Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.
Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14806 usuários registrados
O último membro registrado é King empero

Os nossos membros postaram um total de 36043 mensagens em 3684 assuntos
Últimos assuntos
» Possíveis vírus
por joram Sex 15 Mar 2024, 19:05

Quem está conectado?
15 usuários online :: 0 registrados, 0 invisíveis e 15 visitantes

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 


Rechercher Pesquisa avançada

março 2024
SegTerQuaQuiSexSábDom
    123
45678910
11121314151617
18192021222324
25262728293031

Calendário Calendário


Notebook Lento!!

2 participantes

Página 1 de 2 1, 2  Seguinte

Ir para baixo

Notebook Lento!! Empty Notebook Lento!!

Mensagem por Fuçador Seg 02 Jun 2014, 12:11

até o mouse ta lento,segue o log do hijackthis,esse é outro notbook

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:10:40, on 02/06/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Ares\Ares.exe
C:\Users\Usuarios\AppData\Local\PriceMeter\pricemeterw.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Users\Usuarios\AppData\Roaming\VIVO INTERNET\ouc.exe
C:\Users\Usuarios\AppData\Local\PriceMeter\pricemeter.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Bench\BService\bservice.exe
C:\Program Files (x86)\Bench\Wd\wd.exe
C:\Users\Usuarios\AppData\Local\PriceMeter\pricemeter.exe
C:\Users\Usuarios\AppData\Local\PriceMeter\pricemeter.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Usuarios\AppData\Local\PriceMeter\pricemeter.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Usuarios\AppData\Local\PriceMeter\pricemeter.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Documentos - Usuário\Downloads\HijackThis (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 54.204.28.26 nikdaiaidiiiogaidkkekcmokcgcdeac
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Discount Dragon BHO - {EA34C851-D481-49F5-A356-3A8B0A8F3B7E} - C:\Program Files (x86)\Discount Dragon\FrameworkBHO.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ToolboxFX] "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Baidu Antivirus] "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe" -auto
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BService] C:\Program Files (x86)\Bench\BService\bservice.exe
O4 - HKLM\..\Run: [Wd] C:\Program Files (x86)\Bench\Wd\wd.exe
O4 - HKLM\..\RunOnce: [Discount Dragon-repairJob] wscript.exe "C:\Users\Usuarios\AppData\Local\Discount Dragon\repair.js" "Discount Dragon-repairJob"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Usuarios\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [PriceMeterW] "C:\Users\Usuarios\AppData\Local\PriceMeter\pricemeterw.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] "C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe"
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O15 - ESC Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - ESC Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - ESC Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (HKLM)
O15 - ESC Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{05AA246F-0801-49D5-B500-0EB796488AA3}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D66B2BF-909A-4D31-A23D-BF4239A5B5D0}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CD6B50E-2D4F-4CAC-A240-27BC0467188D}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{05AA246F-0801-49D5-B500-0EB796488AA3}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{05AA246F-0801-49D5-B500-0EB796488AA3}: NameServer = 200.169.117.221 200.169.117.222
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Baidu Antivirus Service (BAVSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe
O23 - Service: Baidu Hips Service (BHipsSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe
O23 - Service: Claro. OUC (Claro. RunOuc) - Unknown owner - C:\Program Files (x86)\Claro\UpdateDog\ouc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Baidu PC App Store Service 4.3.1.5732 (PCAppStoreSvc_{PCAppStore_4.3.1.5732}) - Baidu Inc. - C:\Program Files (x86)\Baidu Security\PC App Store\4.3.1.5732\PCAppStoreSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 x64 (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12870 bytes
Fuçador
Fuçador
Membro
Membro

Mensagens : 131
Reputação : 1
Data de inscrição : 30/09/2013

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Power Max Seg 02 Jun 2014, 12:44

Baixe o programa Adwcleaner clicando no link abaixo e depois clique no botão Download Now @BleepingComputer:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o AdwCleaner é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Fuçador Qua 04 Jun 2014, 10:31

relatorio do adwcleaner
quero remover qualquer coisa relacionada ao Baidu

# AdwCleaner v3.211 - Relatório criado 04/06/2014 às 10:25:51
# Atualizado 26/05/2014 por Xplode
# Sistema Operacional : Windows 7 Professional Service Pack 1 (64 bits)
# Usuário : Usuarios - USUARIOS-PC
# Executando de : D:\Documentos - Usuário\Desktop\AdwCleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\BonanzaDealsLive
[!] Pasta Deletada : C:\ProgramData\Claro
Pasta Deletada : C:\ProgramData\PriceMeterLiveUpdate
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Claro
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Registry Optimizer
Pasta Deletada : C:\Program Files (x86)\Bench
Pasta Deletada : C:\Program Files (x86)\BonanzaDeals
Pasta Deletada : C:\Program Files (x86)\BonanzaDealsLive
Pasta Deletada : C:\Program Files (x86)\Claro
Pasta Deletada : C:\Program Files (x86)\Discount Dragon
Pasta Deletada : C:\Program Files (x86)\IminentToolbar
Pasta Deletada : C:\Program Files (x86)\predm
Pasta Deletada : C:\Program Files (x86)\PriceMeterLiveUpdate
Pasta Deletada : C:\Program Files (x86)\WinZip Registry Optimizer
Pasta Deletada : D:\Documentos - Usuário\Documents\Mobogenie
Pasta Deletada : C:\Users\Usuarios\AppData\Local\BenchUpdater
Pasta Deletada : C:\Users\Usuarios\AppData\Local\BonanzaDealsLive
Pasta Deletada : C:\Users\Usuarios\AppData\Local\Discount Dragon
Pasta Deletada : C:\Users\Usuarios\AppData\Local\genienext
Pasta Deletada : C:\Users\Usuarios\AppData\Local\lollipop
Pasta Deletada : C:\Users\Usuarios\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Usuarios\AppData\Local\Mysearchdial
Pasta Deletada : C:\Users\Usuarios\AppData\Local\PriceMeter
Pasta Deletada : C:\Users\Usuarios\AppData\Local\PriceMeterLiveUpdate
Pasta Deletada : C:\Users\Usuarios\AppData\Local\Temp\apn
Pasta Deletada : C:\Users\Usuarios\AppData\LocalLow\IminentToolbar
Pasta Deletada : C:\Users\Usuarios\AppData\LocalLow\Mysearchdial
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\0F1F1C2Y1H1P1C0I0T
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\Claro
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\Funmoods
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\IminentToolbar
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\Mysearchdial
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\newnext.me
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\OpenCandy
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\PriceMeterUpdater
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\UpdaterEX
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discount Dragon
Pasta Deletada : C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter
Pasta Deletada : C:\Users\wangjihua\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\wangzhisong\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Usuarios\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikdaiaidiiiogaidkkekcmokcgcdeac
Arquivo Deletada : C:\Windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\Usuarios\daemonprocess.txt
Arquivo Deletada : C:\Users\Usuarios\AppData\Local\mysearchdial-speeddial.crx
Arquivo Deletada : C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\lollipop.lnk
Arquivo Deletada : C:\Users\Usuarios\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Arquivo Deletada : C:\Users\Usuarios\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage
Arquivo Deletada : C:\Windows\Tasks\bench-sys.job
Arquivo Deletada : C:\Windows\System32\Tasks\bench-sys
Arquivo Deletada : C:\Windows\System32\Tasks\Dealply
Arquivo Deletada : C:\Windows\Tasks\Funmoods.job
Arquivo Deletada : C:\Windows\System32\Tasks\Funmoods
Arquivo Deletada : C:\Windows\Tasks\MySearchDial.job
Arquivo Deletada : C:\Windows\System32\Tasks\MySearchDial
Arquivo Deletada : C:\Windows\System32\Tasks\pricemetertask
Arquivo Deletada : C:\Windows\Tasks\PriceMeterUpdater.job
Arquivo Deletada : C:\Windows\System32\Tasks\PriceMeterUpdater
Arquivo Deletada : C:\Windows\System32\Tasks\pricemeterwatcher
Arquivo Deletada : C:\Windows\Tasks\UpdaterEX.job
Arquivo Deletada : C:\Windows\System32\Tasks\UpdaterEX

***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Chave Deletedo : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Chave Deletedo : HKCU\Software\Classes\Applications\lollipop.exe
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [PriceMeterW]
Chave Deletedo : HKLM\SOFTWARE\Classes\AmiBs.Installer
Chave Deletedo : HKLM\SOFTWARE\Classes\AmiBs.Installer.1
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Lollipop_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseSmart_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseSmart_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseSmart_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseSmart_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BService]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Wd]
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_zello_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_zello_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A6FEED89-3BCD-4D19-9DC2-3E613A80A2A4}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{1C1356DA-1E98-4810-A9F6-18D89BD1C0C0}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFBB88A9-C663-4B9B-9170-70FA0A5A2786}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1FAFD711-ABF9-4F6A-8130-5166C7371427}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{392DE650-A1E6-4FB3-A5A4-21285DE225BD}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA34C851-D481-49F5-A356-3A8B0A8F3B7E}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Valor Deletedo : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Chave Deletedo : HKCU\Software\BonanzaDealsLive
Chave Deletedo : HKCU\Software\Iminent
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\mysearchdial
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\TutoTag
Chave Deletedo : HKCU\Software\UpdaterEX
Chave Deletedo : HKCU\Software\AppDataLow\Software
Chave Deletedo : HKLM\Software\Bench
Chave Deletedo : HKLM\Software\BonanzaDealsLive
Chave Deletedo : HKLM\Software\free_soft_to_day
Chave Deletedo : HKLM\Software\Iminent
Chave Deletedo : HKLM\Software\mysearchdial
Chave Deletedo : HKLM\Software\Tutorials
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\claro
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Chave Deletedo : [x64] HKLM\SOFTWARE\Iminent

***** [ Navegadores ] *****

-\\ Internet Explorer v8.0.7601.17514

Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v35.0.1916.114

[ Arquivo : C:\Users\Usuarios\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Search Provider] : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Deletedo [Extension] : nikdaiaidiiiogaidkkekcmokcgcdeac
Deletedo [Extension] : pflphaooapbgpeakohlggbpidpppgdff

*************************

AdwCleaner[R0].txt - [24446 octets] - [04/06/2014 10:24:32]
AdwCleaner[S0].txt - [22867 octets] - [04/06/2014 10:25:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22928 octets] ##########
Fuçador
Fuçador
Membro
Membro

Mensagens : 131
Reputação : 1
Data de inscrição : 30/09/2013

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Power Max Qua 04 Jun 2014, 10:34

Baixe o programa Junkware Removal Tool no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Para executar corretamente o programa acima é só seguir as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste o log (relatório) do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt

Ficamos na espera.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Fuçador Qua 04 Jun 2014, 10:54

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Usuarios on 04/06/2014 at 10:46:38,92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricemeterd_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricemeterd_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\PriceMeterUpdateVer_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\PriceMeterUpdateVer_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricemeterd_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricemeterd_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\PriceMeterUpdateVer_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\PriceMeterUpdateVer_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\baidu"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Usuarios\AppData\Roaming\getrighttogo"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04/06/2014 at 10:53:02,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fuçador
Fuçador
Membro
Membro

Mensagens : 131
Reputação : 1
Data de inscrição : 30/09/2013

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Power Max Qua 04 Jun 2014, 10:55

Desative temporariamente seu antivírus para evitar conflitos.

 Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Sex 20 Jun 2014, 10:51, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Fuçador Qua 04 Jun 2014, 11:36


Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by Usuarios on 04/06/2014 at 11:04:02,11.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Documentos - Usuário\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

04/06/2014 11:04:47 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Usuarios\AppData\Roaming\TomTom\HOME\Profiles\xo856ns1.default\prefs.js:

Added to C:\Users\Usuarios\AppData\Roaming\TomTom\HOME\Profiles\xo856ns1.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\Users\Usuarios\.android deleted
C:\Users\Usuarios\AppData\Roaming\ihelper deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\Users\Usuarios\AppData\Local\cache deleted
C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil deleted
C:\windows\SysNative\tasks\Baidu Antivirus Update deleted
C:\Windows\tasks\Registry Optimizer_DEFAULT.job deleted
C:\Windows\tasks\Registry Optimizer_UPDATES.job deleted
C:\windows\SysNative\tasks\bench-S-1-5-21-4267606759-60028879-2698333463-1000 deleted
C:\Windows\tasks\bench-S-1-5-21-4267606759-60028879-2698333463-1000.job deleted
C:\Users\wangjihua deleted
C:\Users\wangzhisong deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Users\Usuarios\AppData\Roaming\unins000.exe deleted

==== Folders Found ======================

2014-06-04 13:25:51 2014-06-04 13:25:51 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-06-04 13:26:18 2014-06-04 13:26:18 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Usuarios\AppData\Roaming\baidu
2014-06-04 13:26:18 2014-06-04 13:26:18 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Usuarios\AppData\Roaming\baidu\Baidu Antivirus
2013-10-28 15:24:22 2014-05-19 16:46:30 -------- d-----w- C:\Program Files (x86)\Baidu Security
2013-10-28 15:24:32 2014-06-04 13:38:17 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2013-10-28 15:24:22 2014-03-05 10:25:45 -------- d-----w- C:\ProgramData\Baidu Security
2013-12-24 07:50:35 2013-12-24 07:50:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2013-10-28 15:24:22 2014-03-05 10:25:45 -------- d-----w- C:\Users\All Users\Baidu Security
2013-12-24 07:50:35 2013-12-24 07:50:36 -------- d-----w- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-04-09 05:14:36 2014-04-09 05:14:36 -------- d-----w- C:\Users\Public\Documents\Baidu
2013-10-28 15:24:24 2014-05-19 16:46:30 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2013-12-24 07:44:13 2013-12-24 07:44:13 -------- d-----w- C:\Users\Usuarios\AppData\Local\Temp\baidu_secure
2013-10-28 15:24:43 2014-05-19 14:26:56 -------- d-----w- C:\Users\Usuarios\AppData\Roaming\Baidu Security
2013-12-20 13:50:57 2013-12-20 13:50:57 -------- d-----w- C:\Users\Usuarios\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2013-12-20 13:50:58 2013-12-20 13:50:58 -------- d-----w- C:\Users\Usuarios\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK
2014-05-19 16:46:31 2014-05-19 16:46:34 -------- d-----w- C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC App Store
2014-05-19 16:46:31 2014-05-19 16:46:31 -------- d-----w- C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Baidu Security

==== Files Found ======================


--- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2013-09-22 07:32:04
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1


--- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2013-09-22 07:32:04
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB


--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1176
Created time: 2013-12-24 07:50:35
Modified time: 2014-04-09 05:15:33
MD5: 2A5D2A3E1B2BE433B37CF6160B775823
SHA1: 7BA0A73E924A561DE01F6592C1C57BF6FFE2D320


--- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1176
Created time: 2013-12-24 07:50:35
Modified time: 2014-04-09 05:15:33
MD5: 2A5D2A3E1B2BE433B37CF6160B775823
SHA1: 7BA0A73E924A561DE01F6592C1C57BF6FFE2D320


--- C:\Users\Public\Desktop\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1158
Created time: 2013-12-24 07:50:37
Modified time: 2014-04-09 05:15:34
MD5: 644227CA50207162AECBC2307D5052E8
SHA1: 13441479826E8C25060D4DE28701409F54B6CEF8


--- C:\Users\Usuarios\AppData\Local\Temp\Baidu_PCAppStore_4.3.1.5732.exe ---
Company: Baidu, Inc.
File Description: PC App Store Setup
File Version: 4.3.1.5732
Product Name: PC App Store
Copyright: Copyright (C) 2012 Baidu, Inc. All Rights Reserved.
Original Filename:
File type: ----a-w-
File size: 19358464
Created time: 2014-05-19 14:27:08
Modified time: 2014-05-19 14:27:08
MD5: E477198EFBFE8D5E2F9DA1D308C4CB35
SHA1: 44BD38A9C2D24B95D53E83D3A5AA869C790EE566


--- C:\Users\Usuarios\AppData\Local\Temp\Baidu_Secure_SystemUp_3.7.1.41942.exe ---
Company: Baidu, Inc.
File Description: PC Faster Setup
File Version: 3.7.1.41942
Product Name: Baidu PC Faster
Copyright: Copyright (C) 2013 Baidu, Inc. All Rights Reserved.
Original Filename:
File type: ----a-w-
File size: 10485488
Created time: 2013-12-14 23:17:43
Modified time: 2013-12-14 23:17:43
MD5: FCDDA1F1EE22BB14060FD553CB3A4048
SHA1: 06D14594FFE985E1E529EE87B3E2AAA04F937F02


--- C:\Users\Usuarios\AppData\Local\Temp\Baidu_Secure_SystemUp_4.0.1.56634.exe ---
Company: Baidu, Inc.
File Description: PC Faster Setup
File Version: 4.0.1.56634
Product Name: Baidu PC Faster
Copyright: Copyright (C) 2013 Baidu, Inc. All Rights Reserved.
Original Filename:
File type: ----a-w-
File size: 18605480
Created time: 2014-01-31 22:54:01
Modified time: 2014-01-31 22:54:01
MD5: BACBCAE5F50EDD4601DB00CBDA7AF191
SHA1: 22F8B3663BB270BD99B2CA866A9FDB3C0A56683F


--- C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Cookies\usuarios@baidu[1].txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 104
Created time: 2014-04-06 18:17:10
Modified time: 2014-04-06 18:17:10
MD5: 6E5C43C85343D42D1707BC165EA4EB5D
SHA1: A332658149D6B124EE52DB686D4C133005C8E8BB


--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3430
Created time: 2014-06-04 14:12:53
Modified time: 2014-04-09 05:15:37
MD5: EF41D1079A1BD90B38780C9AF29308B3
SHA1: 465F72B3B2D12282430B5EC912C66A01F1E4AA82


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"="http://sync.br.bav.baidu.com/cgi-bin/report_uu_msg_bavv2.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0\Setup]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-01-31 01-07-00-0173-[18677].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-01-31 01-07-00-0173-[18677].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-02-10 02-47-37-0502-[29302].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-02-10 02-35-54-0746-[6740].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-02-11 02-22-18-0403-[16577].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-02-18 02-07-00-0135-[30022].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFPopups-2014-02-27 02-41-53-0632-[20267].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-02-27 02-42-11-0947-[20326].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFPopups-2014-02-28 02-41-53-0647-[16012].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-02-28 02-42-14-0755-[16080].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-05 03-24-41-0445-[7592].tmp"=""

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PcfTray-2014-03-07 03-54-43-0535-[32469].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-15 03-18-11-0232-[2976].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-Updater-2014-03-17 03-18-36-0908-[10293].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PCFasterSvc-2014-03-17 03-44-44-0996-[17914].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

"C:\\ProgramData\\Baidu Security\\RpData\\rpFile-PcfTray-2014-03-17 03-45-21-0190-[18035].tmp"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BavTray.exe\" -auto"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"="Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Uninstall.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"="http://antivirus.baidu.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"="Baidu, Inc."

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
"DisplayIcon"="C:\\Program Files (x86)\\Baidu Security\\PC App Store\\4.3.1.5732\\PCAppStore.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
"UninstallString"="C:\\Program Files (x86)\\Baidu Security\\PC App Store\\4.3.1.5732\\Uninstall.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
"Publisher"="Baidu, Inc."

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
"InstallDir"="C:\\Program Files (x86)\\Baidu Security\\PC App Store\\4.3.1.5732"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
@="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
@="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe\" UI_Start_From_IE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
@="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Translator.exe,-201"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
@="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Translator.exe\" \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdCameraProtect64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"DisplayName"="Baidu PC App Store Service 4.3.1.5732"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"Description"="Baidu PC App Store Service 4.3.1.5732"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdCameraProtect64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"DisplayName"="Baidu PC App Store Service 4.3.1.5732"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"Description"="Baidu PC App Store Service 4.3.1.5732"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdCameraProtect64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"DisplayName"="Baidu PC App Store Service 4.3.1.5732"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"Description"="Baidu PC App Store Service 4.3.1.5732"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\bavhm.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf\log\Updater.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\Bug\log]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\Bug\log\BavSvc.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.3.1.5732]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.3.1.5732\Install]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.3.1.5732\LastReportTime]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\Setup]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm64]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata\\2013-12-19 18_45_29_0370rpdata.dat"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Avast Software\WRC\SearchRules\baidu.com]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
"url"="^http\\:\\/\\/www\\.baidu\\.com\\/.*"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC App Store]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC App Store\4.3.1.5732]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC App Store\4.3.1.5732\LastReportTime]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC App Store\DataReport]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]
"ares_BaiDuSafe_RegType"=dword:00000002

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"Adobe ARM_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"AdobeCS5ServiceManager_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"GrooveMonitor_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"HP Software Update_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"SunJavaUpdateSched_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"SwitchBoard_BaiDuSafe_RegType"=dword:00000001

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm64]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\Setup]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\Bav.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\BavTray.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BavTray.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PCFaster.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFaster.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PCFPopups.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFPopups.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PcfTray.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PcfTray.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\Bav.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\BavTray.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BavTray.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PCFaster.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFaster.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PCFPopups.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFPopups.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PcfTray.exe]
"Path"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PcfTray.exe"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br]
"DisplayIcon"="\"C:\\Users\\Usuarios\\AppData\\Roaming\\baidu\\hao123-br\\hao123.1.0.0.1106.exe\""

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br]
"Publisher"="Baidu Online Network Technology (Beijing) Co., Ltd."

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br]
"UninstallString"="\"C:\\Users\\Usuarios\\AppData\\Roaming\\baidu\\hao123-br\\hao123.1.0.0.1106.exe\" -uninstall"

"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=dword:00000001
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\3.7.0.0\\UninstCaller.exe"=dword:00000020

"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=dword:00000001
"C:\\Users\\Usuarios\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_GL1.exe"=dword:00000001

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"="Bav"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"="Bav"

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\bavhm.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf\log\Updater.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\Bug\log]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\Bug\log\BavSvc.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.3.1.5732]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.3.1.5732\Install]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.3.1.5732\LastReportTime]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\Setup]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm64]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata\\2013-12-19 18_45_29_0370rpdata.dat"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_pcf_statistic_info.cgi"

==== Firefox Extensions ======================

ProfilePath: C:\Users\Usuarios\AppData\Roaming\TomTom\HOME\Profiles\xo856ns1.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

==== Firefox Plugins ======================


==== Chrome Look ======================

Docs - Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - Default\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Docs - Default User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Default User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Default User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Default User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - Default User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Drive - Usuarios\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Usuarios\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Usuarios\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
GBBD Banco Santander (Brasil) S.A. - Usuarios\AppData\Local\Google\Chrome\User Data\Default\Extensions\embboanagkhdghdnaekpbpgfckeejmlo
Google Wallet - Usuarios\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Usuarios\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Docs - USURIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - USURIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - USURIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - USURIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - USURIO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{92001F8A-C36B-473A-91E7-5BE0C81CF2B3} PSafe ClikSeguro Url="http://home.psafe.com/Search.aspx?q={searchTerms}&utm_source=browser+addressbar&utm_medium=browser+addressbar&utm_campaign=browser+addressbar"

==== Reset Google Chrome ======================

C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Default User\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Usuarios\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\USURIO~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Default User\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Usuarios\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\USURIO~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Usuarios\Desktop\PC App Store.lnk - C:\Program Files (x86)\Baidu Security\PC App Store\4.3.1.5732\PCAppStore.exe /openfrom=shortcut

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Baidu Antivirus.lnk - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Bav.exe
C:\Users\Public\Desktop\Claro.lnk - C:\Program Files (x86)\Claro\Claro.exe
C:\Users\Public\Desktop\Discador Oi.lnk - C:\Program Files (x86)\OI\Oi3G\DiscadorOi.exe
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe
C:\Users\Public\Desktop\Kantoo English.lnk -
C:\Users\Public\Desktop\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Public\Desktop\Recibo.lnk - C:\Recibopro\Recibo.exe
C:\Users\Public\Desktop\VIVO INTERNET.lnk - C:\Program Files (x86)\VIVO INTERNET\VIVO INTERNET.exe
C:\Users\Public\Desktop\WinZip Registry Optimizer.lnk - C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC App Store\PC App Store.lnk - C:\Program Files (x86)\Baidu Security\PC App Store\4.3.1.5732\PCAppStore.exe /openfrom=startmenu
C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC App Store\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\PC App Store\4.3.1.5732\Uninstall.exe /openfrom=startmenu

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Hao123.lnk - C:\Users\Usuarios\AppData\Roaming\Baidu\hao123-br\hao123.1.0.0.1106.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\25bb2cdfb96af2d6\PokerStars.lnk - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Hao123.lnk - C:\Users\Usuarios\AppData\Roaming\Baidu\hao123-br\hao123.1.0.0.1106.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Photoshop CS5 (64 Bit).lnk - C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CorelDRAW X6 (64-Bit).lnk - c:\Windows\Installer\{27AE72A4-B217-4CDC-B82B-3311E9D7460E}\NewShortcut1_41AAC0AC880545E6A1C81230F4159C30.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -
C:\Users\Usuarios\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="*.local"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Usuarios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Usuarios\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Usuarios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Default User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Usuarios\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\USURIO~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=315 folders=28 5430788 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Usuarios\AppData\Local\Temp will be emptied at reboot
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Usuarios\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Usuarios\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on 04/06/2014 at 11:26:20,45 ======================
Fuçador
Fuçador
Membro
Membro

Mensagens : 131
Reputação : 1
Data de inscrição : 30/09/2013

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Power Max Qua 04 Jun 2014, 14:46

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Qua 04 Jun 2014, 18:14, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Fuçador Qua 04 Jun 2014, 16:10


Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by Usuarios on 04/06/2014 at 15:44:43,56.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Documentos - Usuário\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-04-142620.log 51930 bytes
C:\zoek-results2014-06-04-184233.log 972382 bytes

==== System Restore Info ======================

04/06/2014 15:46:08 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCAppStoreSvc_{PCAppStore_4.3.1.5732} deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PCAppStoreSvc_{PCAppStore_4.3.1.5732} deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
"uuurl"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\4.0.0.0\Setup]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster\LogUp]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
"DisplayIcon"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
"UninstallString"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
"Publisher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC App Store 4.3.1.5732]
"InstallDir"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\DefaultIcon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BLPFILE\shell\open\command]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCFApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCFApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCFApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCFApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdCameraProtect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bndef]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"InstPath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"DisplayName"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCAppStoreSvc_{PCAppStore_4.3.1.5732}]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFApiUtil]
"ImagePath"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFApiUtil]
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\bavhm.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf\log\Updater.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\Bug\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\Bug\log\BavSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.3.1.5732]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.3.1.5732\Install]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\4.3.1.5732\LastReportTime]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC App Store\Setup]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm64]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata"=-
[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata\\2013-12-19 18_45_29_0370rpdata.dat"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
"url"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC App Store]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC App Store\4.3.1.5732]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC App Store\4.3.1.5732\LastReportTime]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC App Store\DataReport]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Install]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\alluser]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\curuser]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]
"ares_BaiDuSafe_RegType"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"Adobe ARM_BaiDuSafe_RegType"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"AdobeCS5ServiceManager_BaiDuSafe_RegType"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"GrooveMonitor_BaiDuSafe_RegType"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"HP Software Update_BaiDuSafe_RegType"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"SunJavaUpdateSched_BaiDuSafe_RegType"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
"SwitchBoard_BaiDuSafe_RegType"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm64]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Statistic]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\UUReport]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\Setup]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\Bav.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\Bav.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\BavTray.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\BavTray.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PCFaster.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PCFaster.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PCFPopups.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PCFPopups.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PcfTray.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliPoint\AppSpecific\PcfTray.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\Bav.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\Bav.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\BavTray.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\BavTray.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PCFaster.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PCFaster.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PCFPopups.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PCFPopups.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PcfTray.exe]
"Path"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\IntelliType Pro\AppSpecific\PcfTray.exe]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br]
"DisplayIcon"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br]
"Publisher"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br]
"UninstallString"=-
"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=-
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\3.7.0.0\\UninstCaller.exe"=-
"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=-
"C:\\Users\\Usuarios\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_GL1.exe"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"=-
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\bavhm.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BHipsSvc.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf\log\Updater.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\Bug\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\Bug\log\BavSvc.exe]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.3.1.5732]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.3.1.5732\Install]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\4.3.1.5732\LastReportTime]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC App Store\Setup]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\alluser]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\curuser]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hkcu]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\3.7.0.0\Run\Disable\hklm64]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata"=-
[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]
"c:\\programdata\\baidu security\\rpdata\\2013-12-19 18_45_29_0370rpdata.dat"=-

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Baidu Security not found
C:\Program Files (x86)\Baidu Security\Baidu Antivirus not found
C:\ProgramData\Baidu Security not found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus not found
C:\Users\All Users\Baidu Security not found
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus not found
C:\Users\Public\Documents\Baidu S1ecurity not found
C:\Users\Usuarios\AppData\Local\Temp\baidu_secure not found
C:\Users\Usuarios\AppData\Roaming\Baidu Security not found
C:\Users\Usuarios\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall not found
C:\Users\Usuarios\AppData\Roaming\Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK not found
C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC App Store not found
C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Baidu Security not found
"C:\Users\Public\Desktop\Baidu Antivirus.lnk" not found
"C:\Users\Usuarios\AppData\Local\Temp\Baidu_PCAppStore_4.3.1.5732.exe" not found
"C:\Users\Usuarios\AppData\Local\Temp\Baidu_Secure_SystemUp_3.7.1.41942.exe" not found
"C:\Users\Usuarios\AppData\Local\Temp\Baidu_Secure_SystemUp_4.0.1.56634.exe" not found
C:\Users\Public\Documents\Baidu deleted

==== Folders Found ======================

2014-06-04 13:25:51 2014-06-04 13:25:51 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-06-04 13:26:18 2014-06-04 13:26:18 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Usuarios\AppData\Roaming\baidu
2014-06-04 13:26:18 2014-06-04 13:26:18 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Usuarios\AppData\Roaming\baidu\Baidu Antivirus
2014-06-04 14:25:32 2014-06-04 14:25:32 -------- d-----w- C:\ProgramData\Baidu
2014-06-04 14:25:32 2014-06-04 14:25:32 -------- d-----w- C:\Users\All Users\Baidu
2013-10-28 15:24:24 2014-05-19 16:46:30 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2014-06-04 18:19:11 2014-06-04 18:20:03 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-06-04 18:20:03 2014-06-04 18:20:16 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-06-04 18:20:16 2014-06-04 18:20:33 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-06-04 18:20:35 2014-06-04 18:20:35 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-06-04 18:20:35 2014-06-04 18:20:36 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-06-04 18:20:38 2014-06-04 18:20:38 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-06-04 18:20:38 2014-06-04 18:28:34 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-06-04 18:20:38 2014-06-04 18:20:40 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security
2014-06-04 18:20:42 2014-06-04 18:20:42 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall
2014-06-04 18:20:42 2014-06-04 18:20:42 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall HK
2014-06-04 18:20:42 2014-06-04 18:20:43 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_Baidu PC App Store
2014-06-04 18:20:43 2014-06-04 18:20:43 -------- d---a-w- C:\zoek_backup\C_Windows_SysWOW64_config_systemprofile_AppData_Roaming_Baidu Security
2014-06-04 18:19:11 2014-06-04 18:19:55 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
2014-06-04 18:20:41 2014-06-04 18:20:41 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-06-04 18:20:41 2014-06-04 18:20:41 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK

==== Files Found ======================


--- C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Cookies\usuarios@baidu[1].txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 104
Created time: 2014-04-06 18:17:10
Modified time: 2014-04-06 18:17:10
MD5: 6E5C43C85343D42D1707BC165EA4EB5D
SHA1: A332658149D6B124EE52DB686D4C133005C8E8BB


--- C:\zoek_backup\C_Users_Public_Desktop_Baidu Antivirus.lnk.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1158
Created time: 2014-06-04 18:20:43
Modified time: 2014-04-09 05:15:34
MD5: 644227CA50207162AECBC2307D5052E8
SHA1: 13441479826E8C25060D4DE28701409F54B6CEF8


--- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Microsoft_Windows_Cookies_usuarios@baidu[1].txt.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 104
Created time: 2014-06-04 18:20:43
Modified time: 2014-04-06 18:17:10
MD5: 6E5C43C85343D42D1707BC165EA4EB5D
SHA1: A332658149D6B124EE52DB686D4C133005C8E8BB


--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3430
Created time: 2014-06-04 14:12:53
Modified time: 2014-04-09 05:15:37
MD5: EF41D1079A1BD90B38780C9AF29308B3
SHA1: 465F72B3B2D12282430B5EC912C66A01F1E4AA82


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-06-04 18:19:35
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-06-04 18:19:35
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-06-04 18:20:06
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-06-04 18:20:06
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB


--- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1176
Created time: 2014-06-04 18:20:35
Modified time: 2014-04-09 05:15:33
MD5: 2A5D2A3E1B2BE433B37CF6160B775823
SHA1: 7BA0A73E924A561DE01F6592C1C57BF6FFE2D320


--- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1176
Created time: 2014-06-04 18:20:38
Modified time: 2014-04-09 05:15:33
MD5: 2A5D2A3E1B2BE433B37CF6160B775823
SHA1: 7BA0A73E924A561DE01F6592C1C57BF6FFE2D320


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Avast Software\WRC\SearchRules\baidu.com]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]

"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=dword:00000001
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\3.7.0.0\\UninstCaller.exe"=dword:00000020

"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=dword:00000001
"C:\\Users\\Usuarios\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_GL1.exe"=dword:00000001

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4663 folders=794 1601394906 bytes)

==== EOF on 04/06/2014 at 15:49:42,71 ======================
Fuçador
Fuçador
Membro
Membro

Mensagens : 131
Reputação : 1
Data de inscrição : 30/09/2013

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Power Max Qua 04 Jun 2014, 18:13

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Sex 20 Jun 2014, 10:52, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Fuçador Qui 05 Jun 2014, 12:03

log do zoek


Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by Usuarios on 05/06/2014 at 11:54:12,35.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Documentos - Usuário\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-04-142620.log 51930 bytes
C:\zoek-results2014-06-04-184233.log 972382 bytes
C:\zoek-results2014-06-04-184942.log 38738 bytes

==== System Restore Info ======================

05/06/2014 11:54:36 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\DataReport]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Avast Software\WRC\SearchRules\baidu.com]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hkcu]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\4.0.0.0\Run\Disable\hklm]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]
"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=-
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\3.7.0.0\\UninstCaller.exe"=-
"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=-
"C:\\Users\\Usuarios\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_GL1.exe"=-
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\DataReport]

==== Deleting Files \ Folders ======================

C:\ProgramData\Baidu deleted
C:\Users\Public\Documents\Baidu Security deleted

==== Folders Found ======================

2014-06-04 13:25:51 2014-06-04 13:25:51 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-06-04 13:26:18 2014-06-04 13:26:18 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Usuarios\AppData\Roaming\baidu
2014-06-04 13:26:18 2014-06-04 13:26:18 -------- d-----w- C:\AdwCleaner\Quarantine\C\Users\Usuarios\AppData\Roaming\baidu\Baidu Antivirus
2014-06-04 18:19:11 2014-06-04 18:20:03 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-06-04 18:20:03 2014-06-04 18:20:16 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-06-05 14:54:51 2014-06-05 14:54:51 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-06-04 18:20:16 2014-06-04 18:20:33 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-06-04 18:20:35 2014-06-04 18:20:35 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-06-05 14:54:51 2014-06-05 14:54:51 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-06-04 18:20:35 2014-06-04 18:20:36 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-06-04 18:20:38 2014-06-04 18:20:38 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-06-04 18:20:38 2014-06-04 18:28:34 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu
2014-06-05 14:54:51 2014-06-05 14:54:51 -------- d---a-w- C:\zoek_backup\C_Users_Public_Documents_Baidu Security
2014-06-04 18:20:38 2014-06-04 18:20:40 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security
2014-06-04 18:20:42 2014-06-04 18:20:42 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall
2014-06-04 18:20:42 2014-06-04 18:20:42 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security_PC Faster_4.0.0.0_Uninstall_Baidu PC Faster Uninstall HK
2014-06-04 18:20:42 2014-06-04 18:20:43 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Microsoft_Windows_Start Menu_Programs_Baidu PC App Store
2014-06-04 18:20:43 2014-06-04 18:20:43 -------- d---a-w- C:\zoek_backup\C_Windows_SysWOW64_config_systemprofile_AppData_Roaming_Baidu Security
2014-06-04 18:19:11 2014-06-04 18:19:55 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
2014-06-04 18:20:41 2014-06-04 18:20:41 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall
2014-06-04 18:20:41 2014-06-04 18:20:41 -------- d---a-w- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Baidu Security\PC Faster\4.0.0.0\Uninstall\Baidu PC Faster Uninstall HK

==== Files Found ======================


--- C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Cookies\usuarios@baidu[1].txt ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 104
Created time: 2014-04-06 18:17:10
Modified time: 2014-04-06 18:17:10
MD5: 6E5C43C85343D42D1707BC165EA4EB5D
SHA1: A332658149D6B124EE52DB686D4C133005C8E8BB


--- C:\zoek_backup\C_Users_Public_Desktop_Baidu Antivirus.lnk.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1158
Created time: 2014-06-04 18:20:43
Modified time: 2014-04-09 05:15:34
MD5: 644227CA50207162AECBC2307D5052E8
SHA1: 13441479826E8C25060D4DE28701409F54B6CEF8


--- C:\zoek_backup\C_Users_Usuarios_AppData_Roaming_Microsoft_Windows_Cookies_usuarios@baidu[1].txt.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 104
Created time: 2014-06-04 18:20:43
Modified time: 2014-04-06 18:17:10
MD5: 6E5C43C85343D42D1707BC165EA4EB5D
SHA1: A332658149D6B124EE52DB686D4C133005C8E8BB


--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3430
Created time: 2014-06-04 14:12:53
Modified time: 2014-04-09 05:15:37
MD5: EF41D1079A1BD90B38780C9AF29308B3
SHA1: 465F72B3B2D12282430B5EC912C66A01F1E4AA82


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-06-04 18:19:35
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-06-04 18:19:35
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-06-04 18:20:06
Modified time: 2014-01-13 13:40:30
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1


--- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-06-04 18:20:06
Modified time: 2014-01-13 13:40:30
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB


--- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1176
Created time: 2014-06-04 18:20:35
Modified time: 2014-04-09 05:15:33
MD5: 2A5D2A3E1B2BE433B37CF6160B775823
SHA1: 7BA0A73E924A561DE01F6592C1C57BF6FFE2D320


--- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1176
Created time: 2014-06-04 18:20:38
Modified time: 2014-04-09 05:15:33
MD5: 2A5D2A3E1B2BE433B37CF6160B775823
SHA1: 7BA0A73E924A561DE01F6592C1C57BF6FFE2D320


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]

"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=dword:00000001
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\3.7.0.0\\UninstCaller.exe"=dword:00000020

"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=dword:00000001
"C:\\Users\\Usuarios\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_GL1.exe"=dword:00000001

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4682 folders=808 1602708603 bytes)

==== EOF on 05/06/2014 at 11:55:23,93 ======================
Fuçador
Fuçador
Membro
Membro

Mensagens : 131
Reputação : 1
Data de inscrição : 30/09/2013

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Power Max Qui 05 Jun 2014, 12:54

Desative temporariamente seu antivírus para evitar conflitos.

*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.

*Clique [Run Script]

*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

*Caso a reinicialização do PC seja solicitada, clique [OK]

* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.


Última edição por Power Max em Sex 20 Jun 2014, 10:52, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Fuçador Seg 09 Jun 2014, 09:21


Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by Usuarios on 09/06/2014 at 9:19:50,95.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Documentos - Usuário\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-06-04-142620.log 51930 bytes
C:\zoek-results2014-06-04-184233.log 972382 bytes
C:\zoek-results2014-06-04-184942.log 38738 bytes
C:\zoek-results2014-06-05-145523.log 11995 bytes
C:\zoek-results2014-06-05-161146.log 3064 bytes

==== System Restore Info ======================

09/06/2014 09:20:26 Zoek.exe System Restore Point Created Succesfully.

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]
"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=-
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\3.7.0.0\\UninstCaller.exe"=-
"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=-
"C:\\Users\\Usuarios\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_GL1.exe"=-
[-HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster\DataReport]

==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-4267606759-60028879-2698333463-1000\Software\Baidu Security\PC Faster]

"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=dword:00000001
"C:\\Program Files (x86)\\Baidu Security\\PC Faster\\3.7.0.0\\UninstCaller.exe"=dword:00000020

"D:\\Documentos - Usuário\\Downloads\\zello [1].exe"=dword:00000001
"C:\\Users\\Usuarios\\AppData\\Local\\Temp\\baidu_secure\\update\\BavPro_Setup_GL1.exe"=dword:00000001

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4682 folders=808 1602708603 bytes)

==== EOF on 09/06/2014 at 9:21:08,55 ======================
Fuçador
Fuçador
Membro
Membro

Mensagens : 131
Reputação : 1
Data de inscrição : 30/09/2013

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Power Max Seg 09 Jun 2014, 09:24

Notebook Lento!! 772309 Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Fuçador Seg 09 Jun 2014, 15:48

~ Relatório do ZHPDiag v2014.6.9.87 - Nicolas Coolman (09/06/2014)
~ Iniciado por Usuarios (09/06/2014 15:44:44)
~ Endereço do Website : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão : Versão atualizada.
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador :


---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.7601.17514
GCIE: Google Chrome v35.0.1916.114 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Softwares de proteçao do sistema
Windows Defender W7 (Activate)

---\\ Softwares d'optimização do sistema

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 45

---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 5845 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 52 GB (53%) free of 98 GB

---\\ Modo de conexão ao sistema
~ Computer Name: USUARIOS-PC
~ User Name: Usuarios
~ All Users Names: Usuarios, HomeGroupUser$, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\Usuarios\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Usuarios\AppData\Roaming\
~ %Desktop% : D:\Documentos - Usuário\Desktop\
~ %Favorites% : D:\Documentos - Usuário\Favorites\
~ %LocalAppData% : C:\Users\Usuarios\AppData\Local\
~ %StartMenu% : C:\Users\Usuarios\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 52 Go of 98 Go)
D: Hard drive, Flash drive, Thumb drive (Free 303 Go of 368 Go)
E: CD-ROM drive (Not Inserted)



---\\ Estado do Centro de Segurança do Windows
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Pesquisa particular de ficheiros genéricos
[MD5.AC4C51EB24AA95B77F705AB159189E24] - (.Microsoft Corporation - Windows Explorer.) (.21/11/2010 - 00:24:11.) -- C:\Windows\Explorer.exe [2872320]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F6C5302E1F4813D552F41A0AC82455E5] - (.Microsoft Corporation - Internet Extensions para Win32.) (.21/11/2010 - 00:23:55.) -- C:\Windows\System32\wininet.dll [1188864]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.21/11/2010 - 00:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.21/11/2010 - 00:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/11/2010 - 00:24:08.) -- C:\Windows\system32\Drivers\AFD.sys [499712]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.FAF015B07E3A2874A790A39B7D2C579F] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.21/11/2010 - 00:24:03.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 00:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.05D78AA5CB5F3F5C31160BDB955D0B7C] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.21/11/2010 - 00:23:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 00:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 00:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 00:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.21/11/2010 - 00:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes images (My Pictures) : 2/3908
~ Mes musiques (My Musics) : 4/866
~ Mes Favoris (My Favorites) : 1/24
~ Mes Documents (My Documents) : 3/6545
~ Mon Bureau (My Desktop) : 2/392
~ Menu demarrer (Programs) : 1/44
~ Hidden Files: Scanned in 00mn 01s



---\\ Processos lançados
[MD5.349AB4F70E2AC44970894E7F03E1576E] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [236384] [PID.2268]
[MD5.59D9856CD1420E2AF778821B7E1B81D0] - (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136] [PID.2256]
[MD5.780886BCAA007B434FAEA6B48920AE0E] - (.Seekar Ltd - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe [2736128] [PID.2976]
[MD5.6DC177F1626545F087892E73E7609DD0] - (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe [1209904] [PID.3088]
[MD5.7E6ACA6B6C89B7CD098944A9159DAED3] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208] [PID.3144]
[MD5.98B31CBC09D671DADEB7C92AEF1CBE29] - (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Users\Usuarios\AppData\Roaming\VIVO INTERNET\ouc.exe [110592] [PID.3196]
[MD5.796227FCA947A0B8E3D6A097B27F2363] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088] [PID.3328]
[MD5.048EA4B978851788E9F5E8E4F081DF7A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904] [PID.3524]
[MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488] [PID.4408]
[MD5.F5546A846F16DB4578DF72F30AACB1FC] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8066560] [PID.4264]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1564]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1604]
[MD5.E4FAD21646088D79F8889B6531396ACF] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93072] [PID.2012]
[MD5.83FF82FE209E7997067B375DAD6CF23D] - (.Intel Corporation - Intel(R) Integrated Clock Controller Servic.) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752] [PID.2968]
[MD5.E32686B4E27D11F83E3F2844E104C66C] - (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920] [PID.1016]
[MD5.EE65488B7294FBCB113EAC9FD492345C] - (.Intel Corporation - Intel(R) ME Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544] [PID.3696]
[MD5.BF5D3A2624177C413680DEF19A465AF8] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.1488]
[MD5.3EA307C51069BC72DD74A4964F2A30A9] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [366552] [PID.3988]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Arranque,Pesquisa,Extensões (G0,G1,G2)
C:\Users\Usuarios\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Loja v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Pasta de extensão do Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 01s



---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [gastecnologia.com.br/sf/abn] - (.GAS Tecnologia - Internet Banking Helper.) -- C:\Users\Usuarios\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll
~ Firefox Browser: 3 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [itype] . (.Microsoft Corporation - IType.exe.) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe
O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
O4 - HKCU\..\Run: [ares] . (.Seekar Ltd - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] . (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [ToolboxFX] . (.Hewlett-Packard Company - HPTLBXFX.) -- C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [fst_br_71] Chave orfã
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4267606759-60028879-2698333463-1000\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
O4 - HKUS\S-1-5-21-4267606759-60028879-2698333463-1000\..\Run: [ares] . (.Seekar Ltd - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKUS\S-1-5-21-4267606759-60028879-2698333463-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-4267606759-60028879-2698333463-1000\..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] . (.Huawei Technologies Co., Ltd. - Online Update Clinet.) -- C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe
~ Application: Scanned in 00mn 00s



---\\ Site na zona confiavél do Internet Explorer (05)
O15 - Trusted Zone: [HKCU\...\EscDomains] http.connectify.me
O15 - Trusted Zone: [HKCU\...\EscDomains] http.fastspring.com
O15 - Trusted Zone: [HKLM\...\EscDomains] http.connectify.me
O15 - Trusted Zone: [HKLM\...\EscDomains] http.fastspring.com
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{05AA246F-0801-49D5-B500-0EB796488AA3}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D66B2BF-909A-4D31-A23D-BF4239A5B5D0}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CD6B50E-2D4F-4CAC-A240-27BC0467188D}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{2857F260-A30C-43F7-B516-AE3123285738}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{57541131-A8BA-45F2-9D74-310C0319BA3A}: DhcpNameServer = 200.222.0.34 200.202.193.75
O17 - HKLM\System\CCS\Services\Tcpip\..\{83DC84B4-2C84-40AA-83E6-04A59BAD3A7A}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{05AA246F-0801-49D5-B500-0EB796488AA3}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D66B2BF-909A-4D31-A23D-BF4239A5B5D0}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{3CD6B50E-2D4F-4CAC-A240-27BC0467188D}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{2857F260-A30C-43F7-B516-AE3123285738}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{57541131-A8BA-45F2-9D74-310C0319BA3A}: DhcpNameServer = 200.222.0.34 200.202.193.75
O17 - HKLM\System\CS1\Services\Tcpip\..\{83DC84B4-2C84-40AA-83E6-04A59BAD3A7A}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{05AA246F-0801-49D5-B500-0EB796488AA3}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{0D66B2BF-909A-4D31-A23D-BF4239A5B5D0}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{3CD6B50E-2D4F-4CAC-A240-27BC0467188D}: NameServer = 200.169.117.221 200.169.117.222
O17 - HKLM\System\CS2\Services\Tcpip\..\{2857F260-A30C-43F7-B516-AE3123285738}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{57541131-A8BA-45F2-9D74-310C0319BA3A}: DhcpNameServer = 200.222.0.34 200.202.193.75
O17 - HKLM\System\CS2\Services\Tcpip\..\{83DC84B4-2C84-40AA-83E6-04A59BAD3A7A}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: Claro. OUC (Claro. RunOuc) . (...) - C:\Program Files (x86)\Claro\UpdateDog\ouc.exe (.not file.)
O23 - Service: HWDeviceService64.exe (HWDeviceService64.exe) . (.No owner - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService64.exe
~ Services: 12 Legitimates Filtered in 00mn 03s



---\\ Tarefas planificadas automaticamente (039)
[MD5.00000000000000000000000000000000] [APT] [Registry Optimizer] (...) -- C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{1AC73584-CB51-42C1-8B40-EFEFCE5CF671}] (...) -- C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\UninstCaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{74DCBEE4-C450-4659-BD55-EEFCD05B2A4A}] (...) -- C:\Program Files (x86)\PP™£Ò™\ihelper.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EFD69AFB-7046-4284-805B-CB312AD16E18}] (...) -- c:\users\Usuarios\appdata\local\lollipop\lollipop.bat (.not file.) [0] =>Adware.Lollipop
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1068]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1072]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\HP Photo Creations Communicator [344]
~ Scheduled Task: 15 Legitimates Filtered in 00mn 04s



---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (360AvFlt) . (.360.cn - 360杀毒 文件监控驱动.) - C:\Windows\System32\DRIVERS\360AvFlt.sys
O41 - Driver: (360FltOEM) . (.360.cn - 360HipsOEM.) - C:\Windows\System32\DRIVERS\360FltOEM.sys
O41 - Driver: (Bnbase) . (.Baidu, Inc. - Baidu Antivirus NetBase Driver.) - C:\Windows\System32\drivers\bnbasex64.sys
~ Drivers: 72 Legitimates Filtered in 00mn 00s



---\\ Software instalados (042)
O42 - Logiciel: Ares 2.2.6 - (.Seekar Ltd.) [HKLM][64Bits] -- Ares
O42 - Logiciel: Discount Dragon - (.App Squad.) [HKLM][64Bits] -- 38900_Discount Dragon =>PUP.DiscountDragon
O42 - Logiciel: Módulo de Proteção Banco Santander (Brasil) S.A. - (...) [HKLM][64Bits] -- {83033d93-48d0-48fc-9c5b-82e57e7e0dd6}_is1
O42 - Logiciel: PokerStars - (.PokerStars.) [HKLM][64Bits] -- PokerStars
O42 - Logiciel: Price Meter (remove only) - (.Price Meter.) [HKCU][64Bits] -- Price Meter =>PUP.PriceMeter
O42 - Logiciel: Recibo Grátis versão 2.2 - (.P5 Sistemas.) [HKLM][64Bits] -- {B231FA7F-4CB5-4C83-88CC-8C4D670EEF4C}_is1
O42 - Logiciel: Update for PriceMeter - (.Update for PriceMeter.) [HKCU][64Bits] -- PriceMeterUpdater =>PUP.PriceMeter
O42 - Logiciel: partypoker - (.PartyGaming.) [HKLM][64Bits] -- PartyPoker
~ Logic: 30 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ares]
[HKCU\Software\Baidu Security]
[HKCU\Software\ForumerIT] =>Toolbar.Forumer
[HKCU\Software\GbAs]
[HKCU\Software\PartyGaming]
[HKCU\Software\PriceMeter] =>PUP.PriceMeter
[HKCU\Software\Teiron]
[HKCU\Software\gooternet]
[HKLM\Software\Baidu Security]
[HKLM\Software\Wow6432Node\360Safe]
[HKLM\Software\Wow6432Node\AdvertisingSupport] =>PUP.AdvertisingSupport
[HKLM\Software\Wow6432Node\Discount Dragon] =>PUP.DiscountDragon
~ Key Software: 257 Legitimates Filtered in 00mn 00s



---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 16/12/2013 - 21:03:35 - [] ----D C:\Program Files (x86)\Ares
O43 - CFD: 08/05/2014 - 19:42:17 - [] ----D C:\Program Files (x86)\gooternet
O43 - CFD: 30/03/2014 - 18:46:43 - [] ----D C:\Program Files (x86)\OI
O43 - CFD: 29/05/2014 - 20:39:31 - [] ----D C:\Program Files (x86)\PokerStars
O43 - CFD: 10/12/2013 - 10:47:45 - [] ----D C:\Program Files (x86)\PPÖúÊÖ
O43 - CFD: 29/03/2014 - 21:05:06 - [] ----D C:\Program Files (x86)\VIVO INTERNET
O43 - CFD: 30/03/2014 - 18:46:43 - [] ----D C:\ProgramData\OI
O43 - CFD: 28/10/2013 - 12:38:53 - [] ----D C:\Users\Usuarios\AppData\Roaming\360Safe
O43 - CFD: 19/01/2014 - 08:55:57 - [] ----D C:\Users\Usuarios\AppData\Roaming\cef-cache
O43 - CFD: 19/01/2014 - 08:55:44 - [] ----D C:\Users\Usuarios\AppData\Roaming\Party
O43 - CFD: 13/04/2014 - 02:49:59 - [] ----D C:\Users\Usuarios\AppData\Roaming\VIVO INTERNET
O43 - CFD: 16/12/2013 - 21:03:37 - [] ----D C:\Users\Usuarios\AppData\Local\Ares
O43 - CFD: 04/06/2014 - 00:20:33 - [] ----D C:\Users\Usuarios\AppData\Local\PokerStars
~ Program Folder: 166 Legitimates Filtered in 00mn 00s



---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.1E4A1B03D1B6CD8A174A826F76E009F4] - 03/06/2014 - 23:28:39 ---A- . (...) -- C:\InjectIntoProcess crash [16]
O44 - LFC:[MD5.1D3E1E57E635643597F0FFC3142C69AE] - 04/06/2014 - 11:31:39 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [147838]
O44 - LFC:[MD5.4228148285899D00C31402DEC62CCA33] - 04/06/2014 - 11:31:39 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [707592]
O44 - LFC:[MD5.B8B702562BE750DE53093AC8282D5F97] - 04/06/2014 - 15:42:33 ---A- . (...) -- C:\zoek-results2014-06-04-184233.log [972382]
O44 - LFC:[MD5.3FF5C5479E5488F04E5E774A9D38CCA5] - 04/06/2014 - 15:49:42 ---A- . (...) -- C:\zoek-results2014-06-04-184942.log [38738]
O44 - LFC:[MD5.24B9F801E1DD1263C22FFB976AED1835] - 05/06/2014 - 11:55:23 ---A- . (...) -- C:\zoek-results2014-06-05-145523.log [11995]
O44 - LFC:[MD5.471288802840B7E9074600314C605416] - 05/06/2014 - 13:11:46 ---A- . (...) -- C:\zoek-results2014-06-05-161146.log [3064]
O44 - LFC:[MD5.7A48DFB68DB40AE2061DDE4A9DBBEEB4] - 09/06/2014 - 09:21:08 ---A- . (...) -- C:\zoek-results.log [3113]
~ Files: 15 Legitimates Filtered in 00mn 01s



---\\ Chave do registo Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{132c39e2-5f4e-11e3-95f6-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{1e0dca16-b46a-11e3-a1e4-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{2070b17d-a608-11e3-b3d7-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{2070b23c-a608-11e3-b3d7-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{225a4a9c-a949-11e3-8954-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{2e75b08b-aadf-11e3-ac39-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{372e8ba2-6197-11e3-83b4-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{372e8bc1-6197-11e3-83b4-e81132bedde8}\AutoRun\command. (...) -- H:\AutoRun.exe (.not file.)
O51 - MPSK:{372e8bca-6197-11e3-83b4-e81132bedde8}\AutoRun\command. (...) -- H:\AutoRun.exe (.not file.)
O51 - MPSK:{3c2658d1-7779-11e3-b354-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{3c265a96-7779-11e3-b354-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{3c265aa3-7779-11e3-b354-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{4193c519-7073-11e3-bca8-50b7c3023803}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{4196f032-81c2-11e3-9146-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{5dd99402-7eb4-11e3-9e7f-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{5dd9940c-7eb4-11e3-9e7f-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{68b14fdc-4af5-11e3-94f4-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{68b14fea-4af5-11e3-94f4-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{74800af7-6aff-11e3-9cbe-50b7c3023803}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{798fdd6d-b807-11e3-9d2e-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{8beec811-359f-11e3-bf6a-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{8beec820-359f-11e3-bf6a-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{8beec8d6-359f-11e3-bf6a-e81132bedde8}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{8beec8f9-359f-11e3-bf6a-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{9d430e7a-b6b5-11e3-9ba9-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{9e980c5b-b5cb-11e3-a883-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{9e980c9c-b5cb-11e3-a883-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{9e980ca9-b5cb-11e3-a883-e81132bedde8}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{b5e08800-8749-11e3-9b18-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{c2f6ec21-7bda-11e3-8cf2-806e6f6e6963}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{c2f6ec75-7bda-11e3-8cf2-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{c2f6eca8-7bda-11e3-8cf2-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{c2f6ecfd-7bda-11e3-8cf2-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{df244847-b45a-11e3-8473-50b7c3023803}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{df244858-b45a-11e3-8473-50b7c3023803}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{df244866-b45a-11e3-8473-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{df244876-b45a-11e3-8473-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{df244881-b45a-11e3-8473-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{df244896-b45a-11e3-8473-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{df2448a4-b45a-11e3-8473-e81132bedde8}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
~ MWPE Keys: 1 Legitimates Filtered in 00mn 00s



---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:31/10/2013 - 10:10:00 R--A- . (.360.cn - 360杀毒 文件监控驱动.) -- C:\Windows\System32\Drivers\360AvFlt.sys [71360]
O58 - SDL:24/10/2013 - 11:26:20 R--A- . (.360.cn - 360HipsOEM.) -- C:\Windows\System32\Drivers\360FltOEM.sys [289952]
O58 - SDL:16/08/2013 - 12:34:03 ---A- . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum [175]
O58 - SDL:16/08/2013 - 12:34:03 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum [175]
O58 - SDL:16/08/2013 - 12:34:03 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys.sum [175] =>.ALWIL Software
O58 - SDL:16/05/2014 - 05:10:13 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [56640]
O58 - SDL:16/05/2014 - 05:10:14 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [37696]
O58 - SDL:16/05/2014 - 05:10:40 ---A- . (.Baidu, Inc. - Baidu Antivirus NetBase Driver.) -- C:\Windows\System32\Drivers\Bnbasex.sys [91616]
O58 - SDL:16/05/2014 - 05:10:40 ---A- . (.Baidu, Inc. - Baidu Antivirus NetBase Driver.) -- C:\Windows\System32\Drivers\bnbasex64.sys [91616]
O58 - SDL:16/05/2014 - 05:10:42 ---A- . (.Baidu, Inc. - Baidu Antivirus NetDefense Driver.) -- C:\Windows\System32\Drivers\Bndef.sys [70912]
O58 - SDL:16/05/2014 - 05:10:42 ---A- . (.Baidu, Inc. - Baidu Antivirus NetDefense Driver.) -- C:\Windows\System32\Drivers\bndef64.sys [70912]
O58 - SDL:16/05/2014 - 05:10:47 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [142592]
O58 - SDL:10/12/2013 - 09:20:32 ---A- . (.Connectify - NDISRD helper driver.) -- C:\Windows\System32\Drivers\cnnctfy3.sys [35352]
O58 - SDL:13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:07/06/2012 - 15:01:16 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [293712]
O58 - SDL:08/10/2010 - 05:59:40 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [32768]
O58 - SDL:10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:05/08/2010 - 20:43:20 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys [1001472]
O58 - SDL:13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
~ Drivers: 80 Legitimates Filtered in 00mn 04s



---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 31/10/2013 - C:\Windows\System32\DRIVERS\360AvFlt.sys (360AvFlt) .(.360.cn - 360杀毒 文件监控驱动.) - LEGACY_360AVFLT
O64 - Services: CurCS - 24/10/2013 - C:\Windows\System32\DRIVERS\360FltOEM.sys (360FltOEM) .(.360.cn - 360HipsOEM.) - LEGACY_360FLTOEM
O64 - Services: CurCS - 16/05/2014 - C:\Windows\System32\drivers\bnbasex64.sys (Bnbase) .(.Baidu, Inc. - Baidu Antivirus NetBase Driver.) - LEGACY_BNBASE
~ Legacy: 83 Legitimates Filtered in 00mn 00s



---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] Web - (Web) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {92001F8A-C36B-473A-91E7-5BE0C81CF2B3} - (PSafe ClikSeguro) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s



---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.5AA514950B9E2FB3973BEB10F492B64C] [SPRF][14/04/2014] (...) -- C:\Users\Usuarios\AppData\Roaming\unins000.dat [62194]
[MD5.9EC73884D7D7BFEC9EED7EAF3122A0BE] [SPRF][04/06/2014] (...) -- D:\Documentos - Usuário\Desktop\AdwCleaner.exe [1327971]
[MD5.69E084E01AB3CB043D0FD361056B277B] [SPRF][04/02/2014] (...) -- D:\Documentos - Usuário\Desktop\evasi0n7.exe [19083278]
[MD5.16C317F08A0E24F8A059192F3AB7BC7B] [SPRF][11/04/2014] (...) -- D:\Documentos - Usuário\Desktop\SUP_S922_V1.09.11830_20140411.bin [3169264]
[MD5.352E8561E633B17ED22012366721FFDC] [SPRF][04/06/2014] (...) -- D:\Documentos - Usuário\Desktop\zoek.exe [1285120]
~ Files: 7 Legitimates Filtered in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseSmartSetup_RASAPI32 =>PUP.BrowseSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseSmartSetup_RASMANCS =>PUP.BrowseSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseSmart_Setup_RASAPI32 =>PUP.BrowseSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseSmart_Setup_RASMANCS =>PUP.BrowseSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Lollipop_antivirus_1302-27bc6a41_RASAPI32 =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Lollipop_antivirus_1302-27bc6a41_RASMANCS =>Adware.Lollipop
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_0702-81cfb2ef_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_0702-81cfb2ef_RASMANCS =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_RASMANCS =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_Setup_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\melondrea_Setup_RASMANCS =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Mobogenie_Setup_2_RASAPI32 =>PUP.Mobogenie
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Mobogenie_Setup_2_RASMANCS =>PUP.Mobogenie
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\package_awesomehp_installer_multilang_RASAPI32 =>PUP.Awesomehp
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\package_awesomehp_installer_multilang_RASMANCS =>PUP.Awesomehp
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatemelondrea_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatemelondrea_RASMANCS =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilmelondrea_RASAPI32 =>PUP.Melondrea
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilmelondrea_RASMANCS =>PUP.Melondrea
~ BTK: 320 Legitimates Filtered in 00mn 00s



---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{BE496A80-8F51-461F-B3D7-88A258A60541}] (Discount Dragon) =>PUP.DiscountDragon
~ BCK: 4424 Legitimates Filtered in 00mn 03s



---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 10/07/1658 0 | (Claro. RunOuc) . (...) - C:\Program Files (x86)\Claro\UpdateDog\ouc.exe
SS - | Demand 22/03/2013 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 09/10/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/10/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 12/04/2010 142336 | (HP LaserJet Service) . (.HP.) - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
SS - | Demand 13/02/2013 820184 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Demand 13/04/2007 792112 | (NBService) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 13/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Disabled 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 14/03/2011 346976 | (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SR - | Auto 13/02/2013 731648 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 12/03/2013 131544 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Demand 01/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 12/03/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 12/03/2013 366552 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Demand 16/05/2007 271920 | (NMIndexingService) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
SR - | Auto 30/11/2010 336824 | (PSI_SVC_2_x64) . (.arvato digital services llc.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 27/08/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 05s



---\\ Scâner Aditional (088)
Database Version : 13026 - (09/06/2014)
Clés trouvées (Keys found) : 8
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 5

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\38900_Discount Dragon] =>PUP.DiscountDragon^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Price Meter] =>PUP.PriceMeter^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PriceMeterUpdater] =>PUP.PriceMeter^
[HKCU\Software\PartyGaming] =>Casino.OnlineGames
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Wow6432Node\360Safe] =>Trojan.Lozavita
[HKCU\Software\ForumerIT] =>Toolbar.Forumer^
[HKCU\Software\PriceMeter] =>PUP.PriceMeter^
[HKLM\Software\Wow6432Node\AdvertisingSupport] =>PUP.AdvertisingSupport^
[HKLM\Software\Wow6432Node\Discount Dragon] =>PUP.DiscountDragon^
[HKCR\CLSID\{BE496A80-8F51-461F-B3D7-88A258A60541}] (Discount Dragon) =>PUP.DiscountDragon^
~ Additionnel Scan: 303222 Items scanned in 00mn 22s



---\\ Informações complémentaires do módulos
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Google Chrome, Extensions (G2)
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>.Internet Explorer, Proxy Management (R5)
~ AMI: 2 Legitimates Filtered in 00mn 00s



---\\ Sumário das deteções encontradas na sua estação
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.Lollipop
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.PriceMeter
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Forumer
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.BrowseSmart
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Melondrea
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Mobogenie
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Awesomehp
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.Tarma
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Trojan.Lozavita
~ MSI: 9 link(s) detected in 00mn 00s



~ 720 Legitimates filtered by white list
End of the scan (564 lines in 01mn 21s)(0)
Fuçador
Fuçador
Membro
Membro

Mensagens : 131
Reputação : 1
Data de inscrição : 30/09/2013

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Power Max Seg 09 Jun 2014, 19:34

Notebook Lento!! 772309  Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
__________________________________________________________________________________________________________________

Notebook Lento!! 772309  Faça o download do Usbfix [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (ao acessar a página clique no botão representado nesta imagem (na parte inferior direita da página) para baixá-lo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Utilize o USBFix conforme é mostrado nesta postagem:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
____________________________________________________________________________________________________________________

Notebook Lento!! 772309  Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Instale-o e utilize-o seguindo as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_________________________________________________________________________________________________________________________

Notebook Lento!! 772309  Selecione e copie todo o texto destacado em vermelho que te passei.
_____________________________________________________________________________________________________________

Notebook Lento!! 772309  Vá no menu: Iniciar > Todos os programas > ZHP > Clique com o botão direito do mouse sobre o Zhpfix e escolha a opção de Executar como administrador > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas.

Copie este relatório e poste em sua próxima resposta juntamente com o relatório do McShield Anti-Malware Tool que terá o nome MCShield-AllScans.txt, o qual estará na área de trabalho (Desktop) de seu PC e também o log (relatório) do Usbfix que estará em C:\UsbFix.txt


Última edição por Power Max em Sex 20 Jun 2014, 10:54, editado 1 vez(es)

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Fuçador Qui 12 Jun 2014, 12:26

deu esse erro
Fuçador
Fuçador
Membro
Membro

Mensagens : 131
Reputação : 1
Data de inscrição : 30/09/2013

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Fuçador Qui 12 Jun 2014, 12:36

esse log do usbfix é de pesquisa
############################## | UsbFix V 7.171 | [Pesquisa]

Usuário: Usuarios (Administrador) # USUARIOS-PC
Atualizado em 09/06/2014 por El Desaparecido - SosVirus
Começou em 12:31:19 | 12/06/2014

Site : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Changelog : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Asistencia : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Upload Malware : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Contato : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

PC: SAMSUNG ELECTRONICS CO., LTD. (NP500P4C-AD2BR)
CPU: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
RAM -> [Total : 5846 Mo| Free : 4010 Mo]
Bios: Phoenix Technologies Ltd.
Boot: Normal boot

OS: Microsoft Windows 7 Professional (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 8.0.7601.17514
WB: Google Chrome : 35.0.1916.114

SC: Security Center [Enabled]
WU: Windows Update [(!) Disabled]
AS: Windows Defender [Enabled | (!) Outdated]
FW: Windows FireWall [Enabled]

C:\ (%SystemDrive%) -> Disco fixo # 98 Gb (47 Mb livre - 48%) [] # NTFS
D:\ -> Disco fixo # 368 Gb (304 Mb livre - 83%) [] # NTFS
E:\ -> CD-ROM
F:\ -> Disco removível # 4 Gb (3 Mb livre - 69%) [] # FAT32
G:\ -> Disco removível # 15 Gb (6 Mb livre - 39%) [KINGSTON] # FAT32
H:\ -> Disco removível # 4 Gb (4 Mb livre - 100%) [DADOS] # FAT

################## | Processos Ativos |

C:\Windows\System32\smss.exe (ID: 352|ParentID: 4|SISTEMA)
C:\Windows\System32\csrss.exe (ID: 516|ParentID: 480|SISTEMA)
C:\Windows\System32\csrss.exe (ID: 628|ParentID: 616|SISTEMA)
C:\Windows\System32\wininit.exe (ID: 636|ParentID: 480|SISTEMA)
C:\Windows\System32\winlogon.exe (ID: 672|ParentID: 616|SISTEMA)
C:\Windows\System32\services.exe (ID: 732|ParentID: 636|SISTEMA)
C:\Windows\System32\lsass.exe (ID: 740|ParentID: 636|SISTEMA)
C:\Windows\System32\lsm.exe (ID: 748|ParentID: 636|SISTEMA)
C:\Windows\System32\svchost.exe (ID: 848|ParentID: 732|SISTEMA)
C:\Windows\System32\svchost.exe (ID: 924|ParentID: 732|SERVIÇO DE REDE)
C:\Windows\System32\svchost.exe (ID: 1016|ParentID: 732|SERVIÇO LOCAL)
C:\Windows\System32\svchost.exe (ID: 372|ParentID: 732|SISTEMA)
C:\Windows\System32\svchost.exe (ID: 388|ParentID: 732|SISTEMA)
C:\Windows\System32\svchost.exe (ID: 512|ParentID: 732|SERVIÇO LOCAL)
C:\Windows\System32\svchost.exe (ID: 1084|ParentID: 732|SERVIÇO DE REDE)
C:\Windows\System32\svchost.exe (ID: 1192|ParentID: 732|SERVIÇO LOCAL)
C:\Windows\System32\dwm.exe (ID: 1980|ParentID: 372|Usuarios)
C:\Windows\System32\svchost.exe (ID: 2136|ParentID: 732|SERVIÇO LOCAL)
C:\Windows\System32\svchost.exe (ID: 3256|ParentID: 732|SISTEMA)
C:\Windows\System32\svchost.exe (ID: 4048|ParentID: 732|SERVIÇO LOCAL)
C:\Windows\System32\svchost.exe (ID: 5060|ParentID: 732|SERVIÇO LOCAL)
C:\Windows\System32\wbem\WmiPrvSE.exe (ID: 688|ParentID: 848|SISTEMA)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 3412|ParentID: 732|SISTEMA)
C:\Windows\System32\rundll32.exe (ID: 3328|ParentID: 848|Usuarios)
C:\Windows\System32\WUDFHost.exe (ID: 4392|ParentID: 372|SERVIÇO LOCAL)
C:\Windows\explorer.exe (ID: 2244|ParentID: 4524|Usuarios)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 2760|ParentID: 732|SERVIÇO DE REDE)
C:\Windows\System32\SearchIndexer.exe (ID: 3432|ParentID: 732|SISTEMA)
C:\Windows\System32\SearchProtocolHost.exe (ID: 932|ParentID: 3432|SISTEMA)
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ID: 1604|ParentID: 732|SISTEMA)
C:\Windows\System32\spoolsv.exe (ID: 1708|ParentID: 732|SISTEMA)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3476|ParentID: 2244|Usuarios)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4196|ParentID: 3476|Usuarios)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3504|ParentID: 3476|Usuarios)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 1736|ParentID: 3476|Usuarios)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4508|ParentID: 3476|Usuarios)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 1836|ParentID: 3476|Usuarios)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 4332|ParentID: 3476|Usuarios)
C:\Windows\System32\taskeng.exe (ID: 4624|ParentID: 388|Usuarios)
C:\Windows\System32\SearchFilterHost.exe (ID: 3460|ParentID: 3432|SISTEMA)
C:\UsbFix\UsbFix.exe (ID: 4368|ParentID: 3000|Usuarios)
C:\Windows\System32\wbem\WmiPrvSE.exe (ID: 5048|ParentID: 848|SERVIÇO DE REDE)

################## | Autorun |


################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-4267606759-60028879-2698333463-1000\..\Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

################## | Procura genérica |


################## | Registro |


################## | E.O.F | [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] | [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] |
Fuçador
Fuçador
Membro
Membro

Mensagens : 131
Reputação : 1
Data de inscrição : 30/09/2013

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Power Max Qui 12 Jun 2014, 12:53

faltou você executar o ZHPFix como lhe passei e postar o log dele.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Fuçador Seg 16 Jun 2014, 09:27

relatorio do ZPHFIX

Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
Fichier d'export Registre :
Run by Usuarios at 16/06/2014 09:26:24
High Elevated Privileges : OK
Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)

Reciclagem vazia (00mn 01s)
Reparação de atalhos do navegador

========== Estado dos serviços ==========
360AVFLT Parado
360FLTOEM Parado
BNBASE Parado

========== Valores do Registo ==========
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bnbasex.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bnbasex64.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bndef.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bndef64.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (23) (3.932.133 octets)
ELIMINÉ Flash Cookies (0) (0 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso


========== Recapitulativo ==========
6 : Valores do Registo
1 : Pastas
9 : Ficheiros
3 : Estado dos serviços
1 : Restauração Sistema


End of clean in 00mn 19s

========== Caminho do ficheiro do relatório ==========
C:\Users\Usuarios\AppData\Roaming\ZHP\ZHPFix[R1].txt - 12/06/2014 13:26:45 [4420]
C:\Users\Usuarios\AppData\Roaming\ZHP\ZHPFix[R2].txt - 16/06/2014 09:26:26 [1664]
Fuçador
Fuçador
Membro
Membro

Mensagens : 131
Reputação : 1
Data de inscrição : 30/09/2013

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Fuçador Seg 16 Jun 2014, 09:30

esta muito melhor,parou de aparecer janelas nos navegadores e um tal de Regytrer optimyzer q tbm travava o funcionamento
ta rodando perfeito isso aí! Notebook Lento!! 404338 
Fuçador
Fuçador
Membro
Membro

Mensagens : 131
Reputação : 1
Data de inscrição : 30/09/2013

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Power Max Seg 16 Jun 2014, 09:30

Notebook Lento!! 772309 Reinicie o PC para o ZHP completar a limpeza dele.

Depois que o PC tiver reiniciado, faça o seguinte:

Notebook Lento!! 772309 Abra novamente o ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Fuçador Seg 16 Jun 2014, 10:22

aparece uma msg quando vou pesquisar q eu preciso atualizar o ZHPDIAG
e so baixar novamente?
Fuçador
Fuçador
Membro
Membro

Mensagens : 131
Reputação : 1
Data de inscrição : 30/09/2013

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Power Max Seg 16 Jun 2014, 10:27

é porque foi lançada uma nova versão dele. Vá no painel de controle do Windows e desinstale o ZHP e/ou ZHPDiag. Depois disto faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )

Obs: Ao acessar o link acima clique no botão Télécharger referente ao ZHPDiag para baixá-lo, tal como mostra a imagem abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Para instalá-lo e executá-lo corretamente siga as dicas deste artigo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Assim que ele concluir a sua verificação, copie todo o conteúdo do seu relatório ZHPDiag.txt e poste em sua próxima resposta.

_________________

Caixa de Dicas
= Sempre com novos tutoriais e novidades em informática, tecnologia e variedades.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = O melhor da internet você encontra aqui.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] = Mensagens de fé e esperança para o seu coração
Power Max
Power Max
Colaborador
Colaborador

Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Fuçador Seg 16 Jun 2014, 11:33

agora da esse erro
Fuçador
Fuçador
Membro
Membro

Mensagens : 131
Reputação : 1
Data de inscrição : 30/09/2013

Ir para o topo Ir para baixo

Notebook Lento!! Empty Re: Notebook Lento!!

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Página 1 de 2 1, 2  Seguinte

Ir para o topo

- Tópicos semelhantes

 
Permissões neste sub-fórum
Não podes responder a tópicos