Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14443 usuários registrados
O último usuário registrado atende pelo nome de Caio Flavio

Os nossos membros postaram um total de 35198 mensagens em 3565 assuntos
Últimos assuntos
» Notebook lento, acho que está com virus
por joram Ontem à(s) 18:38

Quem está conectado
2 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 2 Visitantes

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Novembro 2017
SegTerQuaQuiSexSabDom
  12345
6789101112
13141516171819
20212223242526
27282930   

Calendário Calendário


PC com baidu e outras pragas

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

PC com baidu e outras pragas

Mensagem por luizvilarinho em Sex 10 Out 2014, 12:40

Vai logs do zoek, adwclener, jrt e zhp.
avatar
luizvilarinho
Membro
Membro

Mensagens : 776
Reputação : 2
Data de inscrição : 13/11/2013

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por joram em Sex 10 Out 2014, 13:24

Boa Tarde! luizvilarinho

> Seu Abobe Flash Player está desatualizado! ( Adobe Flash Player 13 Plugin )
> Desinstale: PSafe <<
>
> Execute este script na ferramenta ZHPFix.
> Selecione e copie estas informações que estão em vermelho,para o Bloco de Notas.
> Com o Bloco de Notas aberto,faça: ctrl+a >> ctrl+c ( Selecionar e Copiar )
> À seguir,minimize o Bloco de Notas.

Script ZHPFix
ShortcutFix
FirewallRaz
EmptyPrefetch
EmptyCLSID
EmptyTemp
EmptyFlash
SR - | Auto 21/05/2014 586592 |  (QHActiveDefense) . (...) - C:\Program Files\PSafe\Total\safemon\QHActiveDefense.exe
[MD5.75CA7FF96BF5A316C3AF2DE6A412BD54] [APT] [{21C99420-69FF-465B-80DD-4E5DE7478B4E}] (...) -- C:\Windows\WinAVI Video Converter 9.0\uninstall.exe   [451072]
[MD5.00000000000000000000000000000000] [APT] [{0011F06E-92CC-4971-991D-6349499A1BC6}] (...) -- C:\Users\Lailane\Desktop\ChromeSetup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{04351104-423B-43DF-A81D-2E2BFA67C376}] (...) -- D:\Programas\ChromeSetup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{715B9C2E-894B-4845-9EAC-5517BF69F5B5}] (...) -- C:\Users\Lailane\Desktop\AdobeReader\AdobeReader.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{7EDC7520-8FA2-466B-823F-B9935DB1D358}] (...) -- C:\Users\Lailane\Desktop\zoek.scr -d C:\Users\Lailane\Desktop -c \S (.not file.)   [0]
O4 - HKLM\..\Run: [QHSafeTray] . (.No owner - PSafe Total.) -- C:\Program Files\PSafe\Total\safemon\QHSafeTray.exe
O4 - HKLM\..\Run: [Baidu Antivirus] . (.Baidu, Inc. - Baidu Antivirus Tray Application.) -- C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe
O23 - Service: PSafe Total (QHActiveDefense) . (.No owner - PSafe Total.) - C:\Program Files\PSafe\Total\safemon\QHActiveDefense.exe
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000Core   [914]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000UA   [936]
O44 - LFC:[MD5.E61D4DFE7201C1FC659ECB7E1BBD5964] - 10/10/2014 - 11:40:31 ---A- . (...) -- C:\zoek-results.log   [39810]
O51 - MPSK:{b791a030-44ad-11e3-8185-1078d26b1426}\AutoRun\command. (...) -- G:\LGAutoRun.exe (.not file.)
O64 - Services: CurCS - 30/03/2014 - C:\Windows\System32\drivers\360SelfProtection.sys (360SelfProtection)  .(.360安全中心 - 360安全卫士 - SelfProtection.) - LEGACY_360SELFPROTECTION
O64 - Services: CurCS - 17/03/2014 - C:\Windows\System32\Drivers\Efimon.sys (EfiMon)  .(.360安全中心 - 360Efimon Driver.) - LEGACY_EFIMON
O64 - Services: CurCS - 17/03/2014 - C:\Windows\System32\Drivers\Hookport.sys (HookPort)  .(.360安全中心 - 360安全卫士 - HookPort.) - LEGACY_HOOKPORT
O64 - Services: CurCS - 17/03/2014 - C:\Windows\System32\DRIVERS\qutmdrv.sys (qutmdserv)  .(.360.cn - 360安全卫士 木马防火墙模块.) - LEGACY_QUTMDSERV
[HKCU\Software\WinkHandler]
HKLM\SOFTWARE\Microsoft\Tracing\biSetup63809_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\biSetup63809_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup-NewVer_22april_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup-NewVer_22april_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RBCB_p4v1_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RBCB_p4v1_RASMANCS
[HKLM\Software\360Safe]
ServiceStop:QHActiveDefense
SericeStop:360SelfProtection
ServiceStop:EfiMon
ServiceStop:HookPort
ServiceStop:qutmdserv
sysrestore


> Abra a ferramenta ZHPFix. < [Você precisa estar registrado e conectado para ver esta imagem.] >
> Clique IMPORTAÇÃO >> OK.
> Ps: Ao clicar "OK",verifique se o campo está limpo para que receba,somente,as informações do script.
> Clique "GO".
> Poste o relatório!

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por luizvilarinho em Sex 10 Out 2014, 13:40

Rapport de ZHPFix 2014.8.3.6 par Nicolas Coolman, Update du 03/08/2014
Fichier d'export Registre :
Run by Lailane at 10/10/2014 13:39:53
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 32-bit (Build 7600)

Reciclagem vazia (00mn 02s)
Prefetcher vazio
Reparação de atalhos do navegador

========== Estado dos serviços ==========
360SELFPROTECTION Parado
EFIMON Parado
HOOKPORT Parado
QUTMDSERV Parado
QHActiveDefense Parado
EfiMon Parado
HookPort Parado
qutmdserv Parado

========== Chaves do Registo ==========
ELIMINÉ CLSID MPSK: {b791a030-44ad-11e3-8185-1078d26b1426}
ELIMINÉ: HKCU\Software\WinkHandler
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\biSetup63809_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\biSetup63809_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup-NewVer_22april_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup-NewVer_22april_RASMANCS
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RBCB_p4v1_RASAPI32
ELIMINÉ: HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RBCB_p4v1_RASMANCS

========== Valores do Registo ==========
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (Public) : TCP Query User{B2CBBD7A-2AA2-4CAF-A31E-6282197C5195}C:\program files\mouseserver\mouseserver.exe
ELIMINÉ: FirewallRaz (Public) : UDP Query User{BC7333E1-777A-4B59-BCDD-1B09E8148B28}C:\program files\mouseserver\mouseserver.exe
ELIMINÉ: FirewallRaz (None) : {1403D5AA-2C46-4AA7-9320-0B70C148EA8E}
ELIMINÉ: FirewallRaz (None) : {D10652A7-568D-440C-B003-0611E416C9A2}
ELIMINÉ RunValue: Baidu Antivirus

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
ELIMINÉ Temporários windows (28)
ELIMINÉ Flash Cookies (0)

========== Ficheiros ==========
ELIMINÉ Temporários windows (140) (4.623.368 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
ELIMINA REINICIAR: c:\program files\baidu security\baidu antivirus\bavtray.exe
ELIMINÉ: c:\windows\system32\tasks\facebookupdatetaskusers-1-5-21-3690846425-4128786697-235807194-1000core
ELIMINÉ: c:\windows\system32\tasks\facebookupdatetaskusers-1-5-21-3690846425-4128786697-235807194-1000ua
ELIMINÉ: c:\zoek-results.log

========== Tarefa planificada ==========
ELIMINÉ: {21C99420-69FF-465B-80DD-4E5DE7478B4E}
ELIMINÉ: {0011F06E-92CC-4971-991D-6349499A1BC6}
ELIMINÉ: {04351104-423B-43DF-A81D-2E2BFA67C376}
ELIMINÉ: {715B9C2E-894B-4845-9EAC-5517BF69F5B5}
ELIMINÉ: {7EDC7520-8FA2-466B-823F-B9935DB1D358}

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Outros ==========
NÃO-TRATADO SericeStop:360SelfProtection


========== Recapitulativo ==========
8 : Chaves do Registo
7 : Valores do Registo
3 : Pastas
6 : Ficheiros
8 : Estado dos serviços
5 : Tarefa planificada
1 : Restauração Sistema
1 : Outros


End of clean in 00mn 33s

========== Caminho do ficheiro do relatório ==========
C:\Users\Lailane\AppData\Roaming\ZHP\ZHPFix[R1].txt - 10/10/2014 13:39:56 [2966]
avatar
luizvilarinho
Membro
Membro

Mensagens : 776
Reputação : 2
Data de inscrição : 13/11/2013

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por joram em Sex 10 Out 2014, 14:27

Boa Tarde! luizvilarinho

[Você precisa estar registrado e conectado para ver este link.]

> Abra a ferramenta AdwCleaner e clique em "Desinstalar".
> Confirme a solicitação!
>
> Baixe: < [Você precisa estar registrado e conectado para ver este link.] >

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Farbar )

> Ou aqui...

< [Você precisa estar registrado e conectado para ver este link.]

> Ou aqui,para sistemas 64bit!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".

[Você precisa estar registrado e conectado para ver esta imagem.]

> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na execução da ferramenta.
> Poste o relatório! (FRST.txt + Addition.txt)

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por luizvilarinho em Sex 10 Out 2014, 15:39

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-10-2014 01
Ran by Lailane at 2014-10-10 15:35:50
Running from C:\Users\Lailane\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Baidu Antivirus (Enabled - Up to date) {10616E6C-0E20-8594-D377-A7D03F6128A6}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Baidu Antivirus (Enabled - Up to date) {AB008F88-281A-8A1A-E9C7-9CA244E6621B}
AS: avast! Antivirus (Disabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Arquivo do WinRAR (HKLM\...\WinRAR archiver) (Version: - )
aTube Catcher (HKLM\...\aTube Catcher) (Version: 3.8.5187 - DsNET Corp)
avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software)
Baidu Antivirus (HKLM\...\Baidu Antivirus) (Version: 4.0.3.57478 - Baidu, Inc.)
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.8.3.3026 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{757C4173-6457-48F5-898E-CF6A8E62287F}) (Version: 0.8.3.3026 - BlueStack Systems, Inc.)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{51DD370C-6690-424E-9674-5F14468B323F}) (Version: 15.0.0.487 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 15.0.487 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - BR (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X5 (HKLM\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.0.0.486 - Corel Corporation)
Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Free Sound Recorder v9.6.1 (HKLM\...\Free Sound Recorder_is1) (Version: - Copyright(C) 2005-2013 FreeSoundRecorder Technologies, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Instalação do DivX (HKLM\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3223 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Microsoft .NET Compact Framework 3.5 (HKLM\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile PTB Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended PTB Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 pt-BR) (HKLM\...\Mozilla Firefox 32.0.3 (x86 pt-BR)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
neroxml (Version: 1.0.0 - Nero AG) Hidden
Noise Reduction Plug-In 2.0 (HKLM\...\{847C6940-D852-11E2-81D2-F04DA23A5C58}) (Version: 2.0.596 - Sony)
Opera Stable 18.0.1284.49 (HKLM\...\Opera 18.0.1284.49) (Version: 18.0.1284.49 - Opera Software ASA)
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Extended PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
PhotoScape (HKLM\...\PhotoScape) (Version: - )
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek Card Reader (HKLM\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0174 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Sound Forge Pro 10.0 (HKLM\...\{9660B18F-EC12-11DF-B006-0013D3D69929}) (Version: 10.0.491 - Sony)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Visual Basic for Applications (R) Core - English (Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core - Portuguese (Brazil) (Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core (Version: 6.4.99.69 - Microsoft Corporation) Hidden
WinAVI Video Converter 9.0 (HKLM\...\WinAVI Video Converter 9.09.0) (Version: 9.0 - WinAVI Video Converter 9.0)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
ZHPDiag 2014 (HKLM\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3690846425-4128786697-235807194-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3690846425-4128786697-235807194-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Lailane\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3690846425-4128786697-235807194-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Lailane\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3690846425-4128786697-235807194-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3690846425-4128786697-235807194-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3690846425-4128786697-235807194-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3690846425-4128786697-235807194-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3690846425-4128786697-235807194-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3690846425-4128786697-235807194-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3690846425-4128786697-235807194-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3690846425-4128786697-235807194-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3690846425-4128786697-235807194-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3690846425-4128786697-235807194-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3690846425-4128786697-235807194-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3690846425-4128786697-235807194-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3690846425-4128786697-235807194-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Lailane\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3690846425-4128786697-235807194-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Lailane\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

==================== Restore Points =========================

01-10-2014 21:03:48 Backup do Windows
10-10-2014 13:05:10 Backup do Windows
10-10-2014 13:12:20 zoek.exe restore point
10-10-2014 15:34:58 Instalado Realtek Ethernet Controller Driver For Windows Vista aèw
10-10-2014 15:39:46 avast! antivirus system restore point
10-10-2014 16:08:01 Instalado REALTEK PCIE Wireless LAN Driver
10-10-2014 16:20:32 Removed Nero 7 Ultra Edition. Available with Windows Installer version 1.2 and later.
10-10-2014 16:39:37 ZHPFix Restore System Point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:04 - 2014-10-10 10:13 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {043ADA78-EDF7-458E-93C3-1414A271039B} - System32\Tasks\RNUpgradeHelperLogonPrompt_Lailane => C:\Users\Lailane\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: {071BE571-4E1C-4C9D-A4A0-E3276A174C69} - System32\Tasks\ReclaimerUpdateXML_Lailane => C:\Users\Lailane\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: {10AB9E2B-D995-4355-B31F-0538BA2569C1} - \FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000Core No Task File <==== ATTENTION
Task: {18543E84-0C9F-4C84-9F6F-1BE07AF98E30} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-16] (Google Inc.)
Task: {2B07D0F5-FAF0-42B1-AD7F-9FBF6708B296} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-22] (Adobe Systems Incorporated)
Task: {2B42A081-52C0-470C-AE76-C30D22338896} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3690846425-4128786697-235807194-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {3BEA3B38-AB56-4297-BDC9-463A30271930} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3690846425-4128786697-235807194-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {468328CA-67EE-47DB-B34A-6F9589930BCA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-10] (AVAST Software)
Task: {4FE54DF6-7868-4FC3-87CF-3EB22031E585} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5CAFC3E0-ADB0-4980-A4B9-999B195616C6} - \FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000UA No Task File <==== ATTENTION
Task: {79952180-0F08-48D9-9F0F-3B3EA27E69C1} - \Baidu Antivirus Update No Task File <==== ATTENTION
Task: {8E6CC002-2CA3-4DDE-AA05-F3B1DB119E39} - System32\Tasks\ReclaimerUpdateFiles_Lailane => C:\Users\Lailane\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: {CF17D82A-55F0-47CC-A93C-ACCF3FC1F268} - System32\Tasks\RNUpgradeHelperResumePrompt_Lailane => C:\Users\Lailane\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: {EE82D958-3D4F-4427-9B20-A103E7A7180A} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {F6D9B11A-3CEB-41EC-8A6C-1A45F523A572} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-16] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000Core.job => C:\Users\Lailane\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000UA.job => C:\Users\Lailane\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Lailane.job => C:\Users\Lailane\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_Lailane.job => C:\Users\Lailane\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Lailane.job => C:\Users\Lailane\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe

==================== Loaded Modules (whitelisted) =============

2014-10-10 12:45 - 2014-10-10 12:45 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2013-11-16 13:34 - 2013-11-16 07:51 - 02141184 _____ () C:\Program Files\AVAST Software\Avast\defs\13111600\algo.dll
2014-01-21 11:17 - 2014-01-21 11:17 - 00541032 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\sqlite.dll
2013-06-27 06:56 - 2013-06-27 06:56 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2014-10-10 12:45 - 2014-10-10 12:45 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-30 20:02 - 2014-09-24 02:09 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-04-22 10:25 - 2014-04-22 10:25 - 16351920 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrador (S-1-5-21-3690846425-4128786697-235807194-500 - Administrator - Disabled)
Convidado (S-1-5-21-3690846425-4128786697-235807194-501 - Limited - Disabled)
Lailane (S-1-5-21-3690846425-4128786697-235807194-1000 - Administrator - Enabled) => C:\Users\Lailane

==================== Faulty Device Manager Devices =============

Name: Controlador de barramento SM
Description: Controlador de barramento SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Controlador de aquisição de dados e processamento de sinal PCI
Description: Controlador de aquisição de dados e processamento de sinal PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/10/2014 03:29:12 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Serviço não pode ser iniciado. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
em BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
em System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (10/10/2014 01:57:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa firefox.exe versão 32.0.3.5379 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID de Processo: 16a0

Hora de Início: 01cfe4a8d503cb61

Hora de Término: 31

Caminho do Aplicativo: C:\Program Files\Mozilla Firefox\firefox.exe

Id do Relatório: 71358fa7-509e-11e4-b021-1078d26b1426

Error: (10/10/2014 01:39:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..


Details:
AddWin32ServiceFiles: Unable to back up image of service PSafe Total since QueryServiceConfig API failed

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (10/10/2014 01:39:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..


Details:
AddLegacyDriverFiles: Unable to back up image of binary Quantum DeepScanner Servers.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (10/10/2014 01:39:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..


Details:
AddLegacyDriverFiles: Unable to back up image of binary HookPort.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (10/10/2014 01:39:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..


Details:
AddLegacyDriverFiles: Unable to back up image of binary EfiSystemMon.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (10/10/2014 01:39:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..


Details:
AddLegacyDriverFiles: Unable to back up image of binary BAPIDRV.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (10/10/2014 01:39:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..


Details:
AddLegacyDriverFiles: Unable to back up image of binary 360SelfProtection.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (10/10/2014 01:39:37 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.


Operação:
Obtendo Dados do Gravador

Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {d123c42a-b32d-4e94-96cc-6b86f5453c7b}

Error: (10/10/2014 01:31:45 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Serviço não pode ser iniciado. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
em BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
em System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (10/10/2014 03:31:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Intel(R) Dynamic Application Loader Host Interface Service devido ao seguinte erro:
%%2

Error: (10/10/2014 03:29:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço BlueStacks Android Service terminou com o erro:
%%1064

Error: (10/10/2014 01:37:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço PSafe Total foi encerrado inesperadamente. Isso aconteceu 1 vez(es).

Error: (10/10/2014 01:33:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Intel(R) Dynamic Application Loader Host Interface Service devido ao seguinte erro:
%%2

Error: (10/10/2014 01:31:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço BlueStacks Android Service terminou com o erro:
%%1064

Error: (10/10/2014 01:31:39 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento anterior do sistema em 13:30:01 às ‎10/‎10/‎2014 não era esperado.

Error: (10/10/2014 01:28:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Intel(R) Dynamic Application Loader Host Interface Service devido ao seguinte erro:
%%2

Error: (10/10/2014 01:26:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço BlueStacks Android Service terminou com o erro:
%%1064

Error: (10/10/2014 01:15:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Intel(R) Dynamic Application Loader Host Interface Service devido ao seguinte erro:
%%2

Error: (10/10/2014 01:13:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço BlueStacks Android Service terminou com o erro:
%%1064


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 42%
Total physical RAM: 3176.5 MB
Available physical RAM: 1842.11 MB
Total Pagefile: 6351.29 MB
Available Pagefile: 4936.1 MB
Total Virtual: 2047.88 MB
Available Virtual: 1894.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.56 GB) (Free:12.23 GB) NTFS
Drive d: (Disco Local) (Fixed) (Total:195.31 GB) (Free:54.23 GB) NTFS
Drive e: () (Fixed) (Total:195.79 GB) (Free:194.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Cool (Size: 465.8 GB) (Disk ID: 23ADC27F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=74.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=195.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
avatar
luizvilarinho
Membro
Membro

Mensagens : 776
Reputação : 2
Data de inscrição : 13/11/2013

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por joram em Sex 10 Out 2014, 16:11

Boa Tarde! luizvilarinho

> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-a com o nome fixlist.txt.
> Salve-a no desktop! ( Área de trabalho ... )

start
AV: Baidu Antivirus (Enabled - Up to date) {10616E6C-0E20-8594-D377-A7D03F6128A6}
AS: Baidu Antivirus (Enabled - Up to date) {AB008F88-281A-8A1A-E9C7-9CA244E6621B}
(Baidu, Inc.) C:\Program Files\Baidu Security\Baidu Antivirus\BAVSvc.exe
(Baidu, Inc.) C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe
HKLM\...\Run: [Baidu Antivirus] => "C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe" -auto
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files\Baidu Security\Baidu Antivirus\BavShx.dll (Baidu, Inc.)
R2 BAVSvc; C:\Program Files\Baidu Security\Baidu Antivirus\BAVSvc.exe [1923376 2014-01-21] (Baidu, Inc.)
R2 BHipsSvc; C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe [459416 2014-01-21] (Baidu, Inc.)
S2 jhi_service; "C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" [X]
S3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [X]
U3 BdApiUtil; C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.sys [112896 2014-01-03] (Baidu, Inc.)
U3 BdCameraProtect; C:\Program Files\Baidu Security\Baidu Antivirus\BdCameraProtect.sys [19168 2014-01-21] (Baidu, Inc.)
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [43840 2014-01-21] (Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [27456 2014-01-21] (Baidu, Inc.)
R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [71328 2014-01-21] (Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [135488 2014-01-21] (Baidu, Inc.)
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 RTWlanE; system32\DRIVERS\rtwlane.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
2014-10-10 13:39 - 2014-10-10 13:39 - 00003048 _____ () C:\Users\Lailane\Desktop\ZHPFixReport.txt
2014-10-10 13:38 - 2014-10-10 13:38 - 00000000 _____ () C:\Users\Lailane\Desktop\ZHPFIX.txt
2014-10-10 13:13 - 2014-10-10 13:13 - 00000000 ____D () C:\Users\Todos os Usuários\Baidu
2014-10-10 13:13 - 2014-10-10 13:13 - 00000000 ____D () C:\ProgramData\Baidu
2014-10-10 12:10 - 2014-10-10 12:10 - 00031415 _____ () C:\Users\Lailane\Desktop\ZHPDiag.txt
2014-10-10 12:07 - 2014-10-10 13:39 - 00000000 ____D () C:\Users\Lailane\AppData\Roaming\ZHP
2014-10-10 12:07 - 2014-10-10 12:07 - 00001933 _____ () C:\Users\Lailane\Desktop\ZHPFix.lnk
2014-10-10 12:07 - 2014-10-10 12:07 - 00001806 _____ () C:\Users\Lailane\Desktop\ZHPDiag.lnk
2014-10-10 12:07 - 2014-10-10 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-10-10 12:07 - 2014-10-10 12:07 - 00000000 ____D () C:\Program Files\ZHPDiag
2014-10-10 12:06 - 2014-08-23 08:25 - 06859520 _____ (Nicolas Coolman ) C:\Users\Lailane\Desktop\ZHPDiag2.exe
2014-10-10 11:59 - 2014-10-10 11:59 - 00001116 _____ () C:\Users\Lailane\Desktop\JRT.txt
2014-10-10 11:47 - 2014-10-10 11:47 - 00016577 _____ () C:\Users\Lailane\Desktop\AdwCleaner[S0].txt
2014-10-10 11:41 - 2014-10-10 11:41 - 00039810 _____ () C:\Users\Lailane\Desktop\zoek-results.txt
2014-10-10 11:39 - 2014-10-10 15:27 - 00079818 _____ () C:\Windows\PFRO.log
2014-10-10 11:30 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-10-10 10:09 - 2014-10-10 11:39 - 00000000 ____D () C:\zoek_backup
2014-10-10 10:09 - 2014-07-16 10:00 - 01016261 _____ (Thisisu) C:\Users\Lailane\Desktop\JRT.exe
2014-10-10 10:09 - 2014-07-16 04:32 - 04243371 _____ () C:\Users\Lailane\Desktop\zoek.rar
2014-10-10 10:09 - 2014-07-14 15:11 - 01417360 _____ () C:\Users\Lailane\Desktop\zoek.scr
2014-10-10 10:09 - 2014-07-14 15:11 - 01417360 _____ () C:\Users\Lailane\Desktop\zoek.pif
2014-10-10 10:09 - 2014-07-14 15:11 - 01417360 _____ () C:\Users\Lailane\Desktop\zoek.com
2014-10-10 13:28 - 2013-11-02 01:01 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000UA.job
2014-10-10 13:28 - 2013-11-02 01:01 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000Core.job
2014-09-14 15:26 - 2014-04-22 11:54 - 00000000 ____D () C:\Program Files\PSafe
Task: {10AB9E2B-D995-4355-B31F-0538BA2569C1} - \FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000Core No Task File <==== ATTENTION
Task: {5CAFC3E0-ADB0-4980-A4B9-999B195616C6} - \FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000UA No Task File <==== ATTENTION
Task: {79952180-0F08-48D9-9F0F-3B3EA27E69C1} - \Baidu Antivirus Update No Task File <==== ATTENTION
Task: {EE82D958-3D4F-4427-9B20-A103E7A7180A} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
2014-01-21 11:17 - 2014-01-21 11:17 - 00541032 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\sqlite.dll
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""
end


> Execute FRST/FRST64 >> Clique "Fix". << Aguarde!
> Poste o relatório! (Fixlog.txt)

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por luizvilarinho em Sex 10 Out 2014, 16:25

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 08-10-2014 01
Ran by Lailane at 2014-10-10 16:21:04 Run:1
Running from C:\Users\Lailane\Desktop
Loaded Profile: Lailane (Available profiles: Lailane)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
AV: Baidu Antivirus (Enabled - Up to date) {10616E6C-0E20-8594-D377-A7D03F6128A6}
AS: Baidu Antivirus (Enabled - Up to date) {AB008F88-281A-8A1A-E9C7-9CA244E6621B}
(Baidu, Inc.) C:\Program Files\Baidu Security\Baidu Antivirus\BAVSvc.exe
(Baidu, Inc.) C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe
HKLM\...\Run: [Baidu Antivirus] => "C:\Program Files\Baidu Security\Baidu Antivirus\BavTray.exe" -auto
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files\Baidu Security\Baidu Antivirus\BavShx.dll (Baidu, Inc.)
R2 BAVSvc; C:\Program Files\Baidu Security\Baidu Antivirus\BAVSvc.exe [1923376 2014-01-21] (Baidu, Inc.)
R2 BHipsSvc; C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe [459416 2014-01-21] (Baidu, Inc.)
S2 jhi_service; "C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" [X]
S3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [X]
U3 BdApiUtil; C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.sys [112896 2014-01-03] (Baidu, Inc.)
U3 BdCameraProtect; C:\Program Files\Baidu Security\Baidu Antivirus\BdCameraProtect.sys [19168 2014-01-21] (Baidu, Inc.)
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [43840 2014-01-21] (Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [27456 2014-01-21] (Baidu, Inc.)
R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [71328 2014-01-21] (Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [135488 2014-01-21] (Baidu, Inc.)
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 RTWlanE; system32\DRIVERS\rtwlane.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
2014-10-10 13:39 - 2014-10-10 13:39 - 00003048 _____ () C:\Users\Lailane\Desktop\ZHPFixReport.txt
2014-10-10 13:38 - 2014-10-10 13:38 - 00000000 _____ () C:\Users\Lailane\Desktop\ZHPFIX.txt
2014-10-10 13:13 - 2014-10-10 13:13 - 00000000 ____D () C:\Users\Todos os Usuários\Baidu
2014-10-10 13:13 - 2014-10-10 13:13 - 00000000 ____D () C:\ProgramData\Baidu
2014-10-10 12:10 - 2014-10-10 12:10 - 00031415 _____ () C:\Users\Lailane\Desktop\ZHPDiag.txt
2014-10-10 12:07 - 2014-10-10 13:39 - 00000000 ____D () C:\Users\Lailane\AppData\Roaming\ZHP
2014-10-10 12:07 - 2014-10-10 12:07 - 00001933 _____ () C:\Users\Lailane\Desktop\ZHPFix.lnk
2014-10-10 12:07 - 2014-10-10 12:07 - 00001806 _____ () C:\Users\Lailane\Desktop\ZHPDiag.lnk
2014-10-10 12:07 - 2014-10-10 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2014-10-10 12:07 - 2014-10-10 12:07 - 00000000 ____D () C:\Program Files\ZHPDiag
2014-10-10 12:06 - 2014-08-23 08:25 - 06859520 _____ (Nicolas Coolman ) C:\Users\Lailane\Desktop\ZHPDiag2.exe
2014-10-10 11:59 - 2014-10-10 11:59 - 00001116 _____ () C:\Users\Lailane\Desktop\JRT.txt
2014-10-10 11:47 - 2014-10-10 11:47 - 00016577 _____ () C:\Users\Lailane\Desktop\AdwCleaner[S0].txt
2014-10-10 11:41 - 2014-10-10 11:41 - 00039810 _____ () C:\Users\Lailane\Desktop\zoek-results.txt
2014-10-10 11:39 - 2014-10-10 15:27 - 00079818 _____ () C:\Windows\PFRO.log
2014-10-10 11:30 - 2014-02-13 23:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-10-10 10:09 - 2014-10-10 11:39 - 00000000 ____D () C:\zoek_backup
2014-10-10 10:09 - 2014-07-16 10:00 - 01016261 _____ (Thisisu) C:\Users\Lailane\Desktop\JRT.exe
2014-10-10 10:09 - 2014-07-16 04:32 - 04243371 _____ () C:\Users\Lailane\Desktop\zoek.rar
2014-10-10 10:09 - 2014-07-14 15:11 - 01417360 _____ () C:\Users\Lailane\Desktop\zoek.scr
2014-10-10 10:09 - 2014-07-14 15:11 - 01417360 _____ () C:\Users\Lailane\Desktop\zoek.pif
2014-10-10 10:09 - 2014-07-14 15:11 - 01417360 _____ () C:\Users\Lailane\Desktop\zoek.com
2014-10-10 13:28 - 2013-11-02 01:01 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000UA.job
2014-10-10 13:28 - 2013-11-02 01:01 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000Core.job
2014-09-14 15:26 - 2014-04-22 11:54 - 00000000 ____D () C:\Program Files\PSafe
Task: {10AB9E2B-D995-4355-B31F-0538BA2569C1} - \FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000Core No Task File <==== ATTENTION
Task: {5CAFC3E0-ADB0-4980-A4B9-999B195616C6} - \FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000UA No Task File <==== ATTENTION
Task: {79952180-0F08-48D9-9F0F-3B3EA27E69C1} - \Baidu Antivirus Update No Task File <==== ATTENTION
Task: {EE82D958-3D4F-4427-9B20-A103E7A7180A} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
2014-01-21 11:17 - 2014-01-21 11:17 - 00541032 _____ () C:\Program Files\Baidu Security\Baidu Antivirus\sqlite.dll
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""
end
*****************

AV: Baidu Antivirus (Enabled - Up to date) {10616E6C-0E20-8594-D377-A7D03F6128A6} => The item is protected. Make sure the software is uninstalled and its services are removed.
AS: Baidu Antivirus (Enabled - Up to date) {AB008F88-281A-8A1A-E9C7-9CA244E6621B} => The item is protected. Make sure the software is uninstalled and its services are removed.
C:\Program Files\Baidu Security\Baidu Antivirus\BAVSvc.exe => Failed to close process.
C:\Program Files\Baidu Security\Baidu Antivirus\BHipsSvc.exe => Failed to close process.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Baidu Antivirus => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock" => Key deleted successfully.
"HKCR\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}" => Key deleted successfully.
BAVSvc => Service stopped successfully.
BAVSvc => Service deleted successfully.
BHipsSvc => Unable to stop service
BHipsSvc => Service deleted successfully.
jhi_service => Service deleted successfully.
NMIndexingService => Service deleted successfully.
BdApiUtil => Service deleted successfully.
BdCameraProtect => Service deleted successfully.
Bfilter => Unable to stop service
Bfilter => Service deleted successfully.
Bfmon => Unable to stop service
Bfmon => Service deleted successfully.
Bhbase => Unable to stop service
Bhbase => Service deleted successfully.
Bprotect => Unable to stop service
Bprotect => Service deleted successfully.
RSUSBSTOR => Service deleted successfully.
RTWlanE => Service deleted successfully.
ZTEusbmdm6k => Service deleted successfully.
ZTEusbnmea => Service deleted successfully.
ZTEusbser6k => Service deleted successfully.
C:\Users\Lailane\Desktop\ZHPFixReport.txt => Moved successfully.
C:\Users\Lailane\Desktop\ZHPFIX.txt => Moved successfully.
C:\Users\Todos os Usuários\Baidu => Moved successfully.
"C:\ProgramData\Baidu" => File/Directory not found.
C:\Users\Lailane\Desktop\ZHPDiag.txt => Moved successfully.
C:\Users\Lailane\AppData\Roaming\ZHP => Moved successfully.
C:\Users\Lailane\Desktop\ZHPFix.lnk => Moved successfully.
C:\Users\Lailane\Desktop\ZHPDiag.lnk => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP => Moved successfully.
C:\Program Files\ZHPDiag => Moved successfully.
C:\Users\Lailane\Desktop\ZHPDiag2.exe => Moved successfully.
C:\Users\Lailane\Desktop\JRT.txt => Moved successfully.
C:\Users\Lailane\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\Users\Lailane\Desktop\zoek-results.txt => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Lailane\Desktop\JRT.exe => Moved successfully.
C:\Users\Lailane\Desktop\zoek.rar => Moved successfully.
C:\Users\Lailane\Desktop\zoek.scr => Moved successfully.
C:\Users\Lailane\Desktop\zoek.pif => Moved successfully.
C:\Users\Lailane\Desktop\zoek.com => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000UA.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000Core.job => Moved successfully.
C:\Program Files\PSafe => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10AB9E2B-D995-4355-B31F-0538BA2569C1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10AB9E2B-D995-4355-B31F-0538BA2569C1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000Core" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5CAFC3E0-ADB0-4980-A4B9-999B195616C6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CAFC3E0-ADB0-4980-A4B9-999B195616C6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-3690846425-4128786697-235807194-1000UA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79952180-0F08-48D9-9F0F-3B3EA27E69C1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79952180-0F08-48D9-9F0F-3B3EA27E69C1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu Antivirus Update" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EE82D958-3D4F-4427-9B20-A103E7A7180A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE82D958-3D4F-4427-9B20-A103E7A7180A}" => Key deleted successfully.
C:\Windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633" => Key deleted successfully.
C:\Program Files\Baidu Security\Baidu Antivirus\sqlite.dll => Moved successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\BavSvc" => Key deleted successfully.


The system needed a reboot.

==== End of Fixlog ====
avatar
luizvilarinho
Membro
Membro

Mensagens : 776
Reputação : 2
Data de inscrição : 13/11/2013

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por joram em Sex 10 Out 2014, 16:35

Boa Tarde! luizvilarinho

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by techsupportall.com )
> Salve-a no desktop!

[Você precisa estar registrado e conectado para ver esta imagem.]

> Execute o arquivo Adware-Removal-Tool-v3.5.exe <<

[Você precisa estar registrado e conectado para ver esta imagem.]

> Dê início a verificação,clicando em Scan.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Ao concluir seu prescan,clique OK.
> Ps: Cada guia irá mostrar o que será removido!

[Você precisa estar registrado e conectado para ver esta imagem.]

> Clique "Next" >> Aguarde!

< Computador >> Windows (C:) >> Program Files >> Adware-Removal-Tool >> Reports >> Repair_Logs_2014_10_dia_h_min_seg.txt <<

> Poste o relatório! 

Abs!
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por luizvilarinho em Sex 10 Out 2014, 17:05

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool v3.9
Time: 2014_10_10_16_55_30
OS: Windows 7 - 32 Bit
Account Name: Lailane
U0L0S8

\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

Deleted - File - C:\Users\Lailane\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\http_videodownloadconverter.dl.tb.ask.com_0.localstorage
Deleted - File - C:\Users\Lailane\Appdata\Roaming\Microsoft\Windows\Cookies\lailane@conduit-data[1].txt
Deleted - File - C:\Users\Lailane\Appdata\Roaming\Microsoft\Windows\Cookies\lailane@babylon[2].txt
Deleted - RegistryValue - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION:snapdo.exe
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\lailane\appdata\local\smartbar\common\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\lailane\appdata\local\smartbar\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\lailane\appdata\local\smartbar\common\iconswide\
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\Folders:c:\users\lailane\appdata\local\smartbar\application\

\\ Finished
avatar
luizvilarinho
Membro
Membro

Mensagens : 776
Reputação : 2
Data de inscrição : 13/11/2013

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por joram em Sex 10 Out 2014, 17:15

Boa Tarde! luizvilarinho

> Baixe: |[Você precisa estar registrado e conectado para ver este link.]| ( ... de Xplode )

[Você precisa estar registrado e conectado para ver esta imagem.]

> Estando na página,clique em Download Now
> Salve-a em um local conveniente! ( desktop! )
> Feche aplicativos que estejam abertos.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Com as caixinhas marcadas,clique Executar!
> Reinicie o computador!
> Tudo Ok?

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por luizvilarinho em Sex 10 Out 2014, 17:19

Vi que o baidu ainda está instalado no PC, devo remover pelo programas e recursos?
avatar
luizvilarinho
Membro
Membro

Mensagens : 776
Reputação : 2
Data de inscrição : 13/11/2013

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por joram em Sex 10 Out 2014, 17:23

luizvilarinho escreveu:Vi que o baidu ainda está instalado no PC, devo remover pelo programas e recursos?
Boa Tarde! luizvilarinho


> São resquícios inválidos,que podem ser removidos manualmente ou pelo recurso que lhe agrade.

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por luizvilarinho em Sex 10 Out 2014, 19:08

Vez em quando recebo notificação da central de segurança para ativar o baidu antivirus, tem algum procedimento a ser executado?

Usei o Revo Uninstaller e acho que consegui remover esse baidu.
avatar
luizvilarinho
Membro
Membro

Mensagens : 776
Reputação : 2
Data de inscrição : 13/11/2013

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por joram em Sex 10 Out 2014, 19:23


  • Boa Noite! luizvilarinho

  • Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Swearware )
  • Salve-o no desktop! ( Área de trabalho! )
  • Ps: Desabilite seu antivírus,antispywares e/ou firewall. ( Menos o do Windows! )
  • Feche algum programa/arquivo que esteja aberto.
  • Feche,também,seu navegador! ( IE,Firefox,Opera ou Google Chrome )
  • Ps: Esteja conectado(a) à Internet. << Importante!
  • É preciso estar logado no sistema com privilégios de administrador.
  • Execute ComboFix.exe,com um duplo clique.

    [Você precisa estar registrado e conectado para ver esta imagem.]

  • Surgindo alguma mensagem de erro,execute ComboFix.exe em Modo de Segurança com rede.
  • Ps: Para completar as remoções,talvez haja necessidade da ferramenta reiniciar o computador. 
  • Abrir-se-á a janela Auto Scan
  • Aguarde a finalização de todas as Etapas.
  • Durante o scan,evite utilizar o mouse ou teclado!
  • Concluindo,poste: C:\ComboFix.txt 
    "Tentativa de operaçao ilegal em uma chave do Registro marcada para exclusão."

  • Ao ocorrer este erro,basta reiniciar o computador!
  • "ComboFix é uma ferramenta que pode danificar o sistema. Utilize-o,somente,sob supervisão de analistas de segurança."

  • Abs!
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por luizvilarinho em Sex 10 Out 2014, 19:27

É mesmo necessário usar o combofix já que ele pode danificar o sistema, e já removi o baidu e deletei sua pasta com chaves no regedit
avatar
luizvilarinho
Membro
Membro

Mensagens : 776
Reputação : 2
Data de inscrição : 13/11/2013

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por joram em Sex 10 Out 2014, 19:41

luizvilarinho escreveu:É mesmo necessário usar o combofix já que ele pode danificar o sistema, e já removi o baidu e deletei sua pasta com chaves no regedit
Olá!

Pode abortar,pois não vi sua edição ao Post,referente ao Revo Uninstaller.
Tudo OK?

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por luizvilarinho em Sex 10 Out 2014, 19:49

Então tudo resolvido podemos fechar o tópico.
Obrigado!
avatar
luizvilarinho
Membro
Membro

Mensagens : 776
Reputação : 2
Data de inscrição : 13/11/2013

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por joram em Sex 10 Out 2014, 19:51

Caso Resolvido

Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Você precisa estar registrado e conectado para ver este link.] solicitando o desbloqueio.

_________________
[Você precisa estar registrado e conectado para ver este link.] >> O que há de melhor,para desinfectar seu computador!
[Você precisa estar registrado e conectado para ver este link.] >> Não deixem de conhecer!
[Você precisa estar registrado e conectado para ver este link.] >> Tradição em informática!
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: PC com baidu e outras pragas

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum