado e conectado para ver este link.]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O15 - ESC Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - ESC Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
O15 - ESC Trusted Zone: [Você precisa estar registrado e conectado para ver este link.] (HKLM)
O15 - ESC Trusted Zone: [Você precisa estar registrado e conectado para ver este link.] (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{05AA246F-0801-49D5-B500-0EB796488AA3}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D66B2BF-909A-4D31-A23D-BF4239A5B5D0}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CD6B50E-2D4F-4CAC-A240-27BC0467188D}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{05AA246F-0801-49D5-B500-0EB796488AA3}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{05AA246F-0801-49D5-B500-0EB796488AA3}: NameServer = 200.169.117.221 200.169.117.222
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Baidu Antivirus Service (BAVSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe
O23 - Service: Baidu Hips Service (BHipsSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe
O23 - Service: Claro. OUC (Claro. RunOuc) - Unknown owner - C:\Program Files (x86)\Claro\UpdateDog\ouc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Baidu PC App Store Service 4.3.1.5732 (PCAppStoreSvc_{PCAppStore_4.3.1.5732}) - Baidu Inc. - C:\Program Files (x86)\Baidu Security\PC App Store\4.3.1.5732\PCAppStoreSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12870 bytes
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Power Max em Seg 02 Jun 2014, 12:44

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

Remova adwares e toolbars maliciosas com o Adwcleaner

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Fuçador em Qua 04 Jun 2014, 10:31

relatorio do adwcleaner
quero remover qualquer coisa relacionada ao Baidu

# AdwCleaner v3.211 - Relatório criado 04/06/2014 às 10:25:51
# Atualizado 26/05/2014 por Xplode
# Sistema Operacional : Windows 7 Professional Service Pack 1 (64 bits)
# Usuário : Usuarios - USUARIOS-PC
# Executando de : D:\Documentos - Usuário\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\BonanzaDealsLive
[!] Pasta Deletada : C:\ProgramData\Claro
Pasta Deletada : C:\ProgramData\PriceMeterLiveUpdate
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Claro
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
Pasta Deletada : C:\Program Files (x86)\Bench
Pasta Deletada : C:\Program Files (x86)\BonanzaDeals
Pasta Deletada : C:\Program Files (x86)\BonanzaDealsLive
Pasta Deletada : C:\Program Files (x86)\Claro
Pasta Deletada : C:\Program Files (x86)\Discount Dragon
Pasta Deletada : C:\Program Files (x86)\IminentToolbar
Pasta Deletada : C:\Program Files (x86)\predm
Pasta Deletada : C:\Program Files (x86)\PriceMeterLiveUpdate
Pasta Deletada : C:\Program Files (x86)\WinZip Registry Optimizer
Pasta Deletada : D:\Documentos - Usuário\Documents\Mobogenie
Pasta Deletada : C:\Users\Usuarios\AppData\Local\BenchUpdater
Pasta Deletada : C:\Users\Usuarios\AppData\Local\BonanzaDealsLive
Pasta Deletada : C:\Users\Usuarios\AppData\Local\Discount Dragon
Pasta Deletada : C:\Users\Usuarios\AppData\Local\genienext
Pasta Deletada : C:\Users\Usuarios\AppData\Local\lollipop
Pasta Deletada : C:\Users\Usuarios\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Usuarios\AppData\Local\Mysearchdial
Pasta Deletada : C:\Users\Usuarios\AppData\Local\PriceMeter
Pasta Deletada : C:\Users\Usuarios\AppData\Local\PriceMeterLiveUpdate
Pasta Deletada : C:\Users\Usuarios\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Usuarios\AppData\LocalLow\IminentToolbar
Pasta Deletada : C:\Users\Usuarios\AppData\LocalLow\Mysearchdial
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\0F1F1C2Y1H1P1C0I0T
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\Claro
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\Funmoods
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\IminentToolbar
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\Mysearchdial
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\newnext.me
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\OpenCandy
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\PriceMeterUpdater
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\UpdaterEX
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discount Dragon
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter
Pasta Deletada : C:\Users\wangjihua\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\wangzhisong\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Usuarios\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikdaiaidiiiogaidkkekcmokcgcdeac
Arquivo Deletada : C:\Windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\Usuarios\daemonprocess.txt
Arquivo Deletada : C:\Users\Usuarios\AppData\Local\mysearchdial-speeddial.crx
Arquivo Deletada : C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\lollipop.lnk
Arquivo Deletada : C:\Users\Usuarios\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletada : C:\Users\Usuarios\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage
Arquivo Deletada : C:\Windows\Tasks\bench-sys.job
Arquivo Deletada : C:\Windows\System32\Tasks\bench-sys
Arquivo Deletada : C:\Windows\System32\Tasks\Dealply
Arquivo Deletada : C:\Windows\Tasks\Funmoods.job
Arquivo Deletada : C:\Windows\System32\Tasks\Funmoods
Arquivo Deletada : C:\Windows\Tasks\MySearchDial.job
Arquivo Deletada : C:\Windows\System32\Tasks\MySearchDial
Arquivo Deletada : C:\Windows\System32\Tasks\pricemetertask
Arquivo Deletada : C:\Windows\Tasks\PriceMeterUpdater.job
Arquivo Deletada : C:\Windows\System32\Tasks\PriceMeterUpdater
Arquivo Deletada : C:\Windows\System32\Tasks\pricemeterwatcher
Arquivo Deletada : C:\Windows\Tasks\UpdaterEX.job
Arquivo Deletada : C:\Windows\System32\Tasks\UpdaterEX

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Chave Deletedo : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Chave Deletedo : HKCU\Software\Classes\Applications\lollipop.exe
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [PriceMeterW]
Chave Deletedo : HKLM\SOFTWARE\Classes\AmiBs.Installer
Chave Deletedo : HKLM\SOFTWARE\Classes\AmiBs.Installer.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseSmart_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseSmart_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseSmart_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseSmart_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BService]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Wd]
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_zello_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_zello_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A6FEED89-3BCD-4D19-9DC2-3E613A80A2A4}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{1C1356DA-1E98-4810-A9F6-18D89BD1C0C0}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFBB88A9-C663-4B9B-9170-70FA0A5A2786}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{392DE650-A1E6-4FB3-A5A4-21285DE225BD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Valor Deletedo : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Chave Deletedo : HKCU\Software\BonanzaDealsLive
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\mysearchdial
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\UpdaterEX
Chave Deletedo : HKCU\Software\AppDataLow\Software
Chave Deletedo : HKLM\Software\Bench
Chave Deletedo : HKLM\Software\BonanzaDealsLive
Chave Deletedo : HKLM\Software\free_soft_to_day
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\mysearchdial
Chave Deletedo : HKLM\Software\Tutorials
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\claro
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : [x64] HKLM\SOFTWARE\Iminent

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.7601.17514

Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v35.0.1916.114

[ Arquivo : C:\Users\Usuarios\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]
Deletedo [Extension] : nikdaiaidiiiogaidkkekcmokcgcdeac
Deletedo [Extension] : pflphaooapbgpeakohlggbpidpppgdff

*************************

AdwCleaner[R0].txt - [24446 octets] - [04/06/2014 10:24:32]
AdwCleaner[S0].txt - [22867 octets] - [04/06/2014 10:25:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22928 octets] ##########
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Power Max em Qua 04 Jun 2014, 10:34

Baixe o programa Junkware Removal Tool no link abaixo:
[Você precisa estar registrado e conectado para ver este link.]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

Tutorial do Junkware Removal Tool

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Fuçador em Qua 04 Jun 2014, 10:54

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Usuarios on 04/06/2014 at 10:46:38,92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricemeterd_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricemeterd_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\PriceMeterUpdateVer_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\PriceMeterUpdateVer_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricemeterd_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricemeterd_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\PriceMeterUpdateVer_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\PriceMeterUpdateVer_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\baidu"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Usuarios\AppData\Roaming\getrighttogo"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04/06/2014 at 10:53:02,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Power Max em Qua 04 Jun 2014, 10:55

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Você precisa estar registrado e conectado para ver este link.]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Sex 20 Jun 2014, 10:51, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Fuçador em Qua 04 Jun 2014, 11:36


Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by Usuarios on 04/06/2014 at 11:04:02,11.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Documentos - Usuário\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

04/06/2014 11:04:47 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Usuarios\AppData\Roaming\TomTom\HOME\Profiles\xo856ns1.default\prefs.js:

Added to C:\Users\Usuarios\AppData\Roaming\TomTom\HOME\Profiles\xo856ns1.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\Users\Usuarios\.android deleted
C:\Users\Usuarios\AppData\Roaming\ihelper deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\Users\Usuarios\AppData\Local\cache deleted
C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil deleted
C:\windows\SysNative\tasks\Baidu Antivirus Update deleted
C:\Windows\tasks\Registry Optimizer_DEFAULT.job deleted
C:\Windows\tasks\Registry Optimizer_UPDATES.job deleted
C:\windows\SysNative\tasks\bench-S-1-5-21-4267606759-60028879-2698333463-1000 deleted
C:\Windows\tasks\bench-S-1-5-21-4267606759-60028879-2698333463-1000.job deleted
C:\Users\wangjihua deleted
C:\Users\wangzhisong deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Users\Usuarios\AppData\Roaming\unins000.exe deleted

==== Folders Found ======================

2014-06-04 13:25:51 2014-06-04 13:25:51 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-06-04 13:26:18 2014-06-04 13:26:18 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Usuarios\AppData\Roaming\baidu
2014-06-04 13:26:18 2014-06-04 13:26:18 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Usuarios\AppData\Roaming\baidu\Baidu Antivirus
2013-10-28 15:24:22 2014-05-19 16:46:30 -------- d-----w- C:\Program Files (x86)\Baidu Security
2013-10-28 15:24:32 2014-06-04 13:38:17 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2013-10-28 15:24:22 2014-03-05 10:25:45 -------- d-----w- C:\ProgramData\Baidu Security
2013-12-24 07:50:35 2013-12-24 07:50:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2013-10-28 15:24:22 2014-03-05 10:25:45 -------- d-----w- C:\Users\All Users\Baidu Security
2013-12-24 07:50:35 2013-12-24 07:50:36 -------- d-----w- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-04-09 05:14:36 2014-04-09 05:14:36 -------- d-----w- C:\Users\Public\Documents\Baidu
2013-10-28 15:24:24 2014-05-19 16:46:30 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2013-12-24 07:44:13 2013-12-24 07:44:13 -------- d-----w- C:\Users\Usuarios\AppData\Local\Temp\baidu_secure
2013-10-28 15:24:43 2014-05-19 14:26:56 -------- d-----w- C:\Users\Usuarios\AppData\Roaming\Baidu Security
2013-12-20 13:50:57 2013-12-20 13:50:57 -------- d-----w- C:\Users\Usuarios\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2013-12-20 13:50:58 2013-12-20 13:50:58 -------- d-----w- C:\Users\Usuarios\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
2014-05-19 16:46:31 2014-05-19 16:46:34 -------- d-----w- C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC App Store
2014-05-19 16:46:31 2014-05-19 16:46:31 -------- d-----w- C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Baidu Security

==== Files Found ======================


--- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2013-09-22 07:32:04
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1


--- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2013-09-22 07:32:04
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB


--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1176
Created time: 2013-12-24 07:50:35
Modified time: 2014-04-09 05:15:33
MD5: 2A5D2A3E1B2BE433B37CF6160B775823
SHA1: 7BA0A73E924A561DE01F6592C1C57BF6FFE2D320


--- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1176
Created time: 2013-12-24 07:50:35
Modified time: 2014-04-09 05:15:33
MD5: 2A5D2A3E1B2BE433B37CF6160B775823
SHA1: 7BA0A73E924A561DE01F6592C1C57BF6FFE2D320


--- C:\Users\Public\Desktop\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1158
Created time: 2013-12-24 07:50:37
Modified time: 2014-04-09 05:15:34
MD5: 644227CA50207162AECBC2307D5052E8
SHA1: 13441479826E8C25060D4DE28701409F54B6CEF8


--- C:\Users\Usuarios\AppData\Local\Temp\Baidu_PCAppStore_4.3.1.5732.exe ---
Company: Baidu, Inc.
File Description: PC App Store Setup
File Version: 4.3.1.5732
Product Name: PC App Store
Copyright: Copyright (C) 2012 Baidu, Inc. All Rights Reserved.
Original Filename:
File type: ----a-w-
File size: 19358464
Created time: 2014-05-19 14:27:08
Modified time: 2014-05-19 14:27:08
MD5: E477198EFBFE8D5E2F9DA1D308C4CB35
SHA1: 44BD38A9C2D24B95D53E83D3A5AA869C790EE566


--- C:\Users\Usuarios\AppData\Local\Temp\Baidu_Secure_SystemUp_3.7.1.41942.exe ---
Company: Baidu, Inc.
File Description: PC Faster Setup
File Version: 3.7.1.41942
Product Name: Baidu PC Faster
Copyright: Copyright (C) 2013 Baidu, Inc. All Rights Reserved.
Original Filename:
File type: ----a-w-
File size: 10485488
Created time: 2013-12-14 23:17:43
Modified time: 2013-12-14 23:17:43
MD5: FCDDA1F1EE22BB14060FD553CB3A4048
SHA1: 06D14594FFE985E1E529EE87B3E2AAA04F937F02


--- C:\Users\Usuarios\AppData\Local\Temp\Baidu_Secure_SystemUp_4.0.1.56634.exe ---
Company: Baidu, Inc.
File Description: PC Faster Setup
File Version: 4.0.1.56634
Product Name: Baidu PC Faster
Copyright: Copyright (C) 2013 Baidu, Inc. All Rights Reserved.
Original Filename:
File type: ----a-w-
File size: 18605480
Created time: 2014-01-31 22:54:01
Modified time: 2014-01-31 22:54:01
MD5: BACBCAE5F50EDD4601DB00CBDA7AF191
SHA1: 22F8B3663BB270BD99B2CA866A9FDB3C0A56683F


--- C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Cookies\usuarios@baidu[1].txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 104
Created time: 2014-04-06 18:17:10
Modified time: 2014-04-06 18:17:10
MD5: 6E5C43C85343D42D1707BC165EA4EB5D
SHA1: A332658149D6B124EE52DB686D4C133005C8E8BB


--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3430
Created time: 2014-06-04 14:12:53
Modified time: 2014-04-09 05:15:37
MD5: EF41D1079A1BD90B38780C9AF29308B3
SHA1: 465F72B3B2D12282430B5EC912C66A01F1E4AA82


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0\Setup]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-01-31 01-07-00-0173-[18677].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-01-31 01-07-00-0173-[18677].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-02-10 02-47-37-0502-[29302].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-02-10 02-35-54-0746-[6740].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-02-11 02-22-18-0403-[16577].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-02-18 02-07-00-0135-[30022].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFPopups-2014-02-27 02-41-53-0632-[20267].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-02-27 02-42-11-0947-[20326].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFPopups-2014-02-28 02-41-53-0647-[16012].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-02-28 02-42-14-0755-[16080].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-05 03-24-41-0445-[7592].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PcfTray-2014-03-07 03-54-43-0535-[32469].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-15 03-18-11-0232-[2976].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-17 03-18-36-0908-[10293].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-03-17 03-44-44-0996-[17914].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PcfTray-2014-03-17 03-45-21-0190-[18035].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BavTray.exe\" -auto"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"="Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Uninstall.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"="http://antivirus.baidu.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"="Baidu, Inc."

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
"DisplayIcon"="C:\\Program Files (x86)\\Baidu Security\\PC App Store\\4.3.1.5732\\PCAppStore.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
"UninstallString"="C:\\Program Files (x86)\\Baidu Security\\PC App Store\\4.3.1.5732\\Uninstall.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
"Publisher"="Baidu, Inc."

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
"InstallDir"="C:\\Program Files (x86)\\Baidu Security\\PC App Store\\4.3.1.5732"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
@="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
@="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe\" UI_Start_From_IE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
@="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Translator.exe,-201"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
@="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Translator.exe\" \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdCameraProtect64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"DisplayName"="Baidu PC App Store Service 4.3.1.5732"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"Description"="Baidu PC App Store Service 4.3.1.5732"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdCameraProtect64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"DisplayName"="Baidu PC App Store Service 4.3.1.5732"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"Description"="Baidu PC App Store Service 4.3.1.5732"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdCameraProtect64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"DisplayName"="Baidu PC App Store Service 4.3.1.5732"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"Description"="Baidu PC App Store Service 4.3.1.5732"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\bavhm.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf\log\Updater.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\Bug\log]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\Bug\log\BavSvc.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.3.1.5732]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.3.1.5732\Install]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.3.1.5732\LastReportTime]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\Setup]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm64]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata\\2013-12-19 18_45_29_0370rpdata.dat"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Avast Software\WRC\SearchRules\baidu.com]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
"url"="^http\\:\\/\\/www\\.baidu\\.com\\/.*"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC App Store]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC App Store\4.3.1.5732]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC App Store\4.3.1.5732\LastReportTime]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC App Store\DataReport]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]
"ares_BaiDuSafe_RegType"=dword:00000002

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"Adobe ARM_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"AdobeCS5ServiceManager_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"GrooveMonitor_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"HP Software Update_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"SunJavaUpdateSched_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"SwitchBoard_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm64]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\Setup]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\Bav.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\BavTray.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BavTray.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PCFaster.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFaster.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PCFPopups.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFPopups.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PcfTray.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PcfTray.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\Bav.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\BavTray.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BavTray.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PCFaster.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFaster.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PCFPopups.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFPopups.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PcfTray.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PcfTray.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br]
"DisplayIcon"="\"C:\\Users\\Usuarios\\AppData\\Roaming\\baidu\\hao123-br\\hao123.1.0.0.1106.exe\""

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br]
"Publisher"="Baidu Online Network Technology (Beijing) Co., Ltd."

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br]
"UninstallString"="\"C:\\Users\\Usuarios\\AppData\\Roaming\\baidu\\hao123-br\\hao123.1.0.0.1106.exe\" -uninstall"

"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=dword:00000001
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\3.7.0.0\\UninstCaller.exe"=dword:00000020

"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=dword:00000001
"C:\\Users\\Usuarios\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_GL1.exe"=dword:00000001

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"="Bav"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"="Bav"

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\bavhm.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf\log\Updater.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\Bug\log]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\Bug\log\BavSvc.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.3.1.5732]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.3.1.5732\Install]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.3.1.5732\LastReportTime]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\Setup]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm64]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata\\2013-12-19 18_45_29_0370rpdata.dat"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

==== Firefox Extensions ======================

ProfilePath: C:\Users\Usuarios\AppData\Roaming\TomTom\HOME\Profiles\xo856ns1.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

==== Firefox Plugins ======================


==== Chrome Look ======================

Docs - Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Docs - Default User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Default User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Default User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Default User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - Default User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Drive - Usuarios\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Usuarios\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Usuarios\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
GBBD Banco Santander (Brasil) S.A. - Usuarios\AppData\Local\Google\Chrome\User Data\Default\Extensions\embboanagkhdghdnaekpbpgfckeejmlo
Google Wallet - Usuarios\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Usuarios\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Docs - USURIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - USURIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - USURIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - USURIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - USURIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{92001F8A-C36B-473A-91E7-5BE0C81CF2B3} PSafe ClikSeguro Url="http://home.psafe.com/Search.aspx?q={searchTerms}&utm_source=browser+addressbar&utm_medium=browser+addressbar&utm_campaign=browser+addressbar"

==== Reset Google Chrome ======================

C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Default User\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Usuarios\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\USURIO~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Default User\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Usuarios\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\USURIO~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Usuarios\Desktop\PC App Store.lnk - C:\Program Files (x86)\Baidu Security\PC App Store\4.3.1.5732\PCAppStore.exe /openfrom=shortcut

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Baidu Antivirus.lnk - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Bav.exe
C:\Users\Public\Desktop\Claro.lnk - C:\Program Files (x86)\Claro\Claro.exe
C:\Users\Public\Desktop\Discador Oi.lnk - C:\Program Files (x86)\OI\Oi3G\DiscadorOi.exe
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe
C:\Users\Public\Desktop\Kantoo English.lnk -
C:\Users\Public\Desktop\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Public\Desktop\Recibo.lnk - C:\Recibopro\Recibo.exe
C:\Users\Public\Desktop\VIVO INTERNET.lnk - C:\Program Files (x86)\VIVO INTERNET\VIVO INTERNET.exe
C:\Users\Public\Desktop\WinZip Registry Optimizer.lnk - C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC App Store\PC App Store.lnk - C:\Program Files (x86)\Baidu Security\PC App Store\4.3.1.5732\PCAppStore.exe /openfrom=startmenu
C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC App Store\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\PC App Store\4.3.1.5732\Uninstall.exe /openfrom=startmenu

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hao123.lnk - C:\Users\Usuarios\AppData\Roaming\Baidu\hao123-br\hao123.1.0.0.1106.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\25bb2cdfb96af2d6\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Hao123.lnk - C:\Users\Usuarios\AppData\Roaming\Baidu\hao123-br\hao123.1.0.0.1106.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Photoshop CS5 (64 Bit).lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CorelDRAW X6 (64-Bit).lnk - c:\Windows\Installer\{27AE72A4-B217-4CDC-B82B-3311E9D7460E}\NewShortcut1_41AAC0AC880545E6A1C81230F4159C30.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="*.local"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Usuarios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Usuarios\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Usuarios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Default User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Usuarios\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\USURIO~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=315 folders=28 5430788 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Usuarios\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Usuarios\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Usuarios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on 04/06/2014 at 11:26:20,45 ======================
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Power Max em Qua 04 Jun 2014, 14:46

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 04 Jun 2014, 18:14, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Fuçador em Qua 04 Jun 2014, 16:10


Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by Usuarios on 04/06/2014 at 15:44:43,56.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Documentos - Usuário\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-04-142620.log 51930 bytes
C:\zoek-results2014-06-04-184233.log 972382 bytes

==== System Restore Info ======================

04/06/2014 15:46:08 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCAppStoreSvc_{PCAppStore_4.3.1.5732} deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCAppStoreSvc_{PCAppStore_4.3.1.5732} deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0\Setup]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
"DisplayIcon"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
"UninstallString"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
"Publisher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
"InstallDir"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCFApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCFApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCFApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCFApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFApiUtil]
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\bavhm.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf\log\Updater.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\Bug\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\Bug\log\BavSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.3.1.5732]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.3.1.5732\Install]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.3.1.5732\LastReportTime]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\Setup]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm64]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata\\2013-12-19 18_45_29_0370rpdata.dat"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
"url"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC App Store]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC App Store\4.3.1.5732]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC App Store\4.3.1.5732\LastReportTime]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC App Store\DataReport]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]
"ares_BaiDuSafe_RegType"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"Adobe ARM_BaiDuSafe_RegType"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"AdobeCS5ServiceManager_BaiDuSafe_RegType"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"GrooveMonitor_BaiDuSafe_RegType"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"HP Software Update_BaiDuSafe_RegType"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"SunJavaUpdateSched_BaiDuSafe_RegType"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"SwitchBoard_BaiDuSafe_RegType"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm64]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\Setup]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\Bav.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\Bav.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\BavTray.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\BavTray.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PCFaster.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PCFaster.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PCFPopups.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PCFPopups.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PcfTray.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PcfTray.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\Bav.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\Bav.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\BavTray.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\BavTray.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PCFaster.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PCFaster.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PCFPopups.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PCFPopups.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PcfTray.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PcfTray.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br]
"DisplayIcon"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br]
"Publisher"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br]
"UninstallString"=-
"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=-
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\3.7.0.0\\UninstCaller.exe"=-
"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=-
"C:\\Users\\Usuarios\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_GL1.exe"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\bavhm.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf\log\Updater.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\Bug\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\Bug\log\BavSvc.exe]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.3.1.5732]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.3.1.5732\Install]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.3.1.5732\LastReportTime]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\Setup]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm64]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata\\2013-12-19 18_45_29_0370rpdata.dat"=-

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Baidu Security not found
C:\Program Files (x86)\Baidu Security\Baidu Antivirus not found
C:\ProgramData\Baidu Security not found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus not found
C:\Users\All Users\Baidu Security not found
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus not found
C:\Users\Public\Documents\Baidu S1ecurity not found
C:\Users\Usuarios\AppData\Local\Temp\baidu_secure not found
C:\Users\Usuarios\AppData\Roaming\Baidu Security not found
C:\Users\Usuarios\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall not found
C:\Users\Usuarios\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK not found
C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC App Store not found
C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Baidu Security not found
"C:\Users\Public\Desktop\Baidu Antivirus.lnk" not found
"C:\Users\Usuarios\AppData\Local\Temp\Baidu_PCAppStore_4.3.1.5732.exe" not found
"C:\Users\Usuarios\AppData\Local\Temp\Baidu_Secure_SystemUp_3.7.1.41942.exe" not found
"C:\Users\Usuarios\AppData\Local\Temp\Baidu_Secure_SystemUp_4.0.1.56634.exe" not found
C:\Users\Public\Documents\Baidu deleted

==== Folders Found ======================

2014-06-04 13:25:51 2014-06-04 13:25:51 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-06-04 13:26:18 2014-06-04 13:26:18 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Usuarios\AppData\Roaming\baidu
2014-06-04 13:26:18 2014-06-04 13:26:18 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Usuarios\AppData\Roaming\baidu\Baidu Antivirus
2014-06-04 14:25:32 2014-06-04 14:25:32 -------- d-----w- C:\ProgramData\Baidu
2014-06-04 14:25:32 2014-06-04 14:25:32 -------- d-----w- C:\Users\All Users\Baidu
2013-10-28 15:24:24 2014-05-19 16:46:30 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2014-06-04 18:19:11 2014-06-04 18:20:03 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-06-04 18:20:03 2014-06-04 18:20:16 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-06-04 18:20:16 2014-06-04 18:20:33 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-06-04 18:20:35 2014-06-04 18:20:35 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-06-04 18:20:35 2014-06-04 18:20:36 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-06-04 18:20:38 2014-06-04 18:20:38 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-06-04 18:20:38 2014-06-04 18:28:34 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-06-04 18:20:38 2014-06-04 18:20:40 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security
2014-06-04 18:20:42 2014-06-04 18:20:42 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall
2014-06-04 18:20:42 2014-06-04 18:20:42 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall HK
2014-06-04 18:20:42 2014-06-04 18:20:43 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_Baidu PC App Store
2014-06-04 18:20:43 2014-06-04 18:20:43 -------- d---a-w- C:\zoek_backup\C_Windows_SysWOW64_config_systemprofile_AppData_Roaming_Baidu Security
2014-06-04 18:19:11 2014-06-04 18:19:55 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
2014-06-04 18:20:41 2014-06-04 18:20:41 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-06-04 18:20:41 2014-06-04 18:20:41 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK

==== Files Found ======================


--- C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Cookies\usuarios@baidu[1].txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 104
Created time: 2014-04-06 18:17:10
Modified time: 2014-04-06 18:17:10
MD5: 6E5C43C85343D42D1707BC165EA4EB5D
SHA1: A332658149D6B124EE52DB686D4C133005C8E8BB


--- C:\zoek_backup\C_Users_Public_Desktop_Baidu Antivirus.lnk.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1158
Created time: 2014-06-04 18:20:43
Modified time: 2014-04-09 05:15:34
MD5: 644227CA50207162AECBC2307D5052E8
SHA1: 13441479826E8C25060D4DE28701409F54B6CEF8


--- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Microsoft_Windows_Cookies_usuarios@baidu[1].txt.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 104
Created time: 2014-06-04 18:20:43
Modified time: 2014-04-06 18:17:10
MD5: 6E5C43C85343D42D1707BC165EA4EB5D
SHA1: A332658149D6B124EE52DB686D4C133005C8E8BB


--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3430
Created time: 2014-06-04 14:12:53
Modified time: 2014-04-09 05:15:37
MD5: EF41D1079A1BD90B38780C9AF29308B3
SHA1: 465F72B3B2D12282430B5EC912C66A01F1E4AA82


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-06-04 18:19:35
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-06-04 18:19:35
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-06-04 18:20:06
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-06-04 18:20:06
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB


--- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1176
Created time: 2014-06-04 18:20:35
Modified time: 2014-04-09 05:15:33
MD5: 2A5D2A3E1B2BE433B37CF6160B775823
SHA1: 7BA0A73E924A561DE01F6592C1C57BF6FFE2D320


--- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1176
Created time: 2014-06-04 18:20:38
Modified time: 2014-04-09 05:15:33
MD5: 2A5D2A3E1B2BE433B37CF6160B775823
SHA1: 7BA0A73E924A561DE01F6592C1C57BF6FFE2D320


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Avast Software\WRC\SearchRules\baidu.com]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]

"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=dword:00000001
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\3.7.0.0\\UninstCaller.exe"=dword:00000020

"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=dword:00000001
"C:\\Users\\Usuarios\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_GL1.exe"=dword:00000001

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4663 folders=794 1601394906 bytes)

==== EOF on 04/06/2014 at 15:49:42,71 ======================
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Power Max em Qua 04 Jun 2014, 18:13

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Sex 20 Jun 2014, 10:52, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Fuçador em Qui 05 Jun 2014, 12:03

log do zoek


Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by Usuarios on 05/06/2014 at 11:54:12,35.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Documentos - Usuário\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-04-142620.log 51930 bytes
C:\zoek-results2014-06-04-184233.log 972382 bytes
C:\zoek-results2014-06-04-184942.log 38738 bytes

==== System Restore Info ======================

05/06/2014 11:54:36 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]
"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=-
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\3.7.0.0\\UninstCaller.exe"=-
"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=-
"C:\\Users\\Usuarios\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_GL1.exe"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]

==== Deleting Files \ Folders ======================

C:\ProgramData\Baidu deleted
C:\Users\Public\Documents\Baidu Security deleted

==== Folders Found ======================

2014-06-04 13:25:51 2014-06-04 13:25:51 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-06-04 13:26:18 2014-06-04 13:26:18 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Usuarios\AppData\Roaming\baidu
2014-06-04 13:26:18 2014-06-04 13:26:18 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Usuarios\AppData\Roaming\baidu\Baidu Antivirus
2014-06-04 18:19:11 2014-06-04 18:20:03 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-06-04 18:20:03 2014-06-04 18:20:16 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-06-05 14:54:51 2014-06-05 14:54:51 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-06-04 18:20:16 2014-06-04 18:20:33 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-06-04 18:20:35 2014-06-04 18:20:35 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-06-05 14:54:51 2014-06-05 14:54:51 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-06-04 18:20:35 2014-06-04 18:20:36 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-06-04 18:20:38 2014-06-04 18:20:38 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-06-04 18:20:38 2014-06-04 18:28:34 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-06-05 14:54:51 2014-06-05 14:54:51 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
2014-06-04 18:20:38 2014-06-04 18:20:40 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security
2014-06-04 18:20:42 2014-06-04 18:20:42 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall
2014-06-04 18:20:42 2014-06-04 18:20:42 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall HK
2014-06-04 18:20:42 2014-06-04 18:20:43 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_Baidu PC App Store
2014-06-04 18:20:43 2014-06-04 18:20:43 -------- d---a-w- C:\zoek_backup\C_Windows_SysWOW64_config_systemprofile_AppData_Roaming_Baidu Security
2014-06-04 18:19:11 2014-06-04 18:19:55 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
2014-06-04 18:20:41 2014-06-04 18:20:41 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-06-04 18:20:41 2014-06-04 18:20:41 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK

==== Files Found ======================


--- C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Cookies\usuarios@baidu[1].txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 104
Created time: 2014-04-06 18:17:10
Modified time: 2014-04-06 18:17:10
MD5: 6E5C43C85343D42D1707BC165EA4EB5D
SHA1: A332658149D6B124EE52DB686D4C133005C8E8BB


--- C:\zoek_backup\C_Users_Public_Desktop_Baidu Antivirus.lnk.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1158
Created time: 2014-06-04 18:20:43
Modified time: 2014-04-09 05:15:34
MD5: 644227CA50207162AECBC2307D5052E8
SHA1: 13441479826E8C25060D4DE28701409F54B6CEF8


--- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Microsoft_Windows_Cookies_usuarios@baidu[1].txt.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 104
Created time: 2014-06-04 18:20:43
Modified time: 2014-04-06 18:17:10
MD5: 6E5C43C85343D42D1707BC165EA4EB5D
SHA1: A332658149D6B124EE52DB686D4C133005C8E8BB


--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3430
Created time: 2014-06-04 14:12:53
Modified time: 2014-04-09 05:15:37
MD5: EF41D1079A1BD90B38780C9AF29308B3
SHA1: 465F72B3B2D12282430B5EC912C66A01F1E4AA82


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-06-04 18:19:35
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-06-04 18:19:35
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-06-04 18:20:06
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-06-04 18:20:06
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB


--- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1176
Created time: 2014-06-04 18:20:35
Modified time: 2014-04-09 05:15:33
MD5: 2A5D2A3E1B2BE433B37CF6160B775823
SHA1: 7BA0A73E924A561DE01F6592C1C57BF6FFE2D320


--- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1176
Created time: 2014-06-04 18:20:38
Modified time: 2014-04-09 05:15:33
MD5: 2A5D2A3E1B2BE433B37CF6160B775823
SHA1: 7BA0A73E924A561DE01F6592C1C57BF6FFE2D320


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]

"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=dword:00000001
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\3.7.0.0\\UninstCaller.exe"=dword:00000020

"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=dword:00000001
"C:\\Users\\Usuarios\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_GL1.exe"=dword:00000001

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4682 folders=808 1602708603 bytes)

==== EOF on 05/06/2014 at 11:55:23,93 ======================
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Power Max em Qui 05 Jun 2014, 12:54

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Você precisa estar registrado e conectado para ver esta imagem.]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Você precisa estar registrado e conectado para ver esta imagem.]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Sex 20 Jun 2014, 10:52, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Fuçador em Seg 09 Jun 2014, 09:21


Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by Usuarios on 09/06/2014 at 9:19:50,95.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Documentos - Usuário\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-04-142620.log 51930 bytes
C:\zoek-results2014-06-04-184233.log 972382 bytes
C:\zoek-results2014-06-04-184942.log 38738 bytes
C:\zoek-results2014-06-05-145523.log 11995 bytes
C:\zoek-results2014-06-05-161146.log 3064 bytes

==== System Restore Info ======================

09/06/2014 09:20:26 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]
"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=-
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\3.7.0.0\\UninstCaller.exe"=-
"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=-
"C:\\Users\\Usuarios\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_GL1.exe"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]

==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster]

"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=dword:00000001
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\3.7.0.0\\UninstCaller.exe"=dword:00000020

"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=dword:00000001
"C:\\Users\\Usuarios\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_GL1.exe"=dword:00000001

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4682 folders=808 1602708603 bytes)

==== EOF on 09/06/2014 at 9:21:08,55 ======================
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Power Max em Seg 09 Jun 2014, 09:24

Faça o download do < ZHPDiag > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

Tutorial de instalação e execução do aplicativo ZHPDiag

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Fuçador em Seg 09 Jun 2014, 15:48

~ Relatório do ZHPDiag v2014.6.9.87 - Nicolas Coolman (09/06/2014)
~ Iniciado por Usuarios (09/06/2014 15:44:44)
~ Endereço do Website : [Você precisa estar registrado e conectado para ver este link.]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador :


---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.7601.17514
GCIE: Google Chrome v35.0.1916.114 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 45

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 5845 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 52 GB (53%) free of 98 GB

---\\ Modo de conexão ao sistema
~ Computer Name: USUARIOS-PC
~ User Name: Usuarios
~ All Users Names: Usuarios, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Usuarios\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Usuarios\AppData\Roaming\
~ %Desktop% : D:\Documentos - Usuário\Desktop\
~ %Favorites% : D:\Documentos - Usuário\Favorites\
~ %LocalAppData% : C:\Users\Usuarios\AppData\Local\
~ %StartMenu% : C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 52 Go of 98 Go)
D: Hard drive, Flash drive, Thumb drive (Free 303 Go of 368 Go)
E: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.AC4C51EB24AA95B77F705AB159189E24] - (.Microsoft Corporation - Windows Explorer.) (.21/11/2010 - 00:24:11.) -- C:\Windows\Explorer.exe [2872320]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F6C5302E1F4813D552F41A0AC82455E5] - (.Microsoft Corporation - Internet Extensions para Win32.) (.21/11/2010 - 00:23:55.) -- C:\Windows\System32\wininet.dll [1188864]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 00:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/11/2010 - 00:24:08.) -- C:\Windows\system32\Drivers\AFD.sys [499712]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.FAF015B07E3A2874A790A39B7D2C579F] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.21/11/2010 - 00:24:03.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.05D78AA5CB5F3F5C31160BDB955D0B7C] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.21/11/2010 - 00:23:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/3908
~ Mes musiques (My Musics) : 4/866
~ Mes Favoris (My Favorites) : 1/24
~ Mes Documents (My Documents) : 3/6545
~ Mon Bureau (My Desktop) : 2/392
~ Menu demarrer (Programs) : 1/44
~ Hidden Files: Scanned in 00mn 01s



---\\ Processos lançados
[MD5.349AB4F70E2AC44970894E7F03E1576E] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [236384] [PID.2268]
[MD5.59D9856CD1420E2AF778821B7E1B81D0] - (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136] [PID.2256]
[MD5.780886BCAA007B434FAEA6B48920AE0E] - (.Seekar Ltd - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe [2736128] [PID.2976]
[MD5.6DC177F1626545F087892E73E7609DD0] - (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe [1209904] [PID.3088]
[MD5.7E6ACA6B6C89B7CD098944A9159DAED3] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208] [PID.3144]
[MD5.98B31CBC09D671DADEB7C92AEF1CBE29] - (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Users\Usuarios\AppData\Roaming\VIVO INTERNET\ouc.exe [110592] [PID.3196]
[MD5.796227FCA947A0B8E3D6A097B27F2363] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088] [PID.3328]
[MD5.048EA4B978851788E9F5E8E4F081DF7A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904] [PID.3524]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488] [PID.4408]
[MD5.F5546A846F16DB4578DF72F30AACB1FC] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8066560] [PID.4264]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1564]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1604]
[MD5.E4FAD21646088D79F8889B6531396ACF] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93072] [PID.2012]
[MD5.83FF82FE209E7997067B375DAD6CF23D] - (.Intel Corporation - Intel(R) Integrated Clock Controller Servic.) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752] [PID.2968]
[MD5.E32686B4E27D11F83E3F2844E104C66C] - (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920] [PID.1016]
[MD5.EE65488B7294FBCB113EAC9FD492345C] - (.Intel Corporation - Intel(R) ME Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544] [PID.3696]
[MD5.BF5D3A2624177C413680DEF19A465AF8] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.1488]
[MD5.3EA307C51069BC72DD74A4964F2A30A9] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [366552] [PID.3988]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Usuarios\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 01s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/abn] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Usuarios\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll
~ Firefox Browser: 3 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [itype] . (.Microsoft Corporation - IType.exe.) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe
O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
O4 - HKCU\..\Run: [ares] . (.Seekar Ltd - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] . (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [ToolboxFX] . (.Hewlett-Packard Company - HPTLBXFX.) -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [fst_br_71] Chave orfã
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4267606759-60028879-2698333463-1000\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
O4 - HKUS\S-1-5-21-4267606759-60028879-2698333463-1000\..\Run: [ares] . (.Seekar Ltd - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKUS\S-1-5-21-4267606759-60028879-2698333463-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-4267606759-60028879-2698333463-1000\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] . (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe
~ Application: Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\EscDomains] http.connectify.me
O15 - Trusted Zone: [HKCU\...\EscDomains] http.fastspring.com
O15 - Trusted Zone: [HKLM\...\EscDomains] http.connectify.me
O15 - Trusted Zone: [HKLM\...\EscDomains] http.fastspring.com
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{05AA246F-0801-49D5-B500-0EB796488AA3}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D66B2BF-909A-4D31-A23D-BF4239A5B5D0}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CD6B50E-2D4F-4CAC-A240-27BC0467188D}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{2857F260-A30C-43F7-B516-AE3123285738}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{57541131-A8BA-45F2-9D74-310C0319BA3A}: DhcpNameServer = 200.222.0.34 200.202.193.75
O17 - HKLM\System\CCS\Services\Tcpip\..\{83DC84B4-2C84-40AA-83E6-04A59BAD3A7A}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{05AA246F-0801-49D5-B500-0EB796488AA3}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D66B2BF-909A-4D31-A23D-BF4239A5B5D0}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{3CD6B50E-2D4F-4CAC-A240-27BC0467188D}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{2857F260-A30C-43F7-B516-AE3123285738}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{57541131-A8BA-45F2-9D74-310C0319BA3A}: DhcpNameServer = 200.222.0.34 200.202.193.75
O17 - HKLM\System\CS1\Services\Tcpip\..\{83DC84B4-2C84-40AA-83E6-04A59BAD3A7A}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{05AA246F-0801-49D5-B500-0EB796488AA3}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{0D66B2BF-909A-4D31-A23D-BF4239A5B5D0}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{3CD6B50E-2D4F-4CAC-A240-27BC0467188D}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{2857F260-A30C-43F7-B516-AE3123285738}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{57541131-A8BA-45F2-9D74-310C0319BA3A}: DhcpNameServer = 200.222.0.34 200.202.193.75
O17 - HKLM\System\CS2\Services\Tcpip\..\{83DC84B4-2C84-40AA-83E6-04A59BAD3A7A}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Claro. OUC (Claro. RunOuc) . (...) - C:\Program Files (x86)\Claro\UpdateDog\ouc.exe (.not file.)
O23 - Service: HWDeviceService64.exe (HWDeviceService64.exe) . (.No owner - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService64.exe
~ Services: 12 Legitimates Filtered in 00mn 03s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [Registry Optimizer] (...) -- C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{1AC73584-CB51-42C1-8B40-EFEFCE5CF671}] (...) -- C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\UninstCaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{74DCBEE4-C450-4659-BD55-EEFCD05B2A4A}] (...) -- C:\Program Files (x86)\PP™£Ò™\ihelper.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EFD69AFB-7046-4284-805B-CB312AD16E18}] (...) -- c:\users\Usuarios\appdata\local\lollipop\lollipop.bat (.not file.) [0] =>Adware.Lollipop
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1068]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1072]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\HP Photo Creations Communicator [344]
~ Scheduled Task: 15 Legitimates Filtered in 00mn 04s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (360AvFlt) . (.360.cn - 360杀毒 文件监控驱动.) - C:\Windows\System32\DRIVERS\360AvFlt.sys
O41 - Driver: (360FltOEM) . (.360.cn - 360HipsOEM.) - C:\Windows\System32\DRIVERS\360FltOEM.sys
O41 - Driver: (Bnbase) . (.Baidu, Inc. - Baidu Antivirus NetBase Driver.) - C:\Windows\System32\drivers\bnbasex64.sys
~ Drivers: 72 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Ares 2.2.6 - (.Seekar Ltd.) [HKLM][64Bits] -- Ares
O42 - Logiciel: Discount Dragon - (.App Squad.) [HKLM][64Bits] -- 38900_Discount Dragon =>PUP.DiscountDragon
O42 - Logiciel: Módulo de Proteção Banco Santander (Brasil) S.A. - (...) [HKLM][64Bits] -- {83033d93-48d0-48fc-9c5b-82e57e7e0dd6}_is1
O42 - Logiciel: PokerStars - (.PokerStars.) [HKLM][64Bits] -- PokerStars
O42 - Logiciel: Price Meter (remove only) - (.Price Meter.) [HKCU][64Bits] -- Price Meter =>PUP.PriceMeter
O42 - Logiciel: Recibo Grátis versão 2.2 - (.P5 Sistemas.) [HKLM][64Bits] -- {B231FA7F-4CB5-4C83-88CC-8C4D670EEF4C}_is1
O42 - Logiciel: Update for PriceMeter - (.Update for PriceMeter.) [HKCU][64Bits] -- PriceMeterUpdater =>PUP.PriceMeter
O42 - Logiciel: partypoker - (.PartyGaming.) [HKLM][64Bits] -- PartyPoker
~ Logic: 30 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ares]
[HKCU\Software\Baidu Security]
[HKCU\Software\ForumerIT] =>Toolbar.Forumer
[HKCU\Software\GbAs]
[HKCU\Software\PartyGaming]
[HKCU\Software\PriceMeter] =>PUP.PriceMeter
[HKCU\Software\Teiron]
[HKCU\Software\gooternet]
[HKLM\Software\Baidu Security]
[HKLM\Software\Wow6432Node\360Safe]
[HKLM\Software\Wow6432Node\AdvertisingSupport] =>PUP.AdvertisingSupport
[HKLM\Software\Wow6432Node\Discount Dragon] =>PUP.DiscountDragon
~ Key Software: 257 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 16/12/2013 - 21:03:35 - [] ----D C:\Program Files (x86)\Ares
O43 - CFD: 08/05/2014 - 19:42:17 - [] ----D C:\Program Files (x86)\gooternet
O43 - CFD: 30/03/2014 - 18:46:43 - [] ----D C:\Program Files (x86)\OI
O43 - CFD: 29/05/2014 - 20:39:31 - [] ----D C:\Program Files (x86)\PokerStars
O43 - CFD: 10/12/2013 - 10:47:45 - [] ----D C:\Program Files (x86)\PPÖúÊÖ
O43 - CFD: 29/03/2014 - 21:05:06 - [] ----D C:\Program Files (x86)\VIVO INTERNET
O43 - CFD: 30/03/2014 - 18:46:43 - [] ----D C:\ProgramData\OI
O43 - CFD: 28/10/2013 - 12:38:53 - [] ----D C:\Users\Usuarios\AppData\Roaming\360Safe
O43 - CFD: 19/01/2014 - 08:55:57 - [] ----D C:\Users\Usuarios\AppData\Roaming\cef-cache
O43 - CFD: 19/01/2014 - 08:55:44 - [] ----D C:\Users\Usuarios\AppData\Roaming\Party
O43 - CFD: 13/04/2014 - 02:49:59 - [] ----D C:\Users\Usuarios\AppData\Roaming\VIVO INTERNET
O43 - CFD: 16/12/2013 - 21:03:37 - [] ----D C:\Users\Usuarios\AppData\Local\Ares
O43 - CFD: 04/06/2014 - 00:20:33 - [] ----D C:\Users\Usuarios\AppData\Local\PokerStars
~ Program Folder: 166 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.1E4A1B03D1B6CD8A174A826F76E009F4] - 03/06/2014 - 23:28:39 ---A- . (...) -- C:\InjectIntoProcess crash [16]
O44 - LFC:[MD5.1D3E1E57E635643597F0FFC3142C69AE] - 04/06/2014 - 11:31:39 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147838]
O44 - LFC:[MD5.4228148285899D00C31402DEC62CCA33] - 04/06/2014 - 11:31:39 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [707592]
O44 - LFC:[MD5.B8B702562BE750DE53093AC8282D5F97] - 04/06/2014 - 15:42:33 ---A- . (...) -- C:\zoek-results2014-06-04-184233.log [972382]
O44 - LFC:[MD5.3FF5C5479E5488F04E5E774A9D38CCA5] - 04/06/2014 - 15:49:42 ---A- . (...) -- C:\zoek-results2014-06-04-184942.log [38738]
O44 - LFC:[MD5.24B9F801E1DD1263C22FFB976AED1835] - 05/06/2014 - 11:55:23 ---A- . (...) -- C:\zoek-results2014-06-05-145523.log [11995]
O44 - LFC:[MD5.471288802840B7E9074600314C605416] - 05/06/2014 - 13:11:46 ---A- . (...) -- C:\zoek-results2014-06-05-161146.log [3064]
O44 - LFC:[MD5.7A48DFB68DB40AE2061DDE4A9DBBEEB4] - 09/06/2014 - 09:21:08 ---A- . (...) -- C:\zoek-results.log [3113]
~ Files: 15 Legitimates Filtered in 00mn 01s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{132c39e2-5f4e-11e3-95f6-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{1e0dca16-b46a-11e3-a1e4-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{2070b17d-a608-11e3-b3d7-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{2070b23c-a608-11e3-b3d7-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{225a4a9c-a949-11e3-8954-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{2e75b08b-aadf-11e3-ac39-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{372e8ba2-6197-11e3-83b4-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{372e8bc1-6197-11e3-83b4-e81132bedde8}\AutoRun\command. (...) -- H:\AutoRun.exe (.not file.)
O51 - MPSK:{372e8bca-6197-11e3-83b4-e81132bedde8}\AutoRun\command. (...) -- H:\AutoRun.exe (.not file.)
O51 - MPSK:{3c2658d1-7779-11e3-b354-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{3c265a96-7779-11e3-b354-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{3c265aa3-7779-11e3-b354-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{4193c519-7073-11e3-bca8-50b7c3023803}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{4196f032-81c2-11e3-9146-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{5dd99402-7eb4-11e3-9e7f-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{5dd9940c-7eb4-11e3-9e7f-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{68b14fdc-4af5-11e3-94f4-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{68b14fea-4af5-11e3-94f4-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{74800af7-6aff-11e3-9cbe-50b7c3023803}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{798fdd6d-b807-11e3-9d2e-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{8beec811-359f-11e3-bf6a-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{8beec820-359f-11e3-bf6a-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{8beec8d6-359f-11e3-bf6a-e81132bedde8}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{8beec8f9-359f-11e3-bf6a-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{9d430e7a-b6b5-11e3-9ba9-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{9e980c5b-b5cb-11e3-a883-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{9e980c9c-b5cb-11e3-a883-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{9e980ca9-b5cb-11e3-a883-e81132bedde8}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{b5e08800-8749-11e3-9b18-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{c2f6ec21-7bda-11e3-8cf2-806e6f6e6963}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{c2f6ec75-7bda-11e3-8cf2-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{c2f6eca8-7bda-11e3-8cf2-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{c2f6ecfd-7bda-11e3-8cf2-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{df244847-b45a-11e3-8473-50b7c3023803}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{df244858-b45a-11e3-8473-50b7c3023803}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{df244866-b45a-11e3-8473-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{df244876-b45a-11e3-8473-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{df244881-b45a-11e3-8473-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{df244896-b45a-11e3-8473-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{df2448a4-b45a-11e3-8473-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 1 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:31/10/2013 - 10:10:00 R--A- . (.360.cn - 360杀毒 文件监控驱动.) -- C:\Windows\System32\Drivers\360AvFlt.sys [71360]
O58 - SDL:24/10/2013 - 11:26:20 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [289952]
O58 - SDL:16/08/2013 - 12:34:03 ---A- . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum [175]
O58 - SDL:16/08/2013 - 12:34:03 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum [175]
O58 - SDL:16/08/2013 - 12:34:03 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys.sum [175] =>.ALWIL Software
O58 - SDL:16/05/2014 - 05:10:13 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [56640]
O58 - SDL:16/05/2014 - 05:10:14 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [37696]
O58 - SDL:16/05/2014 - 05:10:40 ---A- . (.Baidu, Inc. - Baidu Antivirus NetBase Driver.) -- C:\Windows\System32\Drivers\Bnbasex.sys [91616]
O58 - SDL:16/05/2014 - 05:10:40 ---A- . (.Baidu, Inc. - Baidu Antivirus NetBase Driver.) -- C:\Windows\System32\Drivers\bnbasex64.sys [91616]
O58 - SDL:16/05/2014 - 05:10:42 ---A- . (.Baidu, Inc. - Baidu Antivirus NetDefense Driver.) -- C:\Windows\System32\Drivers\Bndef.sys [70912]
O58 - SDL:16/05/2014 - 05:10:42 ---A- . (.Baidu, Inc. - Baidu Antivirus NetDefense Driver.) -- C:\Windows\System32\Drivers\bndef64.sys [70912]
O58 - SDL:16/05/2014 - 05:10:47 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [142592]
O58 - SDL:10/12/2013 - 09:20:32 ---A- . (.Connectify - NDISRD helper driver.) -- C:\Windows\System32\Drivers\cnnctfy3.sys [35352]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:07/06/2012 - 15:01:16 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [293712]
O58 - SDL:08/10/2010 - 05:59:40 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [32768]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:05/08/2010 - 20:43:20 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys [1001472]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
~ Drivers: 80 Legitimates Filtered in 00mn 04s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 31/10/2013 - C:\Windows\System32\DRIVERS\360AvFlt.sys (360AvFlt) .(.360.cn - 360杀毒 文件监控驱动.) - LEGACY_360AVFLT
O64 - Services: CurCS - 24/10/2013 - C:\Windows\System32\DRIVERS\360FltOEM.sys (360FltOEM) .(.360.cn - 360HipsOEM.) - LEGACY_360FLTOEM
O64 - Services: CurCS - 16/05/2014 - C:\Windows\System32\drivers\bnbasex64.sys (Bnbase) .(.Baidu, Inc. - Baidu Antivirus NetBase Driver.) - LEGACY_BNBASE
~ Legacy: 83 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Você precisa estar registrado e conectado para ver este link.]
O69 - SBI: SearchScopes [HKCU] {92001F8A-C36B-473A-91E7-5BE0C81CF2B3} - (PSafe ClikSeguro) - [Você precisa estar registrado e conectado para ver este link.]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.5AA514950B9E2FB3973BEB10F492B64C] [SPRF][14/04/2014] (...) -- C:\Users\Usuarios\AppData\Roaming\unins000.dat [62194]
[MD5.9EC73884D7D7BFEC9EED7EAF3122A0BE] [SPRF][04/06/2014] (...) -- D:\Documentos - Usuário\Desktop\AdwCleaner.exe [1327971]
[MD5.69E084E01AB3CB043D0FD361056B277B] [SPRF][04/02/2014] (...) -- D:\Documentos - Usuário\Desktop\evasi0n7.exe [19083278]
[MD5.16C317F08A0E24F8A059192F3AB7BC7B] [SPRF][11/04/2014] (...) -- D:\Documentos - Usuário\Desktop\SUP_S922_V1.09.11830_20140411.bin [3169264]
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][04/06/2014] (...) -- D:\Documentos - Usuário\Desktop\zoek.exe [1285120]
~ Files: 7 Legitimates Filtered in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseSmartSetup_RASAPI32 =>PUP.BrowseSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseSmartSetup_RASMANCS =>PUP.BrowseSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseSmart_Setup_RASAPI32 =>PUP.BrowseSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseSmart_Setup_RASMANCS =>PUP.BrowseSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Lollipop_antivirus_1302-27bc6a41_RASAPI32 =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Lollipop_antivirus_1302-27bc6a41_RASMANCS =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_0702-81cfb2ef_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_0702-81cfb2ef_RASMANCS =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_RASMANCS =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_Setup_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_Setup_RASMANCS =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Mobogenie_Setup_2_RASAPI32 =>PUP.Mobogenie
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Mobogenie_Setup_2_RASMANCS =>PUP.Mobogenie
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\package_awesomehp_installer_multilang_RASAPI32 =>PUP.Awesomehp
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\package_awesomehp_installer_multilang_RASMANCS =>PUP.Awesomehp
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatemelondrea_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatemelondrea_RASMANCS =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilmelondrea_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilmelondrea_RASMANCS =>PUP.Melondrea
~ BTK: 320 Legitimates Filtered in 00mn 00s



---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{BE496A80-8F51-461F-B3D7-88A258A60541}] (Discount Dragon) =>PUP.DiscountDragon
~ BCK: 4424 Legitimates Filtered in 00mn 03s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 10/07/1658 0 | (Claro. RunOuc) . (...) - C:\Program Files (x86)\Claro\UpdateDog\ouc.exe
SS - | Demand 22/03/2013 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 09/10/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/10/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 12/04/2010 142336 | (HP LaserJet Service) . (.HP.) - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
SS - | Demand 13/02/2013 820184 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Demand 13/04/2007 792112 | (NBService) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Disabled 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 14/03/2011 346976 | (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SR - | Auto 13/02/2013 731648 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 12/03/2013 131544 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Demand 01/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 12/03/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 12/03/2013 366552 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Demand 16/05/2007 271920 | (NMIndexingService) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
SR - | Auto 30/11/2010 336824 | (PSI_SVC_2_x64) . (.arvato digital services llc.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 27/08/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 05s



---\\ Scâner Aditional (088)
Database Version : 13026 - (09/06/2014)
Clés trouvées (Keys found) : 8
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 5

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\38900_Discount Dragon] =>PUP.DiscountDragon^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Price Meter] =>PUP.PriceMeter^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PriceMeterUpdater] =>PUP.PriceMeter^
[HKCU\Software\PartyGaming] =>Casino.OnlineGames
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita
[HKCU\Software\ForumerIT] =>Toolbar.Forumer^
[HKCU\Software\PriceMeter] =>PUP.PriceMeter^
[HKLM\Software\Wow6432Node\AdvertisingSupport] =>PUP.AdvertisingSupport^
[HKLM\Software\Wow6432Node\Discount Dragon] =>PUP.DiscountDragon^
[HKCR\CLSID\{BE496A80-8F51-461F-B3D7-88A258A60541}] (Discount Dragon) =>PUP.DiscountDragon^
~ Additionnel Scan: 303222 Items scanned in 00mn 22s



---\\ Informações complémentaires do módulos
~ [Você precisa estar registrado e conectado para ver este link.] =>.Google Chrome, Extensions (G2)
~ [Você precisa estar registrado e conectado para ver este link.] =>.Internet Explorer, Proxy Management (R5)
~ AMI: 2 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Você precisa estar registrado e conectado para ver este link.] =>Adware.Lollipop
[Você precisa estar registrado e conectado para ver este link.] =>PUP.PriceMeter
[Você precisa estar registrado e conectado para ver este link.] =>Toolbar.Forumer
[Você precisa estar registrado e conectado para ver este link.] =>PUP.BrowseSmart
[Você precisa estar registrado e conectado para ver este link.] =>PUP.Melondrea
[Você precisa estar registrado e conectado para ver este link.] =>PUP.Mobogenie
[Você precisa estar registrado e conectado para ver este link.] =>PUP.Awesomehp
[Você precisa estar registrado e conectado para ver este link.] =>PUP.Tarma
[Você precisa estar registrado e conectado para ver este link.] =>Trojan.Lozavita
~ MSI: 9 link(s) detected in 00mn 00s



~ 720 Legitimates filtered by white list
End of the scan (564 lines in 01mn 21s)(0)
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Power Max em Seg 09 Jun 2014, 19:34

 Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

Escolhendo Programas que Iniciam com o PC

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
__________________________________________________________________________________________________________________

 Faça o download do Usbfix neste link (ao acessar a página clique no botão representado nesta imagem (na parte inferior direita da página) para baixá-lo:
[Você precisa estar registrado e conectado para ver esta imagem.]

Utilize o USBFix conforme é mostrado nesta postagem:

Tutorial do USBFix
____________________________________________________________________________________________________________________

 Faça o download do McShield Anti-Malware Tool

Instale-o e utilize-o seguindo as dicas deste tutorial:

Elimine os malwares vindos de pendrives através do McShield Anti-Malware Tool
_________________________________________________________________________________________________________________________

 Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

 Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta juntamente com o relatório do McShield Anti-Malware Tool que terá o nome MCShield-AllScans.txt, o qual estará na área de trabalho (Desktop) de seu PC e também o log (relatório) do Usbfix que estará em C:\UsbFix.txt


Última edição por Power Max em Sex 20 Jun 2014, 10:54, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Fuçador em Qui 12 Jun 2014, 12:26

deu esse erro
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Fuçador em Qui 12 Jun 2014, 12:36

esse log do usbfix é de pesquisa
############################## | UsbFix V 7.171 | [Pesquisa]

Usuário: Usuarios (Administrador) # USUARIOS-PC
Atualizado em 09/06/2014 por El Desaparecido - SosVirus
Começou em 12:31:19 | 12/06/2014

Site : [Você precisa estar registrado e conectado para ver este link.]
Changelog : [Você precisa estar registrado e conectado para ver este link.]
Asistencia : [Você precisa estar registrado e conectado para ver este link.]
Upload Malware : [Você precisa estar registrado e conectado para ver este link.]
Contato : [Você precisa estar registrado e conectado para ver este link.]

PC: SAMSUNG ELECTRONICS CO., LTD. (NP500P4C-AD2BR)
CPU: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
RAM -> [Total : 5846 Mo| Free : 4010 Mo]
Bios: Phoenix Technologies Ltd.
Boot: Normal boot

OS: Microsoft Windows 7 Professional (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 8.0.7601.17514
WB: Google Chrome : 35.0.1916.114

SC: Security Center [Enabled]
WU: Windows Update [(!) Disabled]
AS: Windows Defender [Enabled | (!) Outdated]
FW: Windows FireWall [Enabled]

C:\ (%SystemDrive%) -> Disco fixo # 98 Gb (47 Mb livre - 48%) [] # NTFS
D:\ -> Disco fixo # 368 Gb (304 Mb livre - 83%) [] # NTFS
E:\ -> CD-ROM
F:\ -> Disco removível # 4 Gb (3 Mb livre - 69%) [] # FAT32
G:\ -> Disco removível # 15 Gb (6 Mb livre - 39%) [KINGSTON] # FAT32
H:\ -> Disco removível # 4 Gb (4 Mb livre - 100%) [DADOS] # FAT

################## | Processos Ativos |

C:\Windows\System32\smss.exe (ID: 352|ParentID: 4|SISTEMA)
C:\Windows\System32\csrss.exe (ID: 516|ParentID: 480|SISTEMA)
C:\Windows\System32\csrss.exe (ID: 628|ParentID: 616|SISTEMA)
C:\Windows\System32\wininit.exe (ID: 636|ParentID: 480|SISTEMA)
C:\Windows\System32\winlogon.exe (ID: 672|ParentID: 616|SISTEMA)
C:\Windows\System32\services.exe (ID: 732|ParentID: 636|SISTEMA)
C:\Windows\System32\lsass.exe (ID: 740|ParentID: 636|SISTEMA)
C:\Windows\System32\lsm.exe (ID: 748|ParentID: 636|SISTEMA)
C:\Windows\System32\svchost.exe (ID: 848|ParentID: 732|SISTEMA)
C:\Windows\System32\svchost.exe (ID: 924|ParentID: 732|SERVIÇO DE REDE)
C:\Windows\System32\svchost.exe (ID: 1016|ParentID: 732|SERVIÇO LOCAL)
C:\Windows\System32\svchost.exe (ID: 372|ParentID: 732|SISTEMA)
C:\Windows\System32\svchost.exe (ID: 388|ParentID: 732|SISTEMA)
C:\Windows\System32\svchost.exe (ID: 512|ParentID: 732|SERVIÇO LOCAL)
C:\Windows\System32\svchost.exe (ID: 1084|ParentID: 732|SERVIÇO DE REDE)
C:\Windows\System32\svchost.exe (ID: 1192|ParentID: 732|SERVIÇO LOCAL)
C:\Windows\System32\dwm.exe (ID: 1980|ParentID: 372|Usuarios)
C:\Windows\System32\svchost.exe (ID: 2136|ParentID: 732|SERVIÇO LOCAL)
C:\Windows\System32\svchost.exe (ID: 3256|ParentID: 732|SISTEMA)
C:\Windows\System32\svchost.exe (ID: 4048|ParentID: 732|SERVIÇO LOCAL)
C:\Windows\System32\svchost.exe (ID: 5060|ParentID: 732|SERVIÇO LOCAL)
C:\Windows\System32\wbem\WmiPrvSE.exe (ID: 688|ParentID: 848|SISTEMA)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 3412|ParentID: 732|SISTEMA)
C:\Windows\System32\rundll32.exe (ID: 3328|ParentID: 848|Usuarios)
C:\Windows\System32\WUDFHost.exe (ID: 4392|ParentID: 372|SERVIÇO LOCAL)
C:\Windows\explorer.exe (ID: 2244|ParentID: 4524|Usuarios)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 2760|ParentID: 732|SERVIÇO DE REDE)
C:\Windows\System32\SearchIndexer.exe (ID: 3432|ParentID: 732|SISTEMA)
C:\Windows\System32\SearchProtocolHost.exe (ID: 932|ParentID: 3432|SISTEMA)
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ID: 1604|ParentID: 732|SISTEMA)
C:\Windows\System32\spoolsv.exe (ID: 1708|ParentID: 732|SISTEMA)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3476|ParentID: 2244|Usuarios)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4196|ParentID: 3476|Usuarios)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3504|ParentID: 3476|Usuarios)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 1736|ParentID: 3476|Usuarios)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4508|ParentID: 3476|Usuarios)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 1836|ParentID: 3476|Usuarios)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4332|ParentID: 3476|Usuarios)
C:\Windows\System32\taskeng.exe (ID: 4624|ParentID: 388|Usuarios)
C:\Windows\System32\SearchFilterHost.exe (ID: 3460|ParentID: 3432|SISTEMA)
C:\UsbFix\UsbFix.exe (ID: 4368|ParentID: 3000|Usuarios)
C:\Windows\System32\wbem\WmiPrvSE.exe (ID: 5048|ParentID: 848|SERVIÇO DE REDE)

################## | Autorun |


################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-4267606759-60028879-2698333463-1000\..\Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | Procura genérica |


################## | Registro |


################## | E.O.F | [Você precisa estar registrado e conectado para ver este link.] | [Você precisa estar registrado e conectado para ver este link.] |
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Power Max em Qui 12 Jun 2014, 12:53

faltou você executar o ZHPFix como lhe passei e postar o log dele.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Fuçador em Seg 16 Jun 2014, 09:27

relatorio do ZPHFIX

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Usuarios at 16/06/2014 09:26:24
High Elevated Privileges : OK
Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 01s)
Reparação de atalhos do navegador

========== Estado dos serviços ==========
360AVFLT Parado
360FLTOEM Parado
BNBASE Parado

========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bnbasex.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bnbasex64.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bndef.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bndef64.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (23) (3.932.133 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
6 : Valores do Registo
1 : Pastas
9 : Ficheiros
3 : Estado dos serviços
1 : Restauração Sistema


End of clean in 00mn 19s

========== Caminho do ficheiro do relatório ==========
C:\Users\Usuarios\AppData\Roaming\ZHP\ZHPFix[R1].txt - 12/06/2014 13:26:45 [4420]
C:\Users\Usuarios\AppData\Roaming\ZHP\ZHPFix[R2].txt - 16/06/2014 09:26:26 [1664]
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Fuçador em Seg 16 Jun 2014, 09:30

esta muito melhor,parou de aparecer janelas nos navegadores e um tal de Regytrer optimyzer q tbm travava o funcionamento
ta rodando perfeito isso aí!  
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Power Max em Seg 16 Jun 2014, 09:30

Reinicie o PC para o ZHP completar a limpeza dele.

Depois que o PC tiver reiniciado, faça o seguinte:

Abra novamente o ( ZHPDiag )

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Você precisa estar registrado e conectado para ver esta imagem.]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Você precisa estar registrado e conectado para ver esta imagem.]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Fuçador em Seg 16 Jun 2014, 10:22

aparece uma msg quando vou pesquisar q eu preciso atualizar o ZHPDIAG
e so baixar novamente?
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Power Max em Seg 16 Jun 2014, 10:27

é porque foi lançada uma nova versão dele. Vá no painel de controle do Windows e desinstale o ZHP e/ou ZHPDiag. Depois disto faça o download do < ZHPDiag > < [Você precisa estar registrado e conectado para ver esta imagem.]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Você precisa estar registrado e conectado para ver esta imagem.]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

Tutorial de instalação e execução do aplicativo ZHPDiag

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

Fórum PC Brasil = O melhor da internet você encontra aqui.

Super Links = Mensagens de fé e esperança para o seu coração
avatar
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Fuçador em Seg 16 Jun 2014, 11:33

agora da esse erro
avatar
Fuçador
Membro
Membro

Mensagens : 129
Reputação : 1
Data de inscrição : 30/09/2013

Voltar ao Topo Ir em baixo

Re: Notebook Lento!!

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum