Fórum PC Brasil
Gostaria de reagir a esta mensagem? Crie uma conta em poucos cliques ou inicie sessão para continuar.

Implementa recursos de segurança e limpeza ao computador!

Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking reddit      

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14810 usuários registrados
O último membro registrado é Josevinil

Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Últimos assuntos
» Problema no disco rígido do Windows 11
por joram Seg 01 Abr 2024, 06:35

Quem está conectado?
5 usuários online :: 0 registrados, 0 invisíveis e 5 visitantes

Nenhum

O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
 
 

Resultados por:
 

Rechercher Pesquisa avançada

Top dos mais postadores
Power Max
Notebook Toshiba L675-S7133 - Trancando Vote_lcapNotebook Toshiba L675-S7133 - Trancando Voting_barNotebook Toshiba L675-S7133 - Trancando Vote_rcap 
joram
Notebook Toshiba L675-S7133 - Trancando Vote_lcapNotebook Toshiba L675-S7133 - Trancando Voting_barNotebook Toshiba L675-S7133 - Trancando Vote_rcap 
Wings [In Memoriam]
Notebook Toshiba L675-S7133 - Trancando Vote_lcapNotebook Toshiba L675-S7133 - Trancando Voting_barNotebook Toshiba L675-S7133 - Trancando Vote_rcap 
caedurodrigues
Notebook Toshiba L675-S7133 - Trancando Vote_lcapNotebook Toshiba L675-S7133 - Trancando Voting_barNotebook Toshiba L675-S7133 - Trancando Vote_rcap 
Amigo Brasileiro
Notebook Toshiba L675-S7133 - Trancando Vote_lcapNotebook Toshiba L675-S7133 - Trancando Voting_barNotebook Toshiba L675-S7133 - Trancando Vote_rcap 
luizvilarinho
Notebook Toshiba L675-S7133 - Trancando Vote_lcapNotebook Toshiba L675-S7133 - Trancando Voting_barNotebook Toshiba L675-S7133 - Trancando Vote_rcap 
Danii
Notebook Toshiba L675-S7133 - Trancando Vote_lcapNotebook Toshiba L675-S7133 - Trancando Voting_barNotebook Toshiba L675-S7133 - Trancando Vote_rcap 
Admin
Notebook Toshiba L675-S7133 - Trancando Vote_lcapNotebook Toshiba L675-S7133 - Trancando Voting_barNotebook Toshiba L675-S7133 - Trancando Vote_rcap 
Danilo Marsaro
Notebook Toshiba L675-S7133 - Trancando Vote_lcapNotebook Toshiba L675-S7133 - Trancando Voting_barNotebook Toshiba L675-S7133 - Trancando Vote_rcap 
Andreata
Notebook Toshiba L675-S7133 - Trancando Vote_lcapNotebook Toshiba L675-S7133 - Trancando Voting_barNotebook Toshiba L675-S7133 - Trancando Vote_rcap 

maio 2024
SegTerQuaQuiSexSábDom
  12345
6789101112
13141516171819
20212223242526
2728293031  

Calendário Calendário

Palavras-chaves

game  SISPNCD  2025  flash  teclado  video  desinstalar  mcafee  placa  2015  instalação  impressora  excluir  PARA  áudio  deletar  virus  popup  pessoas  vídeos  player  SOFTWARE  notebook  2013  windows  adobe  


Notebook Toshiba L675-S7133 - Trancando

2 participantes

Fórum PC Brasil :: Segurança da Informação :: Casos Resolvidos

Página 1 de 3 1, 2, 3  Seguinte

Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Sáb 13 Dez 2014, 11:50

Já passei todos programas conhecidos de antivirus, malwarez, ccleaner, etc.
O Tuneup identificou a falta do Driver BAPIDRV, mas não consigo localizá-lo para baixar.
A seguir relatório do

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:43:40, on 13/12/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\baidu\Spark\spark.exe
C:\Program Files (x86)\baidu\Spark\spark.exe
C:\Program Files (x86)\baidu\Spark\spark.exe
C:\Program Files (x86)\baidu\Spark\spark.exe
C:\Program Files (x86)\baidu\Spark\spark.exe
C:\Program Files (x86)\baidu\Spark\spark.exe
C:\Program Files (x86)\baidu\Spark\spark.exe
C:\Program Files (x86)\baidu\Spark\spark.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Users\Sergio\Downloads\HijackThis.exe
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\ReportCommRetry.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Baidu Antivirus] "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe" -auto
O4 - HKLM\..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
O4 - HKLM\..\Run: [Baidu PC Faster 4.0.0.0] "C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFTray.exe" -auto -start
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: bankline.itau.com.br
O15 - Trusted Zone: clickbanking.itau.com.br
O15 - Trusted Zone: guardiao.itau.com.br
O15 - Trusted Zone: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O15 - Trusted Zone: *.itau.com.br
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4A98000-5D54-4764-AF70-9E2FFC29E3DB}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - Winlogon Notify:  GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Baidu MoboMarket Service (BASSVC) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe
O23 - Service: Baidu Antivirus Service (BavSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavSvc.exe
O23 - Service: Baidu Hips Service (BHipsSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe
O23 - Service: Baidu System Repair Tool Service (BsrSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavAdvTools\128B4BEC-5D89-43AD-BAA8-207084AA0E4F\tool\BsrSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) - Baidu Inc. - C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype C2C Service - Unknown owner - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Baidu Spark Service (SparkSvc) - Baidu Inc. - C:\Program Files (x86)\baidu\Spark\sparkservice.exe
O23 - Service: Baidu Spark Updater (SparkUpdater) - Baidu.com, Inc. - C:\Program Files (x86)\Baidu\SparkUpdate\Sparkupdate.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe

--
End of file - 9968 bytes
Grato
binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por joram Sáb 13 Dez 2014, 13:04

/!\ Bom Dia! binalima /!\

> Desinstale: C:\Program Files (x86)\Baidu Security\Baidu Antivirus <<
> Desinstale: C:\Program Files (x86)\baidu\Spark <<
> Desinstale: C:\Program Files (x86)\Spybot - Search & Destroy <<

> Após desinstalar estes softwares,poste novo log do HijackThis.

A+
joram
joram
Administrador
Administrador

Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Dom 14 Dez 2014, 00:32

OK.
Desinstalado Baidu Antivírus, Spark, Spybot-Search & Desttroy e também Baidu Pc Faster.

Novo log do HijackThis

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:24:50, on 14/12/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Sergio\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4A98000-5D54-4764-AF70-9E2FFC29E3DB}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - Winlogon Notify:  GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Baidu MoboMarket Service (BASSVC) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Unknown owner - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Baidu Spark Service (SparkSvc) - Baidu Inc. - C:\Program Files (x86)\baidu\Spark\sparkservice.exe
O23 - Service: Baidu Spark Updater (SparkUpdater) - Baidu.com, Inc. - C:\Program Files (x86)\Baidu\SparkUpdate\Sparkupdate.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe

--
End of file - 8042 bytes
binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por joram Dom 14 Dez 2014, 10:58

Bom Dia! binalima

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Smeenk )

< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >

> Salve-o ao desktop!
> Desabilite seu antivírus!
> Para Windows 7,execute zoek.exe como administrador.

emptyfolderscheck;delete
autoclean;
emptytemp;
Baidu;a
Baidu;z 

> Copie e cole estas informações,que estão em vermelho,no campo da ferramenta.
> Clique "Run Script". 

Zoek.exe is running now. 
Do not start any browser windows, they will be closed automatically. 
Please wait! This window will close when finished. 
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
> Surgirão informações,pedindo-lhe que aguarde o surgimento do relatório.
> Ps: Essas informações,podem permanecer estáticas na tela por 20 minutos ou mais.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Confirme o reboot!

zoek.hta failed by unknown error.
Restart computer, and try again.
> Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
> Poste o relatório,que estará em C:\zoek-results.txt << 

A+
joram
joram
Administrador
Administrador

Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Dom 14 Dez 2014, 13:26

Não consigo enviar...

A largura da sua mensagem ultrapassa o limite autorizado.
binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Dom 14 Dez 2014, 13:29

Envio em 2 partes.



Zoek.exe v5.0.0.0 Updated 12-December-2014
Tool run by Sergio on 14/12/2014 at 11:16:25,58.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Sergio\Desktop\zoek.exe.com [Scan all users] [Script inserted]

==== System Restore Info ======================

14/12/2014 11:24:08 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\DeltaFix deleted successfully
C:\PROGRA~2\DivX deleted successfully
C:\PROGRA~2\MediaPlayerplus deleted successfully
C:\PROGRA~2\SlimDrivers deleted successfully
C:\PROGRA~2\TOSHIBA Corporation deleted successfully
C:\Program Files\BsPlayer 2.67 deleted successfully
C:\Program Files\Easeware deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\Logs deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Trusted Publisher deleted successfully
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully
C:\PROGRA~3\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} deleted successfully
C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted successfully
C:\Users\Sergio\AppData\Roaming\DigitalSites deleted successfully
C:\Users\Sergio\AppData\Roaming\HpUpdate deleted successfully
C:\Users\Sergio\AppData\Roaming\Opera Software deleted successfully
C:\Users\Sergio\AppData\Roaming\Panda Security deleted successfully
C:\Users\Sergio\AppData\Roaming\tor deleted successfully
C:\Users\Sergio\AppData\Local\MigWiz deleted successfully
C:\Users\Sergio\AppData\Local\Opera Software deleted successfully
C:\Users\Sergio\AppData\Local\Secunia PSI deleted successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13FAB82D-5EC8-4F11-B946-256B94CFC8B6} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{148879A-FBDD-4C2E-9BAF-D9BFA76F96C} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BFA6B9B-14AE-408E-BE24-C041E8E283C6} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21FC56F6-DA7C-4D31-A0EE-DB7B5B7C7D5} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{24485923-9537-4A58-99B2-7CBFAAA68E83} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{24FE0908-8BAB-4E9A-AC4E-3688BFAA45AD} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27EFBE35-BFC8-44B5-AEBC-6ABEB55145B7} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E45CAB6-AF7-4418-B754-7BCE10D7FEC7} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{317E1600-916F-457F-8C7E-809DA7449B75} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31DF4434-B66E-4B86-846E-6CAEEC4930FD} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{335403D6-5A90-40D8-88D2-9AF43FE72DD0} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{341A3058-D878-4655-96CE-31AEAACF711A} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36DA050D-2E2E-4901-9821-6BB2322BFB91} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{389AE3B5-63D3-470B-8021-EB7090E225E} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3DE9D402-162-497E-BB88-DBE6A55BF4} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3DEF735E-1D27-49FD-8E1A-54F6AEADB861} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3FF5CF2B-10B2-4B88-9AA6-A6BFF6B42D7} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4261DFDA-3D20-45CC-899B-5B2B43C9A3EA} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42DEDA28-465B-4DF3-A73C-3858387A8A9} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4541F0D1-C768-45FD-98C6-1037C3F9CA5D} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{45B0E022-FB8A-496E-AF36-8E74789BBAA4} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A07E411-4E1E-4FA0-B69C-E4CDBBDA8C75} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B3B3385-F2F0-481E-B7C-623E27D9AA1} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E3504EA-B7EA-4AF1-8625-FF4D4F233B3} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F0D8F71-225-405E-A279-7AACC3E4F054} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FEF13D5-9CD-46F2-B46E-5918866E4443} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{584EBCAA-29D7-4DD5-9766-1C924B5835E} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58B45D29-1A9E-42C4-9AA6-86D517C47DEB} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5CE25479-DFE4-41CC-AC5E-AA343F5B29F2} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EC90073-A7B8-4E98-AC66-14CA5B72C947} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FF2848C-DEAF-4458-A7B3-AAB5AF8A4F53} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60985BFA-AB5B-4D18-A551-2D3CBCD2F75} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{620DD268-3772-4F67-9081-DF9CC2873166} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62942378-1190-4B9B-9B7B-5EA7B4555AA2} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6376062F-FE84-4F49-85D5-78405DF32295} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63E35B8C-E23A-493D-ACB8-FB625873AA4} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{665EE6FC-9B52-48A3-8C5F-E8F2454FE221} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67974588-BF4B-4B1A-8327-D9B51271B567} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6ED61799-D3BB-4C81-9EC4-728DCF3D56EA} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7036F21F-3842-4EB3-9DC6-57F3C4CCAAD6} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{715B9BC7-C91A-402E-ACA-1C2A20DDAAB8} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74E04339-5515-4A9F-BC8E-2DDB82B5447F} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78431D61-C8DD-4F3D-9AD3-63209ECFF37E} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A60FE52-5587-4780-A554-11E5C8AB8EA} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7BA74A20-9524-43BF-80EA-4C96BA2C6D3D} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D6915C-382-4DD1-A1EC-2E472A29118} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FC8DE51-AE4F-4171-BCE2-EC31527C6754} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{809E0F34-4846-4929-9A54-8F35AE818A64} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81177C5F-2796-4394-A0E8-A9F9DDE1E1E} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{830E5605-AFF7-4267-A9E7-55795B7BF9BB} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8351245B-8F7A-4DE6-9B6-CD482369BEA8} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A61AE76-938B-428A-81D-2E66A61CFA3A} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AD6DF19-64B7-4D7A-8919-9F2523EA9D7} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F19A53E-24A0-4FD5-B14D-77621D926823} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9052C3A9-1704-4608-A473-947A552E848E} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9230D859-E18F-401B-9B81-59CE3E964868} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{930C98D0-5005-40A5-AFAD-84AE113FBEC8} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{933370C4-2E33-4289-8A47-46B265FF96CC} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96F82FE0-A459-4CA7-87CD-7EEC3C41BD2D} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{979C386-92FC-4A02-A8B8-C2E5B8E17BA6} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D4E0D22-CA7E-42E1-A277-D9DC7C229712} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A032296D-3FB2-4DB7-B7F5-F6DF4C15BC33} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2472BC0-B0C1-4F70-88BD-8260E2103791} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2E73522-FB1-48C6-AB69-528A46FD35E5} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A6008182-CCD2-4575-A4D4-65BC86D91CC3} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7724A01-122A-4550-87CE-4997949C76F} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A895CA5-51FD-4051-94B1-A36287C5ECF7} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAC83DC7-410D-4164-8E18-53CA3594F2F1} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ABB717D9-2E11-4820-9E26-BD9E4E217D6E} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACC51B41-1870-43E3-83C7-4CCF7E981D82} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B22B5AAF-FCD1-43B7-9481-A4B2709D29FA} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B23476DC-99CA-4597-BACB-3231D2BF86CB} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2F93BF0-282-4142-9CF5-6D56F39DF667} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4B1FBBB-21F4-4CFB-956F-8D5444AE7A96} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5F8BB2A-2CD8-41B0-BDC8-F5ACFA31F8FD} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B62B6BD-5005-43CC-AEAA-7064D0A79813} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B63243A9-F314-4730-8DB-AD78BB93ACFC} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B658DAF-EACD-4405-8C6C-60D3C388757B} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6EADF50-41BF-4CD1-997-C8FF60606D9C} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B81F41CA-D162-4D3A-B822-5D20DECF3418} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B8DBFE6F-5CA5-4CD6-A2A4-520BAD997229} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC7C099F-16F2-4985-924E-F1615E70161F} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD695952-2CC4-4EDA-B0B1-4EA7F923852E} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFCEA2A9-A534-419E-B98A-F1A35C1E72A5} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C82ED410-19C3-4E6F-9BBC-1322E26EF74B} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBDD3EA8-651D-408B-A8A7-E1A9DA16AEA} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D007E921-104D-49FA-8C5B-4F19CBC0BD5B} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D08B615A-DAC2-48FA-8BE-528C7D3BA1FE} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D2434D6-8560-445F-B99E-CF8F1BF02F9F} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D992CE79-FE67-4801-8DAE-F586DE37EC23} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC180AF3-F219-42C7-A2D6-DBABA7219C} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCC61FD7-B89A-4A66-BB10-FA88E4C8F199} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DFB7EEF1-569E-4F35-A5A-38D892931110} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E00F0C62-BB09-48E7-8CFD-72669CF03E96} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0828B4D-9E56-4EC5-BA41-E732B9C1EDEB} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E09C24CA-D37D-4017-A06D-AD8DDBD56C5D} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1979062-EDC-494F-9BDA-3AEA7C227B3} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E2E59EE1-4F3F-4E45-8AC1-45C46662EDB4} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E65A8753-1949-49A9-B831-1A5E4EBBB6B4} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E69399E3-A6C4-4475-A7D-B728BB9E802C} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ECAB1739-F5CB-4546-B57B-6A54E30645} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2B57367-D4CE-4835-8F83-3BECDD86571} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F32DD5E0-1264-4B69-BDA0-162CF621792} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F594ABE-1CC9-4A99-B92D-3FD27E9D5858} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5A10540-8355-47ED-A338-9CEEB09494BD} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F82B61A9-515A-4699-AD1E-6B817A8715B5} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F875DA3A-112F-4260-BC5C-615932C85F51} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA8CC3ED-EB9A-442A-903-147D794D1E69} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBDB1262-50C9-4588-8E52-59B4B14E5878} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDA1AF1C-2C5F-49D3-8888-434EE4863A2} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found
C:\PROGRA~3\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} not found
C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} not found
C:\PROGRA~3\Tbccint deleted
C:\PROGRA~3\DivX deleted
C:\Users\Sergio\AppData\LocalLow\Tbccint deleted
C:\Users\Sergio\.android deleted
C:\PROGRA~2\baidu deleted
C:\PROGRA~2\ParetoLogic deleted
C:\PROGRA~2\globalUpdate deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\found.003 deleted
C:\Users\Sergio\AppData\Roaming\WB.CFG deleted
C:\Users\Sergio\AppData\Roaming\Activeris deleted
C:\Users\Sergio\AppData\Roaming\burnaware.ini deleted
C:\Users\Sergio\AppData\Roaming\aps.uninstall.scan.results deleted
C:\Users\Sergio\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z deleted
C:\Users\Sergio\AppData\Roaming\Baidu deleted
C:\Users\Sergio\AppData\Roaming\SpeedAnalysis4 deleted
C:\Users\Sergio\AppData\Roaming\ParetoLogic deleted
C:\Users\Sergio\AppData\Roaming\DriverCure deleted
C:\Users\Sergio\AppData\Roaming\systweak deleted
C:\Users\Sergio\AppData\Roaming\Claro deleted
C:\PROGRA~3\Duplicaterecord.js deleted
C:\PROGRA~3\Conduit deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\Avg_Update_0614t deleted
C:\PROGRA~3\Avg_Update_0814av deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\ParetoLogic deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Baidu deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Sergio\AppData\Local\globalUpdate deleted
C:\Users\Sergio\AppData\Local\com deleted
C:\Users\Sergio\AppData\Local\cache deleted
C:\Users\Sergio\AppData\Local\CrashRpt deleted
C:\windows\SysNative\roboot64.exe deleted
C:\windows\SysNative\Tasks\SystemSockets deleted
C:\windows\SysNative\Tasks\Browser Updater deleted
C:\Users\Sergio\Downloads\DeviceDoctor_Bundle.exe deleted
C:\Users\Sergio\Downloads\bsplayer.exe deleted
C:\Users\Sergio\AppData\LocalLow\ADSRemoval deleted
C:\Users\Sergio\AppData\LocalLow\SimplyTech deleted
C:\windows\wininit.ini deleted
C:\windows\SysNative\tasks\060184C3-9766-46a0-B258-F4518A0B2633 deleted
C:\windows\SysNative\tasks\ProtectedSearch deleted
C:\windows\Launcher.exe deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\windows\Syswow64\InstallUtil.InstallLog deleted
C:\Users\Sergio\AppData\Roaming\unins000.exe deleted
C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\adremoveext@adremoveext.net deleted
"C:\Users\Sergio\AppData\Roaming\xx" deleted
"C:\Users\Sergio\AppData\Roaming\xx2" deleted
"C:\PROGRA~3\5a516b1e03dda36c\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}" deleted
"C:\PROGRA~3\5a516b1e03dda36c\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20141029091655" deleted
"C:\PROGRA~3\5a516b1e03dda36c\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20141029091734" deleted
"C:\PROGRA~3\5a516b1e03dda36c" deleted

==== Folders Found ======================

2014-02-19 19:54:00 2014-08-14 15:01:35 -------- d-----w- C:\BaiduDownloads
2014-02-17 20:58:56 2014-02-17 20:58:56 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2013-08-24 15:35:04 2014-12-14 02:23:15 -------- d-----w- C:\Program Files (x86)\Baidu Security
2013-10-10 15:38:52 2014-12-14 01:11:29 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2013-08-24 15:35:27 2014-11-07 12:15:31 -------- d-----w- C:\ProgramData\Baidu Security
2013-08-24 15:35:27 2014-11-07 12:15:31 -------- d-----w- C:\Users\All Users\Baidu Security
2014-04-07 18:38:29 2014-04-07 18:38:29 -------- d-----w- C:\Users\Public\Documents\Baidu
2013-08-24 15:34:56 2014-12-14 02:23:25 -------- d-----w- C:\Users\Public\Documents\Baidu Security
2014-12-09 15:25:18 2014-12-09 15:25:18 -------- d-----w- C:\Users\Sergio\AppData\Local\Temp\Baidu
2013-08-24 15:34:55 2014-12-14 02:23:11 -------- d-----w- C:\Users\Sergio\AppData\Roaming\Baidu Security
2014-06-26 12:22:16 2014-06-26 12:22:16 -------- d-----w- C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Baidu Security

==== Files Found ======================


--- C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\Data\Temp\com.baidu.browser.inter75.apk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 5032553
Created time: 2014-11-08 11:11:20
Modified time: 2014-11-26 19:40:39
MD5: 1943415199062BBC23E36B9898CD3595
SHA1: 2340431108DDDCE88F020BAFB643643E4862492C


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Baidu.Hao123-0000.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1923
Created time: 2014-06-26 12:56:02
Modified time: 2014-06-26 12:56:02
MD5: 77266CA91F3C11E9D4533316C92CCE4D
SHA1: 6918896714BB7D63996D6D0A4C5D455BB8285CEE


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0000.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2580
Created time: 2013-12-29 14:32:40
Modified time: 2013-12-29 14:32:40
MD5: 2D3A5D4CDB63135DCE579A4C10627F8F
SHA1: 5F27BBB6CD0DDC39456F904CD819B5932B60CDAC


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0001.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2303
Created time: 2014-02-19 19:37:31
Modified time: 2014-02-19 19:37:31
MD5: 05BCD16A56216F3E482E36BBBF1B70CF
SHA1: FF4BE0C6FD47EB323C4221605CF283356A6695F3


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0002.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2355
Created time: 2014-02-27 13:12:45
Modified time: 2014-02-27 13:12:45
MD5: 70FD75E20A8DD6E44DE2DA86C5D834E1
SHA1: E8A978E3D63DA5F88FDFA9E5B06414D331E2FFC9


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0003.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2203
Created time: 2014-03-06 23:03:22
Modified time: 2014-03-06 23:03:22
MD5: F52B4C519F722F4967C8FE60288E2C9A
SHA1: D7F4F719C9ABA13D8478E00C590F8B98F110C999


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0004.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1836
Created time: 2014-03-06 23:39:14
Modified time: 2014-03-06 23:39:14
MD5: 1108D6E224FCA4D734C304F53B01A944
SHA1: 0A3FE9B84AFBA787259D69A54D16D75504E3A99F


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0005.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2908
Created time: 2014-04-18 13:47:20
Modified time: 2014-04-18 13:47:20
MD5: 082B22F4ACB758B5A569B8DD813AEAFB
SHA1: 4C908557F1A4DC68050CE0503F850A63A0938D0C


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0006.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2713
Created time: 2014-05-01 13:26:59
Modified time: 2014-05-01 13:26:59
MD5: 7D5BDBB15C08998E2244C7DD42E73788
SHA1: 23410728A70E1A7A6D4727591D470E361F4E014A


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0007.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2979
Created time: 2014-05-10 15:17:34
Modified time: 2014-05-10 15:17:34
MD5: EE5C261C03DAA971E41BF29EDF71FCF4
SHA1: 8D4EDFE4B8045628396F37A917CB5C3EC663B5A3


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0008.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2567
Created time: 2014-05-13 05:42:30
Modified time: 2014-05-13 05:42:30
MD5: 0D741CC3322ACA13216D218CAD3BBD67
SHA1: C8AC5341F38825CDD9A93D2C90B3C47210630980


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0009.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3351
Created time: 2014-05-17 13:02:59
Modified time: 2014-05-17 13:02:59
MD5: E4BB46482C7F9C1DA092A230713BD535
SHA1: F6E5842EFCB942836842F052965548735F2ABBF6


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0010.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1874
Created time: 2014-06-24 23:23:15
Modified time: 2014-06-24 23:23:15
MD5: 85C97C288B46B4CA6E5A68CEA308D90B
SHA1: 46DC7FDECBF83A5EBEBAB54DD629FF7F1612CE8A


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0011.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1989
Created time: 2014-06-26 12:56:02
Modified time: 2014-06-26 12:56:02
MD5: FF4E5C96DDFA1FA2F0D53D3522C038F2
SHA1: FA26C826C9D8B68831626533883C610B99DB7ABC


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0012.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2512
Created time: 2014-07-14 20:34:19
Modified time: 2014-07-14 20:34:19
MD5: 733984D3FF2755E6DCF7054342A52B57
SHA1: 0A0533140F2C273120BA62A41F6E58D0CFBF89B3


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0013.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1945
Created time: 2014-07-24 00:06:55
Modified time: 2014-07-24 00:06:55
MD5: 8C2A6350DDA5EFF956290D3E67B86201
SHA1: DDD4C46C3537625A0442B817D6635D5EBEC9395D


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0014.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1958
Created time: 2014-08-01 14:14:14
Modified time: 2014-08-01 14:14:14
MD5: F841B5CEF3F7AD38845845590558923D
SHA1: 478389B2E361FED096D2CEADC359B2908F37AB49


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0015.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2396
Created time: 2014-08-07 17:50:39
Modified time: 2014-08-07 17:50:39
MD5: FFC4A2181669312F35DB63F1B73AF3E5
SHA1: 7B6336F929679FCECC53F70133E309D169AFE199


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0016.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2462
Created time: 2014-08-21 13:09:08
Modified time: 2014-08-21 13:09:08
MD5: 02CE2BB23F8D0D6169A4BE978750EA4B
SHA1: B1D044A84D3DDED3FFE3DE69A464CCA6B411A9C4


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0017.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2464
Created time: 2014-09-24 23:46:22
Modified time: 2014-09-24 23:46:23
MD5: C33AE9C8088F8063B4B152873C970957
SHA1: E968E242F939571521FBDD2FB2FE1C7D8A698DED


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0018.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2041
Created time: 2014-10-30 17:01:39
Modified time: 2014-10-30 17:01:39
MD5: 03A6DEC0F8F631FF396B9E844C54B979
SHA1: 9F9B9920315571366EFAF367BE42CD5454702920


--- C:\ProgramData\Spybot - Search & Destroy\Quarantine\BaiduBar-0019.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2438
Created time: 2014-11-16 15:27:03
Modified time: 2014-11-16 15:27:04
MD5: 16F2E4098ACF143F9DB8708710856B54
SHA1: 61AB67415673B62DC6A3A98FD6A792F88AF3A02D


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\Baidu.Hao123-0000.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1923
Created time: 2014-06-26 12:56:02
Modified time: 2014-06-26 12:56:02
MD5: 77266CA91F3C11E9D4533316C92CCE4D
SHA1: 6918896714BB7D63996D6D0A4C5D455BB8285CEE


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0000.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2580
Created time: 2013-12-29 14:32:40
Modified time: 2013-12-29 14:32:40
MD5: 2D3A5D4CDB63135DCE579A4C10627F8F
SHA1: 5F27BBB6CD0DDC39456F904CD819B5932B60CDAC


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0001.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2303
Created time: 2014-02-19 19:37:31
Modified time: 2014-02-19 19:37:31
MD5: 05BCD16A56216F3E482E36BBBF1B70CF
SHA1: FF4BE0C6FD47EB323C4221605CF283356A6695F3


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0002.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2355
Created time: 2014-02-27 13:12:45
Modified time: 2014-02-27 13:12:45
MD5: 70FD75E20A8DD6E44DE2DA86C5D834E1
SHA1: E8A978E3D63DA5F88FDFA9E5B06414D331E2FFC9


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0003.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2203
Created time: 2014-03-06 23:03:22
Modified time: 2014-03-06 23:03:22
MD5: F52B4C519F722F4967C8FE60288E2C9A
SHA1: D7F4F719C9ABA13D8478E00C590F8B98F110C999


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0004.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1836
Created time: 2014-03-06 23:39:14
Modified time: 2014-03-06 23:39:14
MD5: 1108D6E224FCA4D734C304F53B01A944
SHA1: 0A3FE9B84AFBA787259D69A54D16D75504E3A99F


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0005.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2908
Created time: 2014-04-18 13:47:20
Modified time: 2014-04-18 13:47:20
MD5: 082B22F4ACB758B5A569B8DD813AEAFB
SHA1: 4C908557F1A4DC68050CE0503F850A63A0938D0C


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0006.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2713
Created time: 2014-05-01 13:26:59
Modified time: 2014-05-01 13:26:59
MD5: 7D5BDBB15C08998E2244C7DD42E73788
SHA1: 23410728A70E1A7A6D4727591D470E361F4E014A


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0007.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2979
Created time: 2014-05-10 15:17:34
Modified time: 2014-05-10 15:17:34
MD5: EE5C261C03DAA971E41BF29EDF71FCF4
SHA1: 8D4EDFE4B8045628396F37A917CB5C3EC663B5A3


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0008.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2567
Created time: 2014-05-13 05:42:30
Modified time: 2014-05-13 05:42:30
MD5: 0D741CC3322ACA13216D218CAD3BBD67
SHA1: C8AC5341F38825CDD9A93D2C90B3C47210630980


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0009.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3351
Created time: 2014-05-17 13:02:59
Modified time: 2014-05-17 13:02:59
MD5: E4BB46482C7F9C1DA092A230713BD535
SHA1: F6E5842EFCB942836842F052965548735F2ABBF6


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0010.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1874
Created time: 2014-06-24 23:23:15
Modified time: 2014-06-24 23:23:15
MD5: 85C97C288B46B4CA6E5A68CEA308D90B
SHA1: 46DC7FDECBF83A5EBEBAB54DD629FF7F1612CE8A


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0011.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1989
Created time: 2014-06-26 12:56:02
Modified time: 2014-06-26 12:56:02
MD5: FF4E5C96DDFA1FA2F0D53D3522C038F2
SHA1: FA26C826C9D8B68831626533883C610B99DB7ABC


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0012.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2512
Created time: 2014-07-14 20:34:19
Modified time: 2014-07-14 20:34:19
MD5: 733984D3FF2755E6DCF7054342A52B57
SHA1: 0A0533140F2C273120BA62A41F6E58D0CFBF89B3


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0013.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1945
Created time: 2014-07-24 00:06:55
Modified time: 2014-07-24 00:06:55
MD5: 8C2A6350DDA5EFF956290D3E67B86201
SHA1: DDD4C46C3537625A0442B817D6635D5EBEC9395D


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0014.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1958
Created time: 2014-08-01 14:14:14
Modified time: 2014-08-01 14:14:14
MD5: F841B5CEF3F7AD38845845590558923D
SHA1: 478389B2E361FED096D2CEADC359B2908F37AB49


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0015.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2396
Created time: 2014-08-07 17:50:39
Modified time: 2014-08-07 17:50:39
MD5: FFC4A2181669312F35DB63F1B73AF3E5
SHA1: 7B6336F929679FCECC53F70133E309D169AFE199


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0016.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2462
Created time: 2014-08-21 13:09:08
Modified time: 2014-08-21 13:09:08
MD5: 02CE2BB23F8D0D6169A4BE978750EA4B
SHA1: B1D044A84D3DDED3FFE3DE69A464CCA6B411A9C4


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0017.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2464
Created time: 2014-09-24 23:46:22
Modified time: 2014-09-24 23:46:23
MD5: C33AE9C8088F8063B4B152873C970957
SHA1: E968E242F939571521FBDD2FB2FE1C7D8A698DED


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0018.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2041
Created time: 2014-10-30 17:01:39
Modified time: 2014-10-30 17:01:39
MD5: 03A6DEC0F8F631FF396B9E844C54B979
SHA1: 9F9B9920315571366EFAF367BE42CD5454702920


--- C:\Users\All Users\Spybot - Search & Destroy\Quarantine\BaiduBar-0019.zip ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 2438
Created time: 2014-11-16 15:27:03
Modified time: 2014-11-16 15:27:04
MD5: 16F2E4098ACF143F9DB8708710856B54
SHA1: 61AB67415673B62DC6A3A98FD6A792F88AF3A02D


==== Registry Search Results for "Baidu" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]

[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\Spark]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\DuplicateRecord]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\LogLoc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\MoboMarket]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\MoboMarket\Processing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\MoboMarket\Temp]

"C:\\ProgramData\\Baidu Security\\MoboMarket\\RpData\\rpFile-bas_helper-2014-12-04 12-20-20-0113-[0041].tmp"="http://sync.security.baidu.co.th/cgi-bin-py/get_mobile_statistic_info.cgi"

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Processing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu_Drp_pos\DRP\Temp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared\HTML]
"KnownIDs"="htmlfile;Opera.HTML;BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn\www]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-]
"Baidu Bsr"="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BavAdvTools\\128B4BEC-5D89-43AD-BAA8-207084AA0E4F\\tool\\BsrSvc.exe\" -run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Android Store 1.2.8.3611]
"DisplayIcon"="C:\\Program Files (x86)\\Baidu Security\\MoboMarket\\1.2.8.3611\\AndroidStore.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Android Store 1.2.8.3611]
"UninstallString"="C:\\Program Files (x86)\\Baidu Security\\MoboMarket\\1.2.8.3611\\Uninstall.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Android Store 1.2.8.3611]
"Publisher"="Baidu, Inc."

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Android Store 1.2.8.3611]
"InstallDir"="C:\\Program Files (x86)\\Baidu Security\\MoboMarket\\1.2.8.3611"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
@="C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Spark.exe]
"Path"="C:\\Program Files (x86)\\baidu\\Spark"

[HKEY_LOCAL_MACHINE\SOFTWARE\Opera Software]
"Previous Default Browser"="\"C:\\Program Files (x86)\\baidu\\Spark26.5.9999.3285\\Spark.exe\" -- \"%1\""

[HKEY_LOCAL_MACHINE\SOFTWARE\TuneUp\Utilities\ProgramDeactivator]
"ProgManReDeactivateTUID0"="M32:BAIDU PC FASTER 4.0.0.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm]
@="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html]
@="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtml]
@="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xht]
@="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xhtml]
@="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\DefaultIcon]
@="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bav\shell\open\command]
@="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe\" UI_Start_From_IE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Old Icon\BaiduSparkHTML]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Old Icon\BaiduSparkHTML\DefaultIcon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Old Icon\BaiduSparkHTML\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\Spark\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Dom 14 Dez 2014, 13:33

em 3 partes.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\.htm]
@="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\.html]
@="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\.shtml]
@="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\.xht]
@="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\.xhtml]
@="BaiduSparkHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Old Icon\BaiduSparkHTML]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Old Icon\BaiduSparkHTML\DefaultIcon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Old Icon\BaiduSparkHTML\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\Spark\\resource\\application\\Image\\baidubrowserfile.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet]
@="BaiduSpark.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Spark\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe,0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Spark\shell\open\command]
@="\"C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe\""

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"="Baidu Antivirus Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdCameraProtect64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"="Baidu Hips Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCAppStoreSvc_{PCAppStore_3.15.8.4011}]
"DisplayName"="Baidu PC App Store Service 3.15.8.4011"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCAppStoreSvc_{PCAppStore_3.15.8.4011}]
"Description"="Baidu PC App Store Service 3.15.8.4011"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"DisplayName"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCFasterSvc_{PCFaster_4.0.0.0}]
"Description"="Baidu PC Faster Service 4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BASSVC]
"DisplayName"="Baidu MoboMarket Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BASSVC]
"Description"="Baidu MoboMarket Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{E8B39BA1-6520-473E-8E84-F9A1D5F72D9F}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark26.5.9999.3285\\Spark.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{2047E618-1926-40CF-81EE-6FD6EDF641A8}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark26.5.9999.3285\\Spark.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{4927ACBC-D456-469D-817D-7FFDEBD09581}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark26.5.9999.3285\\bdtray.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{D300D931-B6C2-4697-AABD-CF1A806AD32B}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark26.5.9999.3285\\bdtray.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"TCP Query User{C33B9583-738B-41DE-8BDB-58FA4B38BAE2}C:\\program files (x86)\\baidu\\spark26.5.9999.3285\\bdtray.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\program files (x86)\\baidu\\spark26.5.9999.3285\\bdtray.exe|Name=bdtray|Desc=bdtray|Defer=User|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"UDP Query User{B9B7FFAA-A96D-47A2-ABEF-D89EC70610A7}C:\\program files (x86)\\baidu\\spark26.5.9999.3285\\bdtray.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\program files (x86)\\baidu\\spark26.5.9999.3285\\bdtray.exe|Name=bdtray|Desc=bdtray|Defer=User|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{126ABF50-D905-40A0-8F0B-C0732EDFA980}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{49E13D7A-02E5-48F6-9FBD-C7A71B196635}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{58AAF6F0-E6A4-47A5-9478-0AC6987CC826}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark\\bdtray.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{01BF725A-B1B5-4FA5-AD65-E42866E47A30}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark\\bdtray.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{0545A6F5-BA66-4141-ABDC-55735AE65A03}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\WifiHotspot.exe|Name=Baidu WiFi HotSpot|Desc=Baidu WiFi HotSpot|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SparkSvc]
"DisplayName"="Baidu Spark Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SparkSvc]
"Description"="Baidu Spark Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SparkUpdater]
"DisplayName"="Baidu Spark Updater"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\BASSVC]
"DisplayName"="Baidu MoboMarket Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\BASSVC]
"Description"="Baidu MoboMarket Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{E8B39BA1-6520-473E-8E84-F9A1D5F72D9F}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark26.5.9999.3285\\Spark.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{2047E618-1926-40CF-81EE-6FD6EDF641A8}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark26.5.9999.3285\\Spark.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{4927ACBC-D456-469D-817D-7FFDEBD09581}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark26.5.9999.3285\\bdtray.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{D300D931-B6C2-4697-AABD-CF1A806AD32B}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark26.5.9999.3285\\bdtray.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"TCP Query User{C33B9583-738B-41DE-8BDB-58FA4B38BAE2}C:\\program files (x86)\\baidu\\spark26.5.9999.3285\\bdtray.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\program files (x86)\\baidu\\spark26.5.9999.3285\\bdtray.exe|Name=bdtray|Desc=bdtray|Defer=User|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"UDP Query User{B9B7FFAA-A96D-47A2-ABEF-D89EC70610A7}C:\\program files (x86)\\baidu\\spark26.5.9999.3285\\bdtray.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\program files (x86)\\baidu\\spark26.5.9999.3285\\bdtray.exe|Name=bdtray|Desc=bdtray|Defer=User|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{126ABF50-D905-40A0-8F0B-C0732EDFA980}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{49E13D7A-02E5-48F6-9FBD-C7A71B196635}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{58AAF6F0-E6A4-47A5-9478-0AC6987CC826}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark\\bdtray.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{01BF725A-B1B5-4FA5-AD65-E42866E47A30}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark\\bdtray.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{0545A6F5-BA66-4141-ABDC-55735AE65A03}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\WifiHotspot.exe|Name=Baidu WiFi HotSpot|Desc=Baidu WiFi HotSpot|"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\SparkSvc]
"DisplayName"="Baidu Spark Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\SparkSvc]
"Description"="Baidu Spark Service"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\services\SparkUpdater]
"DisplayName"="Baidu Spark Updater"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BNDEF\0000]
"DeviceDesc"="Baidu NetDefense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECTEX\0000]
"DeviceDesc"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BASSVC]
"DisplayName"="Baidu MoboMarket Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BASSVC]
"Description"="Baidu MoboMarket Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"DisplayName"="Baidu ProtectEx"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BprotectEx]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PCFApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFApiUtil64.sys"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{E8B39BA1-6520-473E-8E84-F9A1D5F72D9F}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark26.5.9999.3285\\Spark.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{2047E618-1926-40CF-81EE-6FD6EDF641A8}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark26.5.9999.3285\\Spark.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{4927ACBC-D456-469D-817D-7FFDEBD09581}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark26.5.9999.3285\\bdtray.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{D300D931-B6C2-4697-AABD-CF1A806AD32B}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark26.5.9999.3285\\bdtray.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"TCP Query User{C33B9583-738B-41DE-8BDB-58FA4B38BAE2}C:\\program files (x86)\\baidu\\spark26.5.9999.3285\\bdtray.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\\program files (x86)\\baidu\\spark26.5.9999.3285\\bdtray.exe|Name=bdtray|Desc=bdtray|Defer=User|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"UDP Query User{B9B7FFAA-A96D-47A2-ABEF-D89EC70610A7}C:\\program files (x86)\\baidu\\spark26.5.9999.3285\\bdtray.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\\program files (x86)\\baidu\\spark26.5.9999.3285\\bdtray.exe|Name=bdtray|Desc=bdtray|Defer=User|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{126ABF50-D905-40A0-8F0B-C0732EDFA980}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{49E13D7A-02E5-48F6-9FBD-C7A71B196635}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{58AAF6F0-E6A4-47A5-9478-0AC6987CC826}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark\\bdtray.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{01BF725A-B1B5-4FA5-AD65-E42866E47A30}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\\Program Files (x86)\\baidu\\Spark\\bdtray.exe|Name=Spark|"

"NETDIS-UPnPHost-In-TCP-Active"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=Descoberta de Rede (UPnP-Entrada)|Desc=Regra de entrada de Descoberta de Rede para permitir o uso de Universal Plug and Play. [TCP 2869]|EmbedCtxt=@FirewallAPI.dll,-32752|"
"{0545A6F5-BA66-4141-ABDC-55735AE65A03}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\WifiHotspot.exe|Name=Baidu WiFi HotSpot|Desc=Baidu WiFi HotSpot|"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SparkSvc]
"DisplayName"="Baidu Spark Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SparkSvc]
"Description"="Baidu Spark Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SparkUpdater]
"DisplayName"="Baidu Spark Updater"

[HKEY_USERS\.DEFAULT\Software\Baidu]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf\list]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf\list\4.0.1.53841]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf\list\4.0.1.53841\9134E30D3A534D1188C107EE9F317605]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf\log]

[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Pcf\log\Updater.exe]

[HKEY_USERS\.DEFAULT\Software\Baidu Security]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Application Bug]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Application Bug\bug]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Application Bug\bug\driver]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Application Bug\bug\driver\120714-49686-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\Application Bug\bug\driver\MEMORY_130624331841872346.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\4.0.0.0\Install]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\4.0.0.0\Install\1955971]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\4.0.0.0\Install\1955971]
"url"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_channel_info.cgi?install_channel=BAV|gl|upgrade|Bundle&version=4.0.5.70512&errorcode=0&errortext=&userid=577485d91a9d424f7dc712dd2db5e9bc&old_userid=Y0Q3D1SK-1C75087E7A2C!a82b1d75-f596-4e14-93df-244245fd470e@#1C75087E7A2C&install_time=2014-06-13 13:11:09&cost_time=26&file_created_time=2014-06-13 13:10:33"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\4.0.0.0\Install\1956018]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\4.0.0.0\Install\1956018]
"url"="http://sync.security.baidu.co.th/cgi-bin-py/get_channel_info.cgi?install_channel=BAV|gl|upgrade|Bundle&version=4.0.5.70512&errorcode=0&errortext=&userid=577485d91a9d424f7dc712dd2db5e9bc&old_userid=Y0Q3D1SK-1C75087E7A2C!a82b1d75-f596-4e14-93df-244245fd470e@#1C75087E7A2C&install_time=2014-06-13 13:11:09&cost_time=26&file_created_time=2014-06-13 13:10:33"

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\022014-84755-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\022514-36114-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\022514-61916-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\022714-72836-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\123013-63820-01.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\bug\driver\MEMORY_130378026310440203.dmp]

[HKEY_USERS\.DEFAULT\Software\Baidu Security\PC Faster\Setup]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn\www]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"C:\\Users\\Sergio\\AppData\\Local\\Temp\\Baidu_Secure_SystemUp_4.0.5.70512.exe"=dword:00000001

[HKEY_USERS\.DEFAULT\Software\Safer Networking Limited\Localization]
"C:\\Program Files (x86)\\baidu\\Spark\\"=""

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\list]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\list\33.10.1000.137]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\list\33.10.1000.137\83279687D28041969319F90D516FC2D6]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\list\33.8.9999.6066]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\list\33.8.9999.6066\9D687F1778973C0A41C7D71F8F2AB578]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\list\33.8.9999.6066\9D687F1778973C0A41C7D71F8F2AB578\baiduspark_[2014-9-4_15_5_34].dmp]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\list\33.8.9999.6066\9D687F1778973C0A41C7D71F8F2AB578\baiduspark_[2014-9-4_15_5_34].dmp]
"product"="baiduspark"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\list\33.8.9999.6066\9D687F1778973C0A41C7D71F8F2AB578\baiduspark_[2014-9-5_16_44_48].dmp]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\list\33.8.9999.6066\9D687F1778973C0A41C7D71F8F2AB578\baiduspark_[2014-9-5_16_44_48].dmp]
"product"="baiduspark"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\list\33.8.9999.6066\E07B8D56271192D79BE1A7264579DE2B]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\list\33.8.9999.6066\E07B8D56271192D79BE1A7264579DE2B\baiduspark_[2014-9-17_16_48_27].dmp]
binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Dom 14 Dez 2014, 13:43

Anexo Relatório Zoe

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\list\33.8.9999.6066\E07B8D56271192D79BE1A7264579DE2B\baiduspark_[2014-9-17_16_48_27].dmp]
"product"="baiduspark"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\list\33.9.1000.57]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\list\33.9.1000.57\2A50D6B2FC77B1F36FF00193E1625A7D]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\list\33.9.1000.57\643AFC45880CFD05B9ADC06E6BD8A10F]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\list\33.9.1000.57\7670CA0009D0219F27D7A3253A04D5C8]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\log]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\log\bdtray]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\log\main]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Application Bug\baiduspark\log\render]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\BDLOG]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\BDLOG\baidubrowser]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\BDLOG\BaiduSpark]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Hao123-br]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Hao123-br\hao123desk]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark]
"NextRunDirectSetBaiduBrowser"="0"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\HotToday]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\RC]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\SysData]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\SysData\CurrentTabs_V2]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\SysData\CurrentTabs_V2]
"l_1_c_3_f_1_"="{\"TabIndex\":\"1\",\"accesstime\":\"1418473970\",\"LogicCreatedTime\":\"1418473730\",\"url\":\"http://www.baidu.com.br/s?ie=utf-8&tn=GSE_90v70_qwjeg0fh&wd=baixar%20e%20instalar%20driver%20BAPIDRV\",\"Title\":\"baixar e instalar driver BAPIDRV_Baidu Search\",\"FavIconURL\":\"http://s1.f.shifen.com/r/www/cache/i18n/pt-BR/video/ico/Baidu/favicon.ico\",\"Historyid\":\"30618a9bcdcc9147be525252578b7365\"}"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\SysData\UrllistMetaInfo]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\SysData\UrllistMetaInfo_v2]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\SysData\UserInfoRegister]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\SysData\UserInfoStorage]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\SysData\UserInfoStorage2]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\updateinfo]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\UserData]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\UserData\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\UserData\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\ClosedItemRegister]

"b2833abae753444ca9c49fb171506e0d"="id:b2833abae753444ca9c49fb171506e0d,url:http://www.windowprt.com/bbs/board.php?bo_table=windowfin&wr_id=315377,title:[BAPIDRV64.sys] processo, o que é isso? (C)360.cn Inc.All Rights Reserved. ID:0315377,accesstime:1418474864,faviconurl:http://www.windowprt.com/favicon.ico,"
"9c272e263dc11246af60cb51f4a06c9e"="id:9c272e263dc11246af60cb51f4a06c9e,url:http://www.baidu.com.br/s?ie=utf-8&tn=GSE_90v70_qwjeg0fh&wd=baixar%20e%20instalar%20driver%20BAPIDRV,title:baixar e instalar driver BAPIDRV_Baidu Search,accesstime:1418487457,faviconurl:http://s1.f.shifen.com/r/www/cache/i18n/pt-BR/video/ico/Baidu/favicon.ico,"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\UserData\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\ThumbnailMgr_V2]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\UserData\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\ThumbnailMgr_V2]
"359dc4b5c52105ae769b9aa589938dd2"="{\"path\":\"C:\\\\Users\\\\Sergio\\\\AppData\\\\Roaming\\\\baidu\\\\Spark\\\\UserData\\\\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\\\\ThumbnailFiles\\\\359dc4b5c52105ae769b9aa589938dd2.png\",\"lastupdate\":\"1414619347\",\"thumbnailscore\":\"100\"}"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\UserData\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\ThumbnailMgr_V2]
"fcab66a56221380c32b65a79fa87280b"="{\"path\":\"C:\\\\Users\\\\Sergio\\\\AppData\\\\Roaming\\\\baidu\\\\Spark\\\\UserData\\\\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\\\\ThumbnailFiles\\\\fcab66a56221380c32b65a79fa87280b.png\",\"lastupdate\":\"1418043930\",\"thumbnailscore\":\"100\"}"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\UserData\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\ThumbnailMgr_V2]
"f97a6e50fde586a41a8aa2ba6d596e42"="{\"path\":\"C:\\\\Users\\\\Sergio\\\\AppData\\\\Roaming\\\\baidu\\\\Spark\\\\UserData\\\\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\\\\ThumbnailFiles\\\\f97a6e50fde586a41a8aa2ba6d596e42.png\",\"lastupdate\":\"1418518562\",\"thumbnailscore\":\"100\"}"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\UserData\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\ThumbnailMgr_V2]
"0b452edfc4ff2ce9a573ee7abb25ae09"="{\"path\":\"C:\\\\Users\\\\Sergio\\\\AppData\\\\Roaming\\\\baidu\\\\Spark\\\\UserData\\\\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\\\\ThumbnailFiles\\\\0b452edfc4ff2ce9a573ee7abb25ae09.png\",\"lastupdate\":\"1418388179\",\"thumbnailscore\":\"100\"}"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\UserData\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\ThumbnailMgr_V2]
"077df9976049235911bcfc25d65d9c79"="{\"path\":\"C:\\\\Users\\\\Sergio\\\\AppData\\\\Roaming\\\\baidu\\\\Spark\\\\UserData\\\\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\\\\ThumbnailFiles\\\\077df9976049235911bcfc25d65d9c79.png\",\"lastupdate\":\"1417777312\",\"thumbnailscore\":\"100\"}"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\UserData\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\ThumbnailMgr_V2]
"4d3f7a46c62c127354e08dab02b8b4de"="{\"path\":\"C:\\\\Users\\\\Sergio\\\\AppData\\\\Roaming\\\\baidu\\\\Spark\\\\UserData\\\\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\\\\ThumbnailFiles\\\\4d3f7a46c62c127354e08dab02b8b4de.png\",\"lastupdate\":\"1418389360\",\"thumbnailscore\":\"100\"}"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\UserData\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\ThumbnailMgr_V2]
"dd54be88129162fb2833691868ffea37"="{\"path\":\"C:\\\\Users\\\\Sergio\\\\AppData\\\\Roaming\\\\baidu\\\\Spark\\\\UserData\\\\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\\\\ThumbnailFiles\\\\dd54be88129162fb2833691868ffea37.png\",\"lastupdate\":\"1418479351\",\"thumbnailscore\":\"100\"}"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\UserData\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\ThumbnailMgr_V2]
"a02d5100d32370ef0cb076540dd27a18"="{\"path\":\"C:\\\\Users\\\\Sergio\\\\AppData\\\\Roaming\\\\baidu\\\\Spark\\\\UserData\\\\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\\\\ThumbnailFiles\\\\a02d5100d32370ef0cb076540dd27a18.png\",\"lastupdate\":\"1418519276\",\"thumbnailscore\":\"100\"}"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\UserData\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\Topsites_V2]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\baidu\Spark\UserData\0A73B7929C9546628F097CEEACA6E079530065007200670069006f00\Topsites_V2]
"077df9976049235911bcfc25d65d9c79"="{\"GUID\":\"9093b473f81ceb4a8484e003a2e0f705\",\"URL\":\"http://www.baidu.com.br/s?ie=utf-8&tn=GSE_4if9k_9yb4uvwu&wd=N%C3%BAmero%20Smiles%3A\",\"Thumbnail\":\"\",\"Title\":\"Número Smiles:_Baidu Search\",\"FavIcon\":\"http:\\/\\/s1.f.shifen.com\\/r\\/www\\/cache\\/i18n\\/pt-BR\\/video\\/ico\\/Baidu\\/favicon.ico\",\"Attribute\":\"unknown\"}"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Baidu Security]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Baidu Security\Android Store]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Baidu Security\Android Store\1.2.8.3611]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Baidu Security\Android Store\1.2.8.3611\Install]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Baidu Security\Android Store\1.2.8.3611\Install\1226869]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Baidu Security\Android Store\1.2.8.3611\Install\1226869]
"url"="http://sync.security.baidu.co.th/cgi-bin-py-appstore/get_channel_info_mobile.cgi?install_channel=web|th|official|direct&version=1.2.8.3611&errorcode=0&errortext=&userid=577485d91a9d424f7dc712dd2db5e9bc&install_time=2014-11-08 10:37:17"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Baidu Security\Android Store\1.2.8.3611\UUReport]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Baidu Security\Android Store\Setup]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Baidu Security\PC App Store]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Baidu Security\PC App Store\DataReport]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Baidu Security\PC App Store\Setup]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Clients\StartmenuInternet\BaiduSpark]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Clients\StartmenuInternet\BaiduSpark\Capabilities]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Clients\StartmenuInternet\BaiduSpark\Capabilities\UrlAssociations]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Clients\StartmenuInternet\BaiduSpark\Capabilities\UrlAssociations]
"magnet"="BaiduSpark.Url.magnet"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Clients\StartmenuInternet\Spark\Capabilities\URLAssociations]
"magnet"="BaiduSpark.Url.magnet"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Clients\StartmenuInternet\Spark\DefaultIcon]
@="C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe,0"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Clients\StartmenuInternet\Spark\shell\open\command]
@="C:\\Program Files (x86)\\baidu\\Spark\\Spark.exe"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\22ccb40d_0]
@="{0.0.0.00000000}.{bf9c3e63-4105-44c4-ac4c-a1ef2f2ca561}|\\Device\\HarddiskVolume2\\Program Files (x86)\\baidu\\Spark26.5.9999.3285\\spark.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\6bef7d90_0]
@="{0.0.0.00000000}.{bf9c3e63-4105-44c4-ac4c-a1ef2f2ca561}|\\Device\\HarddiskVolume2\\Program Files (x86)\\baidu\\Spark\\spark.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\81fcfbf8_0]
@="{0.0.0.00000000}.{74b0a056-9d38-42e5-82d5-7549d10ee9ab}|\\Device\\HarddiskVolume2\\Program Files (x86)\\Baidu Security\\PC Faster\\4.0.0.0\\PCFaster.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\8babd70_0]
@="{0.0.0.00000000}.{bf9c3e63-4105-44c4-ac4c-a1ef2f2ca561}|\\Device\\HarddiskVolume2\\Program Files (x86)\\baidu\\Spark\\Spark.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\a59d5a28_0]
@="{0.0.0.00000000}.{74b0a056-9d38-42e5-82d5-7549d10ee9ab}|\\Device\\HarddiskVolume2\\Program Files (x86)\\baidu\\Spark\\spark.exe%b{00000000-0000-0000-0000-000000000000}"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm]
"Progid"="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids]
"BaiduSparkHTML"=hex(0):

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html]
"Progid"="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\OpenWithProgids]
"BaiduSparkHTML"=hex(0):

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht]
"Progid"="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml]
"Progid"="BaiduSparkHTML"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent\OpenWithProgids]
"baiduspark.Torrent"=hex(0):

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn\www]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Opera Software]
"Previous Default Browser"="\"C:\\Program Files (x86)\\baidu\\Spark26.5.9999.3285\\Spark.exe\" -- \"%1\""

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\RegisteredApplications]
"BaiduSpark"="Software\\Clients\\StartMenuInternet\\Spark\\Capabilities"

[HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Safer Networking Limited\Localization]
"C:\\Program Files (x86)\\baidu\\Spark\\"=""

[HKEY_USERS\S-1-5-18\Software\Baidu]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf\list]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf\list\4.0.1.53841]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf\list\4.0.1.53841\9134E30D3A534D1188C107EE9F317605]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf\log]

[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Pcf\log\Updater.exe]

[HKEY_USERS\S-1-5-18\Software\Baidu Security]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Application Bug]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Application Bug\bug]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Application Bug\bug\driver]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Application Bug\bug\driver\120714-49686-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\Application Bug\bug\driver\MEMORY_130624331841872346.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\4.0.0.0]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\4.0.0.0\Install]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\4.0.0.0\Install\1955971]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\4.0.0.0\Install\1955971]
"url"="http://sync.pcfaster.baidu.com/cgi-bin-py/get_channel_info.cgi?install_channel=BAV|gl|upgrade|Bundle&version=4.0.5.70512&errorcode=0&errortext=&userid=577485d91a9d424f7dc712dd2db5e9bc&old_userid=Y0Q3D1SK-1C75087E7A2C!a82b1d75-f596-4e14-93df-244245fd470e@#1C75087E7A2C&install_time=2014-06-13 13:11:09&cost_time=26&file_created_time=2014-06-13 13:10:33"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\4.0.0.0\Install\1956018]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\4.0.0.0\Install\1956018]
"url"="http://sync.security.baidu.co.th/cgi-bin-py/get_channel_info.cgi?install_channel=BAV|gl|upgrade|Bundle&version=4.0.5.70512&errorcode=0&errortext=&userid=577485d91a9d424f7dc712dd2db5e9bc&old_userid=Y0Q3D1SK-1C75087E7A2C!a82b1d75-f596-4e14-93df-244245fd470e@#1C75087E7A2C&install_time=2014-06-13 13:11:09&cost_time=26&file_created_time=2014-06-13 13:10:33"

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\022014-84755-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\022514-36114-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\022514-61916-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\022714-72836-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\123013-63820-01.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\bug\driver\MEMORY_130378026310440203.dmp]

[HKEY_USERS\S-1-5-18\Software\Baidu Security\PC Faster\Setup]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\baiduqqsina.cn\www]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\baiduqqsina.cn\www]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"C:\\Users\\Sergio\\AppData\\Local\\Temp\\Baidu_Secure_SystemUp_4.0.5.70512.exe"=dword:00000001

[HKEY_USERS\S-1-5-18\Software\Safer Networking Limited\Localization]
"C:\\Program Files (x86)\\baidu\\Spark\\"=""

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [25/11/2013 15:28]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [25/11/2013 15:28]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\iobitascsurfingprotection@iobit.com

ExtDir: C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Torntv 3 - %ExtDir%\trtv3@trtv.com.xpi

==== Firefox Plugins ======================


==== Deleted Firefox Extensions ======================

C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\trtv3@trtv.com.xpi deleted

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Administrator\AppData\Local\Torch deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Guest\AppData\Local\Torch deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Torch deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Sergio\AppData\Local\Torch deleted
Fake profile C:\Users\Sergio\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Sergio\AppData\Local\Comodo\Dragon deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaajabnoiehionljhjpclogplgillib - No path found[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[09/10/2013 11:59]
pjaookfpeipnpdmmaofdmeaakjkpjpfh - No path found[]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://br.hao123.com/?tn=sdkb_inner_hp_02_hao123_br"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://www.google.com"
"Start Page"="http://br.hao123.com/?tn=fa_pro_hp_01_hao123_br"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Bar"="http://www.google.com"
"Start Page"="http://br.hao123.com/?tn=fa_pro_hp_01_hao123_br"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
"(Default)"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"=""
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"=""
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"=""
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{33F92111-31BF-4EA5-AE51-9AC888893722} Unknown Url="Not_Found"
{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Unknown Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33F92111-31BF-4EA5-AE51-9AC888893722} deleted successfully
HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hwsetup.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mediacontroller.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pcdiag.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smoothview.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tacsprop.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\teco.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tfcconf.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tfcrst.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tintouch.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tosssdalert.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trmclcher.exe deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_CURRENT_USER\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_UI deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Memory Improve Master deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSUAMain deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spybot-S&D Cleaning deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToshibaAppPlace deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1333WMUJ will be deleted at reboot
C:\Users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ECCU0XR1 will be deleted at reboot
C:\Users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EGUHU6JY will be deleted at reboot
C:\Users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MYY2JX4P will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Sergio\AppData\Local\Spark\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1471 folders=496 1251686452 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Sergio\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Sergio\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1333WMUJ" not found
"C:\Users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ECCU0XR1" not found
"C:\Users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EGUHU6JY" not found
"C:\Users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\MYY2JX4P" not found

==== EOF on 14/12/2014 at 13:04:44,52 ======================
binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por joram Dom 14 Dez 2014, 14:32

Boa Tarde! binalima

> Bastava disponibilizar o relatório da Zoek em Cjoint.com,para o resumo do Post.

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... par Xplode )
>
> Ou daqui: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Ao acessar,clique em "Download Now".
>
> Salve-o no desktop!

< [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] >

> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Ps: Dê início ao scan,clicando em "Examinar". 

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt > 

A+
joram
joram
Administrador
Administrador

Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Dom 14 Dez 2014, 18:34

Em partes..

# AdwCleaner v3.019 - Relatório criado 17/02/2014 às 17:58:56
# Atualizado 17/02/2014 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : Sergio - SERGIO-PC
# Executando de : C:\Users\Sergio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CLHJ8A0A\adwcleaner.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****

Pasta Deletada : C:\ProgramData\apn
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\WinterSoft
Pasta Deletada : C:\ProgramData\Yandex
Pasta Deletada : C:\Program Files (x86)\baidu
[x] Não Deletada : C:\Program Files (x86)\Claro
Pasta Deletada : C:\Program Files (x86)\Mobogenie
Pasta Deletada : C:\Program Files (x86)\ss helper
Pasta Deletada : C:\Program Files (x86)\TornTV.com
Pasta Deletada : C:\Users\Sergio\AppData\Local\cool_mirage
Pasta Deletada : C:\Users\Sergio\AppData\Local\genienext
Pasta Deletada : C:\Users\Sergio\AppData\Local\lollipop
Pasta Deletada : C:\Users\Sergio\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\Sergio\AppData\Local\Softonic
Pasta Deletada : C:\Users\Sergio\AppData\Local\Yandex
Pasta Deletada : C:\Users\Sergio\AppData\LocalLow\SimplyTech
Pasta Deletada : C:\Users\Sergio\AppData\LocalLow\Yandex
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\baidu
[x] Não Deletada : C:\Users\Sergio\AppData\Roaming\Claro
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\iSafe
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\newnext.me
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\Systweak
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\Yandex
Pasta Deletada : C:\Users\Sergio\Documents\Mobogenie
Pasta Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Arquivo Deletada : C:\windows\System32\roboot64.exe
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\Mysearchdial.xml
Arquivo Deletada : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
Arquivo Deletada : C:\Users\Sergio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage

***** [ Atalhos ] *****
binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Dom 14 Dez 2014, 18:35

***** [ Atalhos ] *****

Atalho Desinfectada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
Atalho Desinfectada : C:\Users\Sergio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Atalho Desinfectada : C:\Users\Sergio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera12.15 1748.lnk

***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_eea72b4f
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_bs-player_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_bs-player_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_utorrent_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_utorrent_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Chave Deletedo : HKCU\Software\AVG Nation toolbar
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\Headlight
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\powerpack
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\systweak
Chave Deletedo : HKCU\Software\AppDataLow\Software\SmartBar
Chave Deletedo : HKLM\Software\AVG Nation toolbar
Chave Deletedo : HKLM\Software\AVG Security Toolbar
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\SProtector
Chave Deletedo : HKLM\Software\systweak
binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Dom 14 Dez 2014, 18:36

***** [ Navegadores ] *****

-\\ Internet Explorer v11.0.9600.16428

Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v

[ Arquivo : C:\Users\Sergio\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]

Linha deletada : user_pref("browser.search.defaultenginename", "Mysearchdial");

*************************

AdwCleaner[R0].txt - [18045 octets] - [17/02/2014 17:57:33]
AdwCleaner[S0].txt - [16054 octets] - [17/02/2014 17:58:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16115 octets] ##########
binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por joram Dom 14 Dez 2014, 20:11

Boa Noite! binalima

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Oleg N. Scherbakov )

> Salve-o no desktop!
> Desabilite seu antivírus!
> Para Windows 7,clique direito em JRT.exe e execute-o ... 

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

> Aguarde a conclusão e poste o relatório. ( JRT.txt )

A+
joram
joram
Administrador
Administrador

Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Dom 14 Dez 2014, 22:44

Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by Sergio on 14/12/2014 at 22:36:14,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update jump flip



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\baidu security"
Successfully deleted: [Folder] "C:\Users\Sergio\AppData\Roaming\baidu security"
Successfully deleted: [Folder] "C:\Program Files (x86)\baidu security"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14/12/2014 at 22:39:29,77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por joram Dom 14 Dez 2014, 22:51

Boa Noite! binalima

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Farbar )

> No banner àcima,é para sistemas 32bits!

< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

> No link àcima,é para sistemas 64bits!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Yes" >> "Scan".

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Antes de clicar "Scan",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Optional Scan",deixe marcada a checkbox "Addition.txt".
> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
> Poste os relatórios! (FRST.txt + Addition.txt)

> Como o log será extenso,envie-o à [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> O link ao relatório,que é este assinalado,deverá ser colado em sua resposta.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Ou clique "Copier le lien (*)" e cole o link ao seu Post.

A+
joram
joram
Administrador
Administrador

Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Dom 14 Dez 2014, 23:09

em partes...

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by Sergio (administrator) on SERGIO-PC on 14-12-2014 22:59:43
Running from C:\Users\Sergio\Desktop
Loaded Profile: Sergio (Available profiles: Sergio)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adblock) C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginUni-x32: C:\Program Files (x86)\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco)
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {197d8b67-b83e-11e3-ad24-1c75087e7a2c} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {1980275b-b848-11e3-8e8d-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {286a0033-b840-11e3-8429-1c75087e7a2c} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {2fa6043c-b610-11e3-816b-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {48f0cd64-16e7-11e3-894d-88252ce51665} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {48f0cd73-16e7-11e3-894d-88252ce51665} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {6382ee29-b60a-11e3-b40a-1c75087e7a2c} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {6b829983-4b87-11e3-a2ca-88252ce51665} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {766c97df-b5ae-11e3-9333-1c75087e7a2c} - E:\AutoRun.exe
binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Dom 14 Dez 2014, 23:10

HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {766c97df-b5ae-11e3-9333-1c75087e7a2c} - E:\AutoRun.exe
IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitSmartDefragBootTime.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
SearchScopes: HKLM-x32 -> {5B959B0C-54D4-4D38-829C-CAE6EDEEBF0C} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4064657657-4253216823-4133322302-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1586744 2014-05-05] (Banco Itaú Unibanco)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 189.7.8.34 189.7.8.39 201.6.4.116
Tcpip\..\Interfaces\{A4A98000-5D54-4764-AF70-9E2FFC29E3DB}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: user_pref("browser.startup.homepage", "http://start.iminent.com/?appId=DA4016DE-6AC6-403B-B513-87A77A755C8A");

FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/AuthorwarePlayer -> C:\windows\system32\Macromed\AUTHORWA\np32asw.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-4064657657-4253216823-4133322302-1000: gastecnologia.com.br/sf/uni -> C:\Users\Sergio\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll (GAS Tecnologia)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-11-25]
FF HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [aaaajabnoiehionljhjpclogplgillib] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM-x32\...\Chrome\Extension: [pjaookfpeipnpdmmaofdmeaakjkpjpfh] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
S3 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [527928 2014-05-05] (GAS Tecnologia)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
S3 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-02] (Mister Group)
S3 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)
S3 BASSVC; "C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe" -svc [X]
S3 SparkSvc; "C:\Program Files (x86)\baidu\Spark\sparkservice.exe" -r [X]
S3 SparkUpdater; C:\Program Files (x86)\Baidu\SparkUpdate\Sparkupdate.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
S3 ew_hwusbdev; No ImagePath
S3 ew_usbenumfilter; No ImagePath
S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
S3 huawei_cdcacm; No ImagePath
S3 huawei_enumerator; No ImagePath
S3 huawei_ext_ctrl; No ImagePath
S3 huawei_wwanecm; No ImagePath
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-01] (Intel Corporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2014-06-11] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-06-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [490592 2014-06-11] (Kaspersky Lab ZAO)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-05] (Malwarebytes Corporation)
U0 msahci; No ImagePath
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
U5 regi; C:\Windows\System32\Drivers\regi.sys [14112 2007-04-17] (InterVideo)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3300568 2014-12-03] (Realtek Semiconductor Corporation )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-12-03] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-11-22] ()
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-08-13] (Check Point Software Technologies Ltd.)
S3 WinRing0_1_2_0; No ImagePath
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 BprotectEx; \??\C:\windows\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Dom 14 Dez 2014, 23:11

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-14 22:59 - 2014-12-14 23:03 - 00015245 _____ () C:\Users\Sergio\Desktop\FRST.txt
2014-12-14 22:58 - 2014-12-14 23:00 - 00000000 ____D () C:\FRST
2014-12-14 22:57 - 2014-12-14 22:57 - 02119168 _____ (Farbar) C:\Users\Sergio\Desktop\FRST64.exe
2014-12-14 22:39 - 2014-12-14 22:39 - 00001704 _____ () C:\Users\Sergio\Desktop\JRT.txt
2014-12-14 22:35 - 2014-12-14 22:35 - 00000000 ____D () C:\windows\ERUNT
2014-12-14 22:33 - 2014-12-14 22:33 - 01707646 _____ (Thisisu) C:\Users\Sergio\Desktop\JRT.exe
2014-12-14 18:07 - 2014-12-14 18:07 - 00000000 ____D () C:\ProgramData\ProductData
2014-12-14 18:01 - 2014-12-14 18:01 - 02166272 _____ () C:\Users\Sergio\Desktop\AdwCleaner.exe
2014-12-14 12:57 - 2014-02-13 23:59 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-12-14 11:21 - 2014-12-14 13:04 - 00114035 _____ () C:\zoek-results.log
2014-12-14 11:15 - 2014-12-14 12:34 - 00000000 ____D () C:\zoek_backup
2014-12-14 11:11 - 2014-12-07 23:06 - 01429293 _____ () C:\Users\Sergio\Desktop\zoek.exe.scr
2014-12-14 11:11 - 2014-12-07 23:06 - 01429293 _____ () C:\Users\Sergio\Desktop\zoek.exe.com
2014-12-14 11:11 - 2014-11-30 00:27 - 01295360 _____ () C:\Users\Sergio\Desktop\zoek.exe.exe
2014-12-14 11:09 - 2014-12-14 11:10 - 04134156 _____ () C:\Users\Sergio\Desktop\zoek.zip
2014-12-14 08:35 - 2014-12-14 08:35 - 00000000 ____D () C:\windows\system32\appraiser
2014-12-14 08:22 - 2014-10-18 00:05 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2014-12-14 08:22 - 2014-10-17 23:33 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2014-12-14 08:16 - 2014-12-04 00:50 - 00830976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2014-12-14 08:16 - 2014-12-04 00:50 - 00741376 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2014-12-14 08:16 - 2014-12-04 00:50 - 00413184 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-12-14 08:16 - 2014-12-04 00:50 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-12-14 08:16 - 2014-12-04 00:50 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-12-14 08:16 - 2014-12-04 00:50 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-12-14 08:16 - 2014-12-04 00:44 - 01083392 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-12-14 08:16 - 2014-12-01 21:28 - 01232040 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2014-12-14 08:16 - 2014-11-26 23:43 - 00389296 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-12-14 08:16 - 2014-11-26 23:10 - 00342200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-12-14 08:16 - 2014-11-22 01:13 - 25059840 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-12-14 08:16 - 2014-11-22 01:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-12-14 08:16 - 2014-11-22 01:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-12-14 08:16 - 2014-11-22 00:50 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-12-14 08:16 - 2014-11-22 00:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-12-14 08:16 - 2014-11-22 00:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-12-14 08:16 - 2014-11-22 00:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-12-14 08:16 - 2014-11-22 00:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-12-14 08:16 - 2014-11-22 00:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-12-14 08:16 - 2014-11-22 00:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-12-14 08:16 - 2014-11-22 00:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-12-14 08:16 - 2014-11-22 00:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-12-14 08:16 - 2014-11-22 00:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-12-14 08:16 - 2014-11-22 00:34 - 06039552 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-12-14 08:16 - 2014-11-22 00:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-12-14 08:16 - 2014-11-22 00:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-12-14 08:16 - 2014-11-22 00:22 - 19749376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-12-14 08:16 - 2014-11-22 00:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-12-14 08:16 - 2014-11-22 00:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-12-14 08:16 - 2014-11-22 00:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-12-14 08:16 - 2014-11-22 00:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-12-14 08:16 - 2014-11-22 00:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-12-14 08:16 - 2014-11-22 00:07 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-12-14 08:16 - 2014-11-22 00:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-12-14 08:16 - 2014-11-22 00:06 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-12-14 08:16 - 2014-11-22 00:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-12-14 08:16 - 2014-11-22 00:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-12-14 08:16 - 2014-11-22 00:01 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-12-14 08:16 - 2014-11-21 23:59 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-12-14 08:16 - 2014-11-21 23:58 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-12-14 08:16 - 2014-11-21 23:56 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-12-14 08:16 - 2014-11-21 23:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-12-14 08:16 - 2014-11-21 23:54 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-12-14 08:16 - 2014-11-21 23:49 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-12-14 08:16 - 2014-11-21 23:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-12-14 08:16 - 2014-11-21 23:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-12-14 08:16 - 2014-11-21 23:46 - 02125312 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-12-14 08:16 - 2014-11-21 23:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-12-14 08:16 - 2014-11-21 23:43 - 14412800 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-12-14 08:16 - 2014-11-21 23:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-14 08:16 - 2014-11-21 23:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-12-14 08:16 - 2014-11-21 23:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-12-14 08:16 - 2014-11-21 23:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-12-14 08:16 - 2014-11-21 23:29 - 04299264 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-12-14 08:16 - 2014-11-21 23:28 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-12-14 08:16 - 2014-11-21 23:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-12-14 08:16 - 2014-11-21 23:22 - 02052096 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-12-14 08:16 - 2014-11-21 23:21 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-12-14 08:16 - 2014-11-21 23:15 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-12-14 08:16 - 2014-11-21 23:13 - 12836864 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-12-14 08:16 - 2014-11-21 23:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-12-14 08:16 - 2014-11-21 23:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-12-14 08:16 - 2014-11-21 22:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-12-14 08:16 - 2014-11-21 22:54 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-12-14 08:16 - 2014-11-11 01:09 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-12-14 08:16 - 2014-11-11 00:44 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-12-14 08:16 - 2014-11-10 23:46 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2014-12-14 08:12 - 2014-11-08 01:16 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-12-14 08:12 - 2014-11-08 00:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-12-14 08:06 - 2014-10-30 00:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2014-12-14 08:06 - 2014-10-29 23:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2014-12-14 08:06 - 2014-10-03 00:12 - 02020352 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2014-12-14 08:06 - 2014-10-03 00:12 - 00346624 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2014-12-14 08:06 - 2014-10-03 00:12 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2014-12-14 08:06 - 2014-10-03 00:12 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2014-12-14 08:06 - 2014-10-03 00:11 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2014-12-14 08:06 - 2014-10-02 23:45 - 01177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2014-12-14 08:06 - 2014-10-02 23:45 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-14 08:06 - 2014-10-02 23:45 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2014-12-14 08:06 - 2014-10-02 23:45 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2014-12-14 08:06 - 2014-10-02 23:44 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2014-12-14 08:00 - 2014-12-14 08:00 - 00001418 _____ () C:\Users\Sergio\Desktop\Internet Explorer.lnk
2014-12-13 19:22 - 2014-12-14 18:39 - 00000560 _____ () C:\windows\setupact.log
2014-12-13 19:22 - 2014-12-14 18:10 - 00004812 _____ () C:\windows\PFRO.log
2014-12-13 19:22 - 2014-12-13 19:22 - 00000000 _____ () C:\windows\setuperr.log
2014-12-13 11:43 - 2014-12-14 00:24 - 00008043 _____ () C:\Users\Sergio\Downloads\hijackthis.log
2014-12-13 11:41 - 2014-12-13 11:41 - 00388608 _____ (Trend Micro Inc.) C:\Users\Sergio\Downloads\HijackThis.exe
2014-12-13 10:34 - 2014-12-13 11:28 - 00000000 ____D () C:\ProgramData\SystemExplorer
2014-12-13 10:33 - 2014-12-13 10:33 - 01903184 _____ (Mister Group ) C:\Users\Sergio\Downloads\SystemExplorerSetup_610.exe
2014-12-13 10:33 - 2014-12-13 10:33 - 00001103 _____ () C:\Users\Public\Desktop\System Explorer.lnk
2014-12-13 10:33 - 2014-12-13 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2014-12-13 10:33 - 2014-12-13 10:33 - 00000000 ____D () C:\Program Files (x86)\System Explorer
2014-12-13 10:19 - 2014-12-13 10:21 - 00339384 _____ () C:\windows\system32\FNTCACHE.DAT
2014-12-13 09:07 - 2014-12-13 09:07 - 00085752 _____ () C:\Users\Sergio\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-12 07:41 - 2014-12-14 22:33 - 00609905 _____ () C:\windows\WindowsUpdate.log
2014-12-11 16:22 - 2014-11-25 09:12 - 00450773 _____ () C:\windows\system32\Drivers\etc\hosts.20141211-162247.backup
2014-12-11 08:50 - 2014-12-11 08:50 - 00015712 ____H () C:\windows\SysWOW64\binary_prog_stub
2014-12-09 12:42 - 2014-12-09 12:43 - 37962608 _____ () C:\Users\Sergio\Downloads\como deixar o windows 7 100% mais rápido ( sem programas 2014 ).mp4
2014-12-09 12:27 - 2014-12-09 12:28 - 71874578 _____ () C:\Users\Sergio\Downloads\como deixa seu pc rapido. sem ficar travando ou demorando pra carega janela.mp4
2014-12-07 12:08 - 2014-12-07 12:08 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Sergio\Downloads\SpyHunter-Installer.exe
2014-12-05 08:34 - 2014-12-05 08:34 - 01881435 _____ () C:\Users\Sergio\Downloads\Video(1).mov
2014-12-04 08:06 - 2014-12-04 08:06 - 00000025 _____ () C:\Users\Sergio\Desktop\pluginbarseq.json
2014-12-03 13:51 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_7.dll
2014-12-03 13:51 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_7.dll
2014-12-03 13:51 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_7.dll
2014-12-03 13:51 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_7.dll
2014-12-03 13:51 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_5.dll
2014-12-03 13:51 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_5.dll
2014-12-03 13:51 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_43.dll
2014-12-03 13:51 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_43.dll
2014-12-03 13:51 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_43.dll
2014-12-03 13:51 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_43.dll
2014-12-03 13:51 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_43.dll
2014-12-03 13:51 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_43.dll
2014-12-03 13:51 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_43.dll
2014-12-03 13:51 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_43.dll
2014-12-03 13:51 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_43.dll
2014-12-03 13:51 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_43.dll
2014-12-03 13:51 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_6.dll
2014-12-03 13:51 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_6.dll
2014-12-03 13:51 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_6.dll
2014-12-03 13:51 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_6.dll
2014-12-03 13:51 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_4.dll
2014-12-03 13:51 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_4.dll
2014-12-03 13:51 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_7.dll
2014-12-03 13:51 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_7.dll
2014-12-03 13:50 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_5.dll
2014-12-03 13:50 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_5.dll
2014-12-03 13:50 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_5.dll
2014-12-03 13:50 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_3.dll
2014-12-03 13:50 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_42.dll
2014-12-03 13:50 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_42.dll
2014-12-03 13:50 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_42.dll
2014-12-03 13:50 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_42.dll
2014-12-03 13:50 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_42.dll
2014-12-03 13:50 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_42.dll
2014-12-03 13:50 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_42.dll
2014-12-03 13:50 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_42.dll
2014-12-03 13:50 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_4.dll
2014-12-03 13:50 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_4.dll
2014-12-03 13:50 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_4.dll
2014-12-03 13:50 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_4.dll
2014-12-03 13:50 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_6.dll
2014-12-03 13:50 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_6.dll
2014-12-03 13:50 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_41.dll
2014-12-03 13:50 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_41.dll
2014-12-03 13:50 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_41.dll
2014-12-03 13:50 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_41.dll
2014-12-03 13:50 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_3.dll
2014-12-03 13:50 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_3.dll
2014-12-03 13:50 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_3.dll
2014-12-03 13:50 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_3.dll
2014-12-03 13:50 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_2.dll
2014-12-03 13:50 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_2.dll
2014-12-03 13:50 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_5.dll
2014-12-03 13:50 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_5.dll
2014-12-03 13:50 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_40.dll
2014-12-03 13:50 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_40.dll
2014-12-03 13:50 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_40.dll
2014-12-03 13:50 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_40.dll
2014-12-03 13:50 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_40.dll
2014-12-03 13:50 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_40.dll
2014-12-03 13:50 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_2.dll
2014-12-03 13:50 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_2.dll
2014-12-03 13:50 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_1.dll
2014-12-03 13:50 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_1.dll
2014-12-03 13:50 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_2.dll
2014-12-03 13:50 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_2.dll
2014-12-03 13:50 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_39.dll
2014-12-03 13:50 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_39.dll
2014-12-03 13:50 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_39.dll
2014-12-03 13:50 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_39.dll
2014-12-03 13:50 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_39.dll
2014-12-03 13:50 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_39.dll
2014-12-03 13:50 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_1.dll
2014-12-03 13:50 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_1.dll
2014-12-03 13:50 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_1.dll
2014-12-03 13:50 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_1.dll
2014-12-03 13:50 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_0.dll
2014-12-03 13:50 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_0.dll
2014-12-03 13:50 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_4.dll
2014-12-03 13:50 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_4.dll
2014-12-03 13:50 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_38.dll
2014-12-03 13:50 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_38.dll
2014-12-03 13:50 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_38.dll
2014-12-03 13:50 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_38.dll
2014-12-03 13:50 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_38.dll
2014-12-03 13:50 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_38.dll
2014-12-03 13:50 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_0.dll
2014-12-03 13:50 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_0.dll
2014-12-03 13:50 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_0.dll
2014-12-03 13:50 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_0.dll
2014-12-03 13:50 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_3.dll
2014-12-03 13:50 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_3.dll
2014-12-03 13:50 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_37.dll
2014-12-03 13:50 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_37.dll
2014-12-03 13:50 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_37.dll
2014-12-03 13:50 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_37.dll
2014-12-03 13:50 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_37.dll
2014-12-03 13:50 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_37.dll
2014-12-03 13:44 - 2014-12-03 13:44 - 00319912 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2014-12-03 13:44 - 2014-12-03 13:44 - 00189352 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2014-12-03 13:44 - 2014-12-03 13:44 - 00189352 _____ (Oracle Corporation) C:\windows\system32\java.exe
2014-12-03 13:44 - 2014-12-03 13:44 - 00111016 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2014-12-03 13:44 - 2014-12-03 13:44 - 00000000 ____D () C:\Program Files\Java
2014-12-03 13:43 - 2014-12-03 13:42 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-12-03 13:43 - 2014-12-03 13:42 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-12-03 13:43 - 2014-12-03 13:42 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-12-03 13:43 - 2014-12-03 13:42 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-03 13:42 - 2014-12-03 13:42 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-03 13:40 - 2014-12-03 13:40 - 00033008 _____ (Synaptics Incorporated) C:\windows\system32\Drivers\Smb_driver_Intel.sys
2014-12-03 13:38 - 2014-12-03 13:38 - 03300568 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtwlane.sys
2014-12-03 09:56 - 2014-12-07 11:33 - 00003170 _____ () C:\windows\System32\Tasks\SmartDefrag3_Startup
2014-12-03 09:56 - 2014-12-07 11:33 - 00003168 _____ () C:\windows\System32\Tasks\SmartDefrag3_Update
2014-12-03 09:38 - 2014-12-03 09:38 - 00001190 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-12-03 09:38 - 2014-12-03 09:38 - 00001183 _____ () C:\Users\Public\Desktop\Smart Defrag 3.lnk
2014-12-03 09:38 - 2014-12-03 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2014-12-03 09:38 - 2014-12-03 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2014-12-03 09:38 - 2014-06-04 15:17 - 00021184 _____ (IObit) C:\windows\system32\Drivers\SmartDefragDriver.sys
2014-12-03 09:21 - 2014-12-07 11:34 - 00002890 _____ () C:\windows\System32\Tasks\Uninstaller_SkipUac_Sergio
2014-12-03 09:21 - 2014-12-03 13:51 - 00002161 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2014-12-03 09:21 - 2014-12-03 09:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-12-03 09:20 - 2014-12-07 11:33 - 00003170 _____ () C:\windows\System32\Tasks\ASC8_PerformanceMonitor
2014-12-03 09:11 - 2014-12-03 09:11 - 00001251 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-12-03 09:10 - 2014-12-07 11:33 - 00002858 _____ () C:\windows\System32\Tasks\ASC8_SkipUac_Sergio
2014-12-03 09:09 - 2014-12-13 18:58 - 00002198 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2014-12-03 09:09 - 2014-12-03 09:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2014-12-03 09:04 - 2014-12-03 09:05 - 43043624 _____ (IObit ) C:\Users\Sergio\Downloads\advanced-systemcare-setup.exe
2014-12-01 08:47 - 2014-12-01 08:50 - 00000000 ____D () C:\Escritura Venda Casa Senalba
2014-11-30 18:17 - 2014-11-30 18:17 - 00007088 _____ () C:\bootsqm.dat
2014-11-30 15:05 - 2014-07-16 06:24 - 00029496 _____ (TuneUp Software) C:\windows\system32\authuitu.dll
2014-11-30 15:05 - 2014-07-16 06:24 - 00025400 _____ (TuneUp Software) C:\windows\SysWOW64\authuitu.dll
2014-11-30 15:04 - 2014-07-16 06:24 - 00043320 _____ (TuneUp Software) C:\windows\system32\uxtuneup.dll
2014-11-30 15:04 - 2014-07-16 06:24 - 00036152 _____ (TuneUp Software) C:\windows\SysWOW64\uxtuneup.dll
2014-11-24 13:45 - 2014-11-24 13:45 - 00000000 __SHD () C:\Users\Sergio\AppData\Local\EmieUserList
2014-11-24 13:45 - 2014-11-24 13:45 - 00000000 __SHD () C:\Users\Sergio\AppData\Local\EmieSiteList
2014-11-24 13:45 - 2014-11-24 13:45 - 00000000 __SHD () C:\Users\Sergio\AppData\Local\EmieBrowserModeList
2014-11-21 16:41 - 2014-11-11 01:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-21 16:41 - 2014-11-11 01:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-21 16:41 - 2014-11-11 00:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-21 16:41 - 2014-11-11 00:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-11-21 16:06 - 2014-11-22 10:23 - 00016152 _____ () C:\windows\system32\Drivers\SWDUMon.sys
2014-11-21 16:06 - 2014-11-21 16:06 - 00000000 ____D () C:\Users\Sergio\AppData\Local\SlimWare Utilities Inc
2014-11-21 16:05 - 2014-11-21 16:05 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-11-21 16:04 - 2014-11-21 16:05 - 00940352 _____ (SlimWare Utilities, Inc.) C:\Users\Sergio\Downloads\SlimDrivers-setup (1).exe
2014-11-21 13:16 - 2014-11-21 13:18 - 86989752 _____ (Intel Corporation) C:\Users\Sergio\Downloads\intel_n0acd8b67bbd0.exe
2014-11-21 10:33 - 2014-11-21 10:33 - 00016896 _____ (ASUS) C:\windows\AsTaskSched.dll
2014-11-21 10:26 - 2014-11-21 10:27 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-11-21 10:26 - 2014-11-21 10:26 - 00001769 _____ () C:\windows\Language_trs.ini
2014-11-21 10:26 - 2014-01-28 01:16 - 00028672 _____ (ASUSTek Computer Inc.) C:\windows\SysWOW64\AsIO.dll
2014-11-21 10:26 - 2014-01-28 01:16 - 00015232 _____ () C:\windows\SysWOW64\Drivers\AsIO.sys
2014-11-21 10:17 - 2014-11-21 10:23 - 322802903 _____ () C:\Users\Sergio\Downloads\asus_n5b108276af07.zip
2014-11-19 09:01 - 2014-12-05 14:20 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-19 09:00 - 2014-12-05 14:19 - 00001123 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-19 09:00 - 2014-12-05 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-19 09:00 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-11-19 09:00 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-11-19 09:00 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-11-19 08:53 - 2014-11-19 08:58 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Sergio\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-17 18:49 - 2014-11-17 18:49 - 00000327 _____ () C:\Users\Sergio\Desktop\Ferramentas de diagnóstico da impressora HP.url
2014-11-17 18:36 - 2014-11-17 18:36 - 00000000 ____D () C:\windows\Hewlett-Packard
2014-11-17 10:04 - 2014-11-17 10:04 - 02436902 _____ () C:\Users\Sergio\AppData\Local[j0002]-[p12].bmp
2014-11-17 10:04 - 2014-11-17 10:04 - 02436902 _____ () C:\Users\Sergio\AppData\Local[j0002]-[p11].bmp
2014-11-17 10:04 - 2014-11-17 10:04 - 02436902 _____ () C:\Users\Sergio\AppData\Local[j0002]-[p10].bmp
2014-11-17 10:00 - 2014-11-17 10:31 - 00000000 ____D () C:\Users\Sergio\Documents\Arras Venda Senalba
2014-11-16 18:02 - 2014-11-20 07:52 - 00000000 ____D () C:\Certidão de Casamento
binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Dom 14 Dez 2014, 23:11

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-14 22:43 - 2013-09-13 08:42 - 00000000 ____D () C:\Users\Sergio\AppData\Local\CrashDumps
2014-12-14 22:16 - 2011-06-17 20:36 - 00000000 ____D () C:\Filmes
2014-12-14 18:47 - 2009-07-14 02:45 - 00019248 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-14 18:47 - 2009-07-14 02:45 - 00019248 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-14 18:39 - 2009-07-14 03:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-14 18:07 - 2014-02-17 18:57 - 00000000 ____D () C:\AdwCleaner
2014-12-14 13:04 - 2014-08-16 14:13 - 00000008 __RSH () C:\Users\Sergio\ntuser.pol
2014-12-14 13:04 - 2014-04-18 10:44 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-14 13:04 - 2013-06-20 15:48 - 00000000 ____D () C:\Users\Sergio
2014-12-14 12:50 - 2013-06-21 12:58 - 00000000 ____D () C:\Users\Sergio\AppData\Local\PokerStars
2014-12-14 12:34 - 2014-10-29 09:16 - 00000000 ____D () C:\Users\Sergio\AppData\Local\Comodo
2014-12-14 12:34 - 2014-10-29 09:16 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-12-14 12:34 - 2014-10-29 09:16 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-12-14 12:34 - 2014-10-29 09:16 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-12-14 12:34 - 2014-10-29 09:16 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-12-14 12:34 - 2014-10-29 09:16 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-12-14 12:34 - 2014-10-29 09:16 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-12-14 12:34 - 2013-06-20 16:11 - 00000000 ____D () C:\Users\Sergio\AppData\Local\Google
2014-12-14 12:16 - 2009-07-14 01:20 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2014-12-14 12:16 - 2009-07-14 01:20 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2014-12-14 11:24 - 2014-11-02 10:38 - 00005609 ____H () C:\windows\SysWOW64\BTImages.dat
2014-12-14 09:48 - 2014-09-25 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-14 09:48 - 2014-04-30 21:44 - 00002547 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-12-14 09:48 - 2013-06-20 16:55 - 00000000 ____D () C:\ProgramData\Skype
2014-12-14 08:35 - 2014-09-30 14:45 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-12-14 08:35 - 2009-07-14 01:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-12-14 08:32 - 2013-08-14 13:51 - 00000000 ____D () C:\windows\system32\MRT
2014-12-14 08:24 - 2013-06-30 12:43 - 112710672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-12-14 00:23 - 2013-08-24 13:34 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-12-13 23:11 - 2013-08-05 10:07 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-13 23:07 - 2013-01-01 12:47 - 00000000 ____D () C:\Series
2014-12-13 15:40 - 2014-09-30 12:35 - 00000000 ____D () C:\Users\Sergio\AppData\Roaming\IObit
2014-12-13 15:40 - 2013-06-21 13:18 - 00000000 ____D () C:\windows\system32\Macromed
2014-12-13 15:40 - 2009-07-14 01:20 - 00000000 ____D () C:\windows\servicing
2014-12-13 15:40 - 2009-07-14 01:20 - 00000000 ____D () C:\windows\registration
2014-12-13 15:40 - 2009-07-14 01:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-13 15:39 - 2014-11-02 09:51 - 00000000 ____D () C:\Users\Sergio\Desktop\Tor Browser
2014-12-13 15:39 - 2014-07-07 20:13 - 00000000 ____D () C:\Users\Sergio\AppData\Local\GAS Tecnologia
2014-12-13 15:39 - 2009-07-14 01:20 - 00000000 ____D () C:\windows\AppCompat
2014-12-13 11:43 - 2013-06-20 15:49 - 00000000 ____D () C:\Users\Sergio\AppData\Local\VirtualStore
2014-12-12 12:19 - 2014-07-07 20:12 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2014-12-12 08:42 - 2014-10-27 13:52 - 00004060 _____ () C:\windows\System32\Tasks\SparkUpdater
2014-12-11 14:22 - 2013-06-23 13:08 - 00000000 ____D () C:\Users\Sergio\AppData\Local\FullTiltPoker
2014-12-11 14:22 - 2013-06-23 13:08 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker
2014-12-08 20:01 - 2013-06-20 16:15 - 00000000 ____D () C:\windows\Minidump
2014-12-08 14:34 - 2013-12-05 17:31 - 00000000 ____D () C:\Users\Sergio\Documents\Minhas digitalizações
2014-12-07 12:15 - 2014-08-24 15:44 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-12-07 11:33 - 2014-09-30 12:36 - 00002858 _____ () C:\windows\System32\Tasks\Driver Booster SkipUAC (Sergio)
2014-12-06 11:36 - 2014-08-26 14:37 - 00001156 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player PRO.lnk
2014-12-06 11:36 - 2014-08-26 14:37 - 00001150 _____ () C:\Users\Public\Desktop\BS.Player PRO.lnk
2014-12-05 14:19 - 2014-09-18 18:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-05 10:38 - 2013-06-20 16:55 - 00000000 ____D () C:\Users\Sergio\AppData\Roaming\Skype
2014-12-04 07:56 - 2014-10-11 11:38 - 00000902 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-12-03 13:46 - 2014-02-19 17:25 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-12-03 13:46 - 2014-02-19 17:25 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-03 13:46 - 2014-02-19 17:25 - 00003842 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-12-03 09:38 - 2014-09-30 12:34 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-12-03 09:10 - 2014-09-30 12:35 - 00000000 ____D () C:\ProgramData\IObit
2014-12-03 02:56 - 2013-06-21 18:16 - 00000000 ____D () C:\windows\System32\Tasks\Games
2014-11-30 15:06 - 2014-11-05 08:38 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-11-24 14:04 - 2013-06-20 17:47 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-11-24 13:44 - 2010-10-27 01:28 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-24 13:29 - 2013-08-05 10:08 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-24 11:28 - 2013-06-21 12:58 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-11-21 09:20 - 2009-07-14 00:34 - 86769664 _____ () C:\windows\system32\config\SOFTWARE_tureg_old
2014-11-21 09:20 - 2009-07-14 00:34 - 29622272 _____ () C:\windows\system32\config\SYSTEM_tureg_old
2014-11-21 09:20 - 2009-07-14 00:34 - 00024576 _____ () C:\windows\system32\config\SECURITY_tureg_old
2014-11-21 09:15 - 2009-07-14 00:34 - 44408832 _____ () C:\windows\system32\config\COMPONENTS_tureg_old
2014-11-21 09:15 - 2009-07-14 00:34 - 04980736 _____ () C:\windows\system32\config\DEFAULT_tureg_old
2014-11-21 09:15 - 2009-07-14 00:34 - 00057344 _____ () C:\windows\system32\config\SAM_tureg_old
2014-11-20 18:58 - 2013-07-25 23:17 - 00054784 ___SH () C:\Users\Sergio\Documents\Thumbs.db
2014-11-17 18:39 - 2013-11-25 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-11-16 13:39 - 2009-07-14 00:34 - 00450773 ____R () C:\windows\system32\Drivers\etc\hosts.20141125-091204.backup

Some content of TEMP:
====================
C:\Users\Sergio\AppData\Local\Temp\Quarantine.exe
C:\Users\Sergio\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Dom 14 Dez 2014, 23:13

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2014 01
Ran by Sergio at 2014-12-14 23:05:31
Running from C:\Users\Sergio\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ZoneAlarm Antivirus (Enabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Anti-Spyware (Enabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
FW: ZoneAlarm Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3600_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
Arquivo do WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
BPD_Scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.67.1076 - AB Team, d.o.o.)
BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version: - )
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team)
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
Fax (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.3.916 - Foxit Software Inc.)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 5.19.0.WIN.FullTilt.COM - )
GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Guardião - Itaú 30 horas (HKLM-x32\...\{70e5f739-1d2a-40ae-bbc9-4b3e6af4c831}_is1) (Version: 3.8.0.1 - )
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP OfficeJet J3600 (HKLM\...\{269402AB-D600-4961-80EF-779CB346D29E}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.5.24 - IObit)
IRPF2014 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM-x32\...\IRPF2014) (Version: 1.4 - Receita Federal do Brasil)
J3600 (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
Malwarebytes Anti-Malware versão 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{01db25f3-1b76-4d97-88c8-1c90634d88fb}) (Version: 11.0.60610.1 - Корпорация Майкрософт)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.104 - Panda Security)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars) <==== ATTENTION!
ProductContext (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.86.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.04 - Serpro - Serviço Federal de Processamento de Dados)
Scan (x32 Version: 140.0.167.000 - Hewlett-Packard) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: - )
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
SmartWebPrinting (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.2.13 - Synaptics Incorporated)
System Explorer 6.1.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.11 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.07.64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.11.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.6C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.22C - TOSHIBA CORPORATION)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.9C - TOSHIBA CORPORATION)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.19.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (pt-BR) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Utility Common Driver (x32 Version: 1.0.52.1C - TOSHIBA) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
ZoneAlarm Antivirus (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.3.209.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Dom 14 Dez 2014, 23:14

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4064657657-4253216823-4133322302-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0013}\InprocServer32 -> C:\Users\Sergio\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-4064657657-4253216823-4133322302-1000_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0013}\InprocServer32 -> C:\Users\Sergio\AppData\Local\GAS Tecnologia\GBBD\npsf_uni_64.dll (GAS Tecnologia)

==================== Restore Points =========================

12-12-2014 13:42:32 Windows Update
13-12-2014 11:09:59 Driver Booster : Adobe Flash Player ActiveX
13-12-2014 11:25:35 Installed TOSHIBA System Driver.
13-12-2014 12:46:19 Windows Update
14-12-2014 10:17:40 Windows Update
14-12-2014 13:21:24 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 00:34 - 2014-12-11 16:23 - 00450831 ____R C:\windows\system32\Drivers\etc\hosts
127.0.0.1 [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
127.0.0.1 008k.com
127.0.0.1 [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
127.0.0.1 032439.com
127.0.0.1 [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
127.0.0.1 1001namen.com
127.0.0.1 [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
127.0.0.1 100888290cs.com
127.0.0.1 [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
127.0.0.1 [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
127.0.0.1 [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
127.0.0.1 123haustiereundmehr.com
127.0.0.1 [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
127.0.0.1 123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06D05863-8E65-4671-83B5-5BB56D7E7758} - System32\Tasks\{41455088-26F2-4372-BA61-EB6B9392F45F} => C:\Program Files (x86)\PokerStars\Tracer.exe [2013-06-21] (PokerStars)
Task: {15D55F0C-F586-497E-AF92-0535C6940BED} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-03] (Adobe Systems Incorporated)
Task: {1FB12929-0CA0-4265-82BA-517A617D41A9} - System32\Tasks\HP online update program => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {2C4C38C6-CD53-4493-87E2-5E2B68C07C07} - System32\Tasks\{69192696-DE8E-4C3D-BFA4-AFCDBF8EA3EE} => pcalua.exe -a C:\Users\Sergio\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=tugs
Task: {3BE47CD1-99B1-47FC-ADE0-62147BEC8C47} - System32\Tasks\{F54341E1-E1E6-4773-817E-475B6D23D0A7} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {3D9C0A88-318B-42E7-8F46-2526774C68BC} - System32\Tasks\{2D449190-32D1-461D-A630-1A4103BA70DF} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {3F6F19C1-645B-4D07-B207-BFC9DD36F35C} - System32\Tasks\{B372FAC9-E728-4DA7-86AD-00BA4CAD4489} => pcalua.exe -a "C:\Users\Sergio\AppData\Roaming\Easeware\DriverEasy\drivers\sk5dh1xb.trv\chipset INFs\Ssetup.exe" -d "C:\Users\Sergio\AppData\Roaming\Easeware\DriverEasy\drivers\sk5dh1xb.trv\chipset INFs"
Task: {45CCE12C-AC2F-4922-B630-174520BD4CFA} - System32\Tasks\{A1F85854-B40C-4157-8C6B-CAC66C811C25} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {4E2DB6D1-61AF-4A63-AB64-1F0AB8F54779} - \Browser Updater\Browser Updater No Task File <==== ATTENTION
Task: {553F06A9-622D-4B6A-9A84-38172E0E03CC} - System32\Tasks\{A7A1692C-5A64-4CA7-8BCC-711527B7028F} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {71607D8D-6255-4B3C-A7B8-3C59321487D8} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2014-11-26] (IObit)
Task: {7282923A-2FC5-4370-9A58-D815BA358768} - System32\Tasks\{38BE1A07-DD1D-4D23-A92D-92B2A889D29B} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {75F52AE7-5C3A-425D-A5AE-25ACD9841CD8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {7B66238B-BAA0-4F05-BFEF-CD8C1D5ADE52} - System32\Tasks\{EC718F39-6604-4C52-B5A7-ABEFE8C97137} => C:\Program Files (x86)\PokerStars\Tracer.exe [2013-06-21] (PokerStars)
Task: {7F9DF3B9-7E13-4FBB-B6C6-905144738C10} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {8025E6C7-A16E-4C17-99F2-1E1CFC1FD4B3} - System32\Tasks\{931C02BC-85DE-424B-AEED-F019F43F805E} => pcalua.exe -a C:\Users\Sergio\AppData\Roaming\Easeware\DriverEasy\drivers\5qcnpzqc.bgk\Win7Vista_64_152258.exe -d C:\Users\Sergio\AppData\Roaming\Easeware\DriverEasy\drivers\5qcnpzqc.bgk
Task: {895DB7ED-90B5-4B2E-B942-FDE7F01C1899} - System32\Tasks\SparkUpdater => C:\Program Files (x86)\baidu\Spark\SparkUpdate.exe
Task: {8E0DC012-9D64-45FD-B4DD-1CC2AC68C2C7} - System32\Tasks\{F16D5B09-B43C-4A43-93F7-53790F4D4DA2} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {93472383-679A-42A1-A124-A78ED1075A7B} - System32\Tasks\{FD9F3268-0665-47CF-9AAC-4E4A39A50256} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {A1872ACD-17E2-4A6A-A907-8A873ABAF691} - System32\Tasks\{FDE2E1C9-15C7-47CC-AED0-72940940E669} => pcalua.exe -a C:\Users\Sergio\Downloads\comprovante-reemetido-do-vencimento-04-2014.cpl
Task: {A4B9F44C-8D53-4341-B7E1-C4144B97B65C} - System32\Tasks\{3FC5EE11-5DF2-4C77-BCD3-04389D716636} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {B05663AC-A852-48B8-85D0-B298DB5046E3} - System32\Tasks\{6371DB09-B7AE-4BD3-B595-6F346A8FA76F} => pcalua.exe -a E:\Claro\Setup.exe -d E:\Claro
Task: {B8EBD2E4-8CA4-4ABF-8785-0A890AB04F83} - System32\Tasks\{5BD34FD2-E6B4-4357-A955-D7B9C724B394} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {BCF4A1EC-A654-415C-AAE0-52AF5F1FC8A3} - System32\Tasks\Java Update Scheduler => c:\program files (x86)\common files\java\java update\jusched.exe [2014-09-26] (Oracle Corporation)
Task: {C16A2961-1A90-46AB-B12C-E538CF4B19D4} - System32\Tasks\Driver Booster SkipUAC (Sergio) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-10-28] (IObit)
Task: {C3FB454D-AAE3-4A22-A7C0-3F76F9F72819} - System32\Tasks\ASC8_SkipUac_Sergio => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-11-26] (IObit)
Task: {CA6C4EAA-365D-4D7C-A352-8BFEB4C13965} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {CC2BD2DC-A31E-423B-8FBE-B2EC7CE28845} - System32\Tasks\Uninstaller_SkipUac_Sergio => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-11-04] (IObit)
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
Task: {EE2E585A-5E6F-4D9B-B414-0E1073307E7A} - System32\Tasks\{55440E39-0B9B-4AB1-AE7B-82419C1E0DE0} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {FD35AD41-8B50-48FB-B54F-B036D3506A5A} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-11-04] (IObit)
Task: {FD645717-4417-49DF-BE66-243D695A36F7} - \060184C3-9766-46a0-B258-F4518A0B2633 No Task File <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-12-03 09:09 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\windows\System32:E8DDA633_Uni.gbp
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\Users\Sergio\Documents\Oi Telefone.tiff:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Sergio\Documents\Oi Telefone.tiff:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: PCAppStoreSvc_{PCAppStore_3.15.8.4011} => 2
MSCONFIG\startupreg: 00TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: HWSetup => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
MSCONFIG\startupreg: KeNotify => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
MSCONFIG\startupreg: RtHDVCpl => c:\program files\realtek\audio\hda\ravcpl64.exe -s
MSCONFIG\startupreg: SmartFaceVWatcher => %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
MSCONFIG\startupreg: SmoothView => %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
MSCONFIG\startupreg: SVPWUTIL => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
MSCONFIG\startupreg: TosVolRegulator => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
MSCONFIG\startupreg: TWebCamera => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

========================= Accounts: ==========================

Administrator (S-1-5-21-4064657657-4253216823-4133322302-500 - Administrator - Disabled)
Guest (S-1-5-21-4064657657-4253216823-4133322302-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4064657657-4253216823-4133322302-1045 - Limited - Enabled)
Sergio (S-1-5-21-4064657657-4253216823-4133322302-1000 - Administrator - Enabled) => C:\Users\Sergio

==================== Faulty Device Manager Devices =============

Name: BAPIDRV
Description: BAPIDRV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BAPIDRV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/14/2014 10:43:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17496, time stamp: 0x546fddcc
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x628
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3


System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-12-13 08:33:04.233
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-12-13 08:33:00.197
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-12-06 19:17:58.863
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-12-06 19:17:58.861
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-12-06 19:17:54.900
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-12-06 19:17:54.898
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-11-18 12:15:21.774
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-11-18 12:15:21.772
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-11-18 12:15:15.738
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-11-18 12:15:15.737
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 95%
Total physical RAM: 3890.67 MB
Available physical RAM: 163.85 MB
Total Pagefile: 11888.85 MB
Available Pagefile: 7281.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (windows) (Fixed) (Total:452.7 GB) (Free:164.14 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 9EEF59AB)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=452.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.6 GB) - (Type=17)

==================== End Of Log ============================
binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por joram Seg 15 Dez 2014, 00:01

Boa Noite! binalima

> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-as com o nome fixlist. << Texto!
> Salve-as no desktop! /!\ C:\Users\Sergio\Desktop /!\

start
CloseProcesses: 
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {197d8b67-b83e-11e3-ad24-1c75087e7a2c} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {1980275b-b848-11e3-8e8d-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {286a0033-b840-11e3-8429-1c75087e7a2c} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {2fa6043c-b610-11e3-816b-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {48f0cd64-16e7-11e3-894d-88252ce51665} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {48f0cd73-16e7-11e3-894d-88252ce51665} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {6382ee29-b60a-11e3-b40a-1c75087e7a2c} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {6b829983-4b87-11e3-a2ca-88252ce51665} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {766c97df-b5ae-11e3-9333-1c75087e7a2c} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {766c97df-b5ae-11e3-9333-1c75087e7a2c} - E:\AutoRun.exe
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll No File
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
FF ProfilePath: user_pref("browser.startup.homepage", "http://start.iminent.com/?appId=DA4016DE-6AC6-403B-B513-87A77A755C8A");
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [aaaajabnoiehionljhjpclogplgillib] - No Path
CHR HKLM-x32\...\Chrome\Extension: [pjaookfpeipnpdmmaofdmeaakjkpjpfh] - No Path
S3 BASSVC; "C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe" -svc [X]
S3 SparkSvc; "C:\Program Files (x86)\baidu\Spark\sparkservice.exe" -r [X]
S3 SparkUpdater; C:\Program Files (x86)\Baidu\SparkUpdate\Sparkupdate.exe [X]
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-05] (Malwarebytes Corporation)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 BprotectEx; \??\C:\windows\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
2014-12-14 22:39 - 2014-12-14 22:39 - 00001704 _____ () C:\Users\Sergio\Desktop\JRT.txt
2014-12-14 22:33 - 2014-12-14 22:33 - 01707646 _____ (Thisisu) C:\Users\Sergio\Desktop\JRT.exe
2014-12-14 18:01 - 2014-12-14 18:01 - 02166272 _____ () C:\Users\Sergio\Desktop\AdwCleaner.exe
2014-12-14 12:57 - 2014-02-13 23:59 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-12-14 11:21 - 2014-12-14 13:04 - 00114035 _____ () C:\zoek-results.log
2014-12-14 11:15 - 2014-12-14 12:34 - 00000000 ____D () C:\zoek_backup
2014-12-14 11:11 - 2014-12-07 23:06 - 01429293 _____ () C:\Users\Sergio\Desktop\zoek.exe.scr
2014-12-14 11:11 - 2014-12-07 23:06 - 01429293 _____ () C:\Users\Sergio\Desktop\zoek.exe.com
2014-12-14 11:11 - 2014-11-30 00:27 - 01295360 _____ () C:\Users\Sergio\Desktop\zoek.exe.exe
2014-12-14 11:09 - 2014-12-14 11:10 - 04134156 _____ () C:\Users\Sergio\Desktop\zoek.zip
2014-12-13 19:22 - 2014-12-14 18:39 - 00000560 _____ () C:\windows\setupact.log
2014-12-13 19:22 - 2014-12-14 18:10 - 00004812 _____ () C:\windows\PFRO.log
2014-12-13 19:22 - 2014-12-13 19:22 - 00000000 _____ () C:\windows\setuperr.log
2014-12-13 11:43 - 2014-12-14 00:24 - 00008043 _____ () C:\Users\Sergio\Downloads\hijackthis.log
2014-12-13 11:41 - 2014-12-13 11:41 - 00388608 _____ (Trend Micro Inc.) C:\Users\Sergio\Downloads\HijackThis.exe
2014-12-07 12:08 - 2014-12-07 12:08 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Sergio\Downloads\SpyHunter-Installer.exe
2014-11-19 09:01 - 2014-12-05 14:20 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-19 09:00 - 2014-12-05 14:19 - 00001123 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-19 09:00 - 2014-12-05 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-19 09:00 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-11-19 09:00 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-11-19 09:00 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-11-19 08:53 - 2014-11-19 08:58 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Sergio\Downloads\mbam-setup-2.0.3.1025.exe
2014-12-14 18:07 - 2014-02-17 18:57 - 00000000 ____D () C:\AdwCleaner
2014-12-14 00:23 - 2013-08-24 13:34 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-12-13 23:11 - 2013-08-05 10:07 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-12 08:42 - 2014-10-27 13:52 - 00004060 _____ () C:\windows\System32\Tasks\SparkUpdater
2014-12-05 14:19 - 2014-09-18 18:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-24 13:29 - 2013-08-05 10:08 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
C:\Users\Sergio\AppData\Local\Temp\Quarantine.exe
C:\Users\Sergio\AppData\Local\Temp\sqlite3.dll
Task: {06D05863-8E65-4671-83B5-5BB56D7E7758} - System32\Tasks\{41455088-26F2-4372-BA61-EB6B9392F45F} => C:\Program Files (x86)\PokerStars\Tracer.exe [2013-06-21] (PokerStars)
Task: {3BE47CD1-99B1-47FC-ADE0-62147BEC8C47} - System32\Tasks\{F54341E1-E1E6-4773-817E-475B6D23D0A7} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {3D9C0A88-318B-42E7-8F46-2526774C68BC} - System32\Tasks\{2D449190-32D1-461D-A630-1A4103BA70DF} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {45CCE12C-AC2F-4922-B630-174520BD4CFA} - System32\Tasks\{A1F85854-B40C-4157-8C6B-CAC66C811C25} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {4E2DB6D1-61AF-4A63-AB64-1F0AB8F54779} - \Browser Updater\Browser Updater No Task File <==== ATTENTION
Task: {553F06A9-622D-4B6A-9A84-38172E0E03CC} - System32\Tasks\{A7A1692C-5A64-4CA7-8BCC-711527B7028F} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {7282923A-2FC5-4370-9A58-D815BA358768} - System32\Tasks\{38BE1A07-DD1D-4D23-A92D-92B2A889D29B} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {7B66238B-BAA0-4F05-BFEF-CD8C1D5ADE52} - System32\Tasks\{EC718F39-6604-4C52-B5A7-ABEFE8C97137} => C:\Program Files (x86)\PokerStars\Tracer.exe [2013-06-21] (PokerStars)
Task: {895DB7ED-90B5-4B2E-B942-FDE7F01C1899} - System32\Tasks\SparkUpdater => C:\Program Files (x86)\baidu\Spark\SparkUpdate.exe
Task: {8E0DC012-9D64-45FD-B4DD-1CC2AC68C2C7} - System32\Tasks\{F16D5B09-B43C-4A43-93F7-53790F4D4DA2} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {93472383-679A-42A1-A124-A78ED1075A7B} - System32\Tasks\{FD9F3268-0665-47CF-9AAC-4E4A39A50256} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {A4B9F44C-8D53-4341-B7E1-C4144B97B65C} - System32\Tasks\{3FC5EE11-5DF2-4C77-BCD3-04389D716636} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {B8EBD2E4-8CA4-4ABF-8785-0A890AB04F83} - System32\Tasks\{5BD34FD2-E6B4-4357-A955-D7B9C724B394} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
Task: {EE2E585A-5E6F-4D9B-B414-0E1073307E7A} - System32\Tasks\{55440E39-0B9B-4AB1-AE7B-82419C1E0DE0} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {FD645717-4417-49DF-BE66-243D695A36F7} - \060184C3-9766-46a0-B258-F4518A0B2633 No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
hosts:
emptytemp:
end

> Execute FRST/FRST64 >> Clique "Fix" << Aguarde!
> Na mensagem,clique Executar
> Poste o relatório! (Fixlog.txt)

A+
joram
joram
Administrador
Administrador

Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Seg 15 Dez 2014, 07:20

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-12-2014 01
Ran by Sergio at 2014-12-15 07:03:51 Run:1
Running from C:\Users\Sergio\Desktop
Loaded Profile: Sergio (Available profiles: Sergio)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
CloseProcesses:
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {197d8b67-b83e-11e3-ad24-1c75087e7a2c} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {1980275b-b848-11e3-8e8d-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {286a0033-b840-11e3-8429-1c75087e7a2c} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {2fa6043c-b610-11e3-816b-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {48f0cd64-16e7-11e3-894d-88252ce51665} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {48f0cd73-16e7-11e3-894d-88252ce51665} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {6382ee29-b60a-11e3-b40a-1c75087e7a2c} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {6b829983-4b87-11e3-a2ca-88252ce51665} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {766c97df-b5ae-11e3-9333-1c75087e7a2c} - E:\AutoRun.exe
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\...\MountPoints2: {766c97df-b5ae-11e3-9333-1c75087e7a2c} - E:\AutoRun.exe
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll No File
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
FF ProfilePath: user_pref("browser.startup.homepage", "http://start.iminent.com/?appId=DA4016DE-6AC6-403B-B513-87A77A755C8A");
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [aaaajabnoiehionljhjpclogplgillib] - No Path
CHR HKLM-x32\...\Chrome\Extension: [pjaookfpeipnpdmmaofdmeaakjkpjpfh] - No Path
S3 BASSVC; "C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.3611\bassvc.exe" -svc [X]
S3 SparkSvc; "C:\Program Files (x86)\baidu\Spark\sparkservice.exe" -r [X]
S3 SparkUpdater; C:\Program Files (x86)\Baidu\SparkUpdate\Sparkupdate.exe [X]
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-05] (Malwarebytes Corporation)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 BprotectEx; \??\C:\windows\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
2014-12-14 22:39 - 2014-12-14 22:39 - 00001704 _____ () C:\Users\Sergio\Desktop\JRT.txt
2014-12-14 22:33 - 2014-12-14 22:33 - 01707646 _____ (Thisisu) C:\Users\Sergio\Desktop\JRT.exe
2014-12-14 18:01 - 2014-12-14 18:01 - 02166272 _____ () C:\Users\Sergio\Desktop\AdwCleaner.exe
2014-12-14 12:57 - 2014-02-13 23:59 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-12-14 11:21 - 2014-12-14 13:04 - 00114035 _____ () C:\zoek-results.log
2014-12-14 11:15 - 2014-12-14 12:34 - 00000000 ____D () C:\zoek_backup
2014-12-14 11:11 - 2014-12-07 23:06 - 01429293 _____ () C:\Users\Sergio\Desktop\zoek.exe.scr
2014-12-14 11:11 - 2014-12-07 23:06 - 01429293 _____ () C:\Users\Sergio\Desktop\zoek.exe.com
2014-12-14 11:11 - 2014-11-30 00:27 - 01295360 _____ () C:\Users\Sergio\Desktop\zoek.exe.exe
2014-12-14 11:09 - 2014-12-14 11:10 - 04134156 _____ () C:\Users\Sergio\Desktop\zoek.zip
2014-12-13 19:22 - 2014-12-14 18:39 - 00000560 _____ () C:\windows\setupact.log
2014-12-13 19:22 - 2014-12-14 18:10 - 00004812 _____ () C:\windows\PFRO.log
2014-12-13 19:22 - 2014-12-13 19:22 - 00000000 _____ () C:\windows\setuperr.log
2014-12-13 11:43 - 2014-12-14 00:24 - 00008043 _____ () C:\Users\Sergio\Downloads\hijackthis.log
2014-12-13 11:41 - 2014-12-13 11:41 - 00388608 _____ (Trend Micro Inc.) C:\Users\Sergio\Downloads\HijackThis.exe
2014-12-07 12:08 - 2014-12-07 12:08 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Sergio\Downloads\SpyHunter-Installer.exe
2014-11-19 09:01 - 2014-12-05 14:20 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-19 09:00 - 2014-12-05 14:19 - 00001123 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-19 09:00 - 2014-12-05 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-19 09:00 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-11-19 09:00 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-11-19 09:00 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-11-19 08:53 - 2014-11-19 08:58 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Sergio\Downloads\mbam-setup-2.0.3.1025.exe
2014-12-14 18:07 - 2014-02-17 18:57 - 00000000 ____D () C:\AdwCleaner
2014-12-14 00:23 - 2013-08-24 13:34 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-12-13 23:11 - 2013-08-05 10:07 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-12 08:42 - 2014-10-27 13:52 - 00004060 _____ () C:\windows\System32\Tasks\SparkUpdater
2014-12-05 14:19 - 2014-09-18 18:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-24 13:29 - 2013-08-05 10:08 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
C:\Users\Sergio\AppData\Local\Temp\Quarantine.exe
C:\Users\Sergio\AppData\Local\Temp\sqlite3.dll
Task: {06D05863-8E65-4671-83B5-5BB56D7E7758} - System32\Tasks\{41455088-26F2-4372-BA61-EB6B9392F45F} => C:\Program Files (x86)\PokerStars\Tracer.exe [2013-06-21] (PokerStars)
Task: {3BE47CD1-99B1-47FC-ADE0-62147BEC8C47} - System32\Tasks\{F54341E1-E1E6-4773-817E-475B6D23D0A7} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {3D9C0A88-318B-42E7-8F46-2526774C68BC} - System32\Tasks\{2D449190-32D1-461D-A630-1A4103BA70DF} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {45CCE12C-AC2F-4922-B630-174520BD4CFA} - System32\Tasks\{A1F85854-B40C-4157-8C6B-CAC66C811C25} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {4E2DB6D1-61AF-4A63-AB64-1F0AB8F54779} - \Browser Updater\Browser Updater No Task File <==== ATTENTION
Task: {553F06A9-622D-4B6A-9A84-38172E0E03CC} - System32\Tasks\{A7A1692C-5A64-4CA7-8BCC-711527B7028F} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {7282923A-2FC5-4370-9A58-D815BA358768} - System32\Tasks\{38BE1A07-DD1D-4D23-A92D-92B2A889D29B} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {7B66238B-BAA0-4F05-BFEF-CD8C1D5ADE52} - System32\Tasks\{EC718F39-6604-4C52-B5A7-ABEFE8C97137} => C:\Program Files (x86)\PokerStars\Tracer.exe [2013-06-21] (PokerStars)
Task: {895DB7ED-90B5-4B2E-B942-FDE7F01C1899} - System32\Tasks\SparkUpdater => C:\Program Files (x86)\baidu\Spark\SparkUpdate.exe
Task: {8E0DC012-9D64-45FD-B4DD-1CC2AC68C2C7} - System32\Tasks\{F16D5B09-B43C-4A43-93F7-53790F4D4DA2} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {93472383-679A-42A1-A124-A78ED1075A7B} - System32\Tasks\{FD9F3268-0665-47CF-9AAC-4E4A39A50256} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {A4B9F44C-8D53-4341-B7E1-C4144B97B65C} - System32\Tasks\{3FC5EE11-5DF2-4C77-BCD3-04389D716636} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {B8EBD2E4-8CA4-4ABF-8785-0A890AB04F83} - System32\Tasks\{5BD34FD2-E6B4-4357-A955-D7B9C724B394} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
Task: {EE2E585A-5E6F-4D9B-B414-0E1073307E7A} - System32\Tasks\{55440E39-0B9B-4AB1-AE7B-82419C1E0DE0} => c:\program files (x86)\baidu\spark26.5.9999.3285\spark.exe
Task: {FD645717-4417-49DF-BE66-243D695A36F7} - \060184C3-9766-46a0-B258-F4518A0B2633 No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
hosts:
emptytemp:
end

*****************

Processes closed successfully.
"HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-4064657657-4253216823-4133322302-1000" => Key not found.
"HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{197d8b67-b83e-11e3-ad24-1c75087e7a2c}" => Key deleted successfully.
"HKCR\CLSID\{197d8b67-b83e-11e3-ad24-1c75087e7a2c}" => Key not found.
"HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1980275b-b848-11e3-8e8d-806e6f6e6963}" => Key deleted successfully.
"HKCR\CLSID\{1980275b-b848-11e3-8e8d-806e6f6e6963}" => Key not found.
"HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{286a0033-b840-11e3-8429-1c75087e7a2c}" => Key deleted successfully.
"HKCR\CLSID\{286a0033-b840-11e3-8429-1c75087e7a2c}" => Key not found.
"HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2fa6043c-b610-11e3-816b-806e6f6e6963}" => Key deleted successfully.
"HKCR\CLSID\{2fa6043c-b610-11e3-816b-806e6f6e6963}" => Key not found.
"HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48f0cd64-16e7-11e3-894d-88252ce51665}" => Key deleted successfully.
"HKCR\CLSID\{48f0cd64-16e7-11e3-894d-88252ce51665}" => Key not found.
"HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48f0cd73-16e7-11e3-894d-88252ce51665}" => Key deleted successfully.
"HKCR\CLSID\{48f0cd73-16e7-11e3-894d-88252ce51665}" => Key not found.
"HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6382ee29-b60a-11e3-b40a-1c75087e7a2c}" => Key deleted successfully.
"HKCR\CLSID\{6382ee29-b60a-11e3-b40a-1c75087e7a2c}" => Key not found.
"HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b829983-4b87-11e3-a2ca-88252ce51665}" => Key deleted successfully.
"HKCR\CLSID\{6b829983-4b87-11e3-a2ca-88252ce51665}" => Key not found.
"HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{766c97df-b5ae-11e3-9333-1c75087e7a2c}" => Key deleted successfully.
"HKCR\CLSID\{766c97df-b5ae-11e3-9333-1c75087e7a2c}" => Key not found.
"HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{766c97df-b5ae-11e3-9333-1c75087e7a2c}" => Key not found.
"HKCR\CLSID\{766c97df-b5ae-11e3-9333-1c75087e7a2c}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock" => Key deleted successfully.
"HKCR\CLSID\{0A93904A-BB1E-4a0c-9753-B57B9AE272CC}" => Key not found.
"HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-4064657657-4253216823-4133322302-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
=> Should not be moved.
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaajabnoiehionljhjpclogplgillib" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pjaookfpeipnpdmmaofdmeaakjkpjpfh" => Key deleted successfully.
BASSVC => Service not found.
SparkSvc => Service not found.
SparkUpdater => Service not found.
MBAMSwissArmy => Service deleted successfully.
PSKMAD => Service deleted successfully.
BAPIDRV => Service deleted successfully.
BprotectEx => Service deleted successfully.
PCFApiUtil => Service deleted successfully.
C:\Users\Sergio\Desktop\JRT.txt => Moved successfully.
C:\Users\Sergio\Desktop\JRT.exe => Moved successfully.
C:\Users\Sergio\Desktop\AdwCleaner.exe => Moved successfully.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Sergio\Desktop\zoek.exe.scr => Moved successfully.
C:\Users\Sergio\Desktop\zoek.exe.com => Moved successfully.
C:\Users\Sergio\Desktop\zoek.exe.exe => Moved successfully.
C:\Users\Sergio\Desktop\zoek.zip => Moved successfully.
"C:\windows\setupact.log" => File/Directory not found.
"C:\windows\PFRO.log" => File/Directory not found.
"C:\windows\setuperr.log" => File/Directory not found.
C:\Users\Sergio\Downloads\hijackthis.log => Moved successfully.
C:\Users\Sergio\Downloads\HijackThis.exe => Moved successfully.
C:\Users\Sergio\Downloads\SpyHunter-Installer.exe => Moved successfully.
C:\windows\system32\Drivers\MBAMSwissArmy.sys => Moved successfully.
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware => Moved successfully.
C:\windows\system32\Drivers\mbamchameleon.sys => Moved successfully.
C:\windows\system32\Drivers\mwac.sys => Moved successfully.
C:\windows\system32\Drivers\mbam.sys => Moved successfully.
C:\Users\Sergio\Downloads\mbam-setup-2.0.3.1025.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Public\Documents\Baidu Security => Moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 => Moved successfully.
C:\windows\System32\Tasks\SparkUpdater => Moved successfully.
C:\Program Files (x86)\Malwarebytes Anti-Malware => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Users\Sergio\AppData\Local\Temp\Quarantine.exe => Moved successfully.
"C:\Users\Sergio\AppData\Local\Temp\sqlite3.dll" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06D05863-8E65-4671-83B5-5BB56D7E7758}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06D05863-8E65-4671-83B5-5BB56D7E7758}" => Key deleted successfully.
C:\Windows\System32\Tasks\{41455088-26F2-4372-BA61-EB6B9392F45F} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{41455088-26F2-4372-BA61-EB6B9392F45F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BE47CD1-99B1-47FC-ADE0-62147BEC8C47}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BE47CD1-99B1-47FC-ADE0-62147BEC8C47}" => Key deleted successfully.
C:\Windows\System32\Tasks\{F54341E1-E1E6-4773-817E-475B6D23D0A7} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F54341E1-E1E6-4773-817E-475B6D23D0A7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D9C0A88-318B-42E7-8F46-2526774C68BC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D9C0A88-318B-42E7-8F46-2526774C68BC}" => Key deleted successfully.
C:\Windows\System32\Tasks\{2D449190-32D1-461D-A630-1A4103BA70DF} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2D449190-32D1-461D-A630-1A4103BA70DF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45CCE12C-AC2F-4922-B630-174520BD4CFA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45CCE12C-AC2F-4922-B630-174520BD4CFA}" => Key deleted successfully.
C:\Windows\System32\Tasks\{A1F85854-B40C-4157-8C6B-CAC66C811C25} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A1F85854-B40C-4157-8C6B-CAC66C811C25}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4E2DB6D1-61AF-4A63-AB64-1F0AB8F54779}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E2DB6D1-61AF-4A63-AB64-1F0AB8F54779}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Updater\Browser Updater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{553F06A9-622D-4B6A-9A84-38172E0E03CC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{553F06A9-622D-4B6A-9A84-38172E0E03CC}" => Key deleted successfully.
C:\Windows\System32\Tasks\{A7A1692C-5A64-4CA7-8BCC-711527B7028F} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A7A1692C-5A64-4CA7-8BCC-711527B7028F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7282923A-2FC5-4370-9A58-D815BA358768}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7282923A-2FC5-4370-9A58-D815BA358768}" => Key deleted successfully.
C:\Windows\System32\Tasks\{38BE1A07-DD1D-4D23-A92D-92B2A889D29B} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{38BE1A07-DD1D-4D23-A92D-92B2A889D29B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B66238B-BAA0-4F05-BFEF-CD8C1D5ADE52}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B66238B-BAA0-4F05-BFEF-CD8C1D5ADE52}" => Key deleted successfully.
C:\Windows\System32\Tasks\{EC718F39-6604-4C52-B5A7-ABEFE8C97137} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EC718F39-6604-4C52-B5A7-ABEFE8C97137}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{895DB7ED-90B5-4B2E-B942-FDE7F01C1899}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{895DB7ED-90B5-4B2E-B942-FDE7F01C1899}" => Key deleted successfully.
C:\Windows\System32\Tasks\SparkUpdater not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SparkUpdater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E0DC012-9D64-45FD-B4DD-1CC2AC68C2C7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E0DC012-9D64-45FD-B4DD-1CC2AC68C2C7}" => Key deleted successfully.
C:\Windows\System32\Tasks\{F16D5B09-B43C-4A43-93F7-53790F4D4DA2} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F16D5B09-B43C-4A43-93F7-53790F4D4DA2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93472383-679A-42A1-A124-A78ED1075A7B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93472383-679A-42A1-A124-A78ED1075A7B}" => Key deleted successfully.
C:\Windows\System32\Tasks\{FD9F3268-0665-47CF-9AAC-4E4A39A50256} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FD9F3268-0665-47CF-9AAC-4E4A39A50256}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4B9F44C-8D53-4341-B7E1-C4144B97B65C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4B9F44C-8D53-4341-B7E1-C4144B97B65C}" => Key deleted successfully.
C:\Windows\System32\Tasks\{3FC5EE11-5DF2-4C77-BCD3-04389D716636} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3FC5EE11-5DF2-4C77-BCD3-04389D716636}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8EBD2E4-8CA4-4ABF-8785-0A890AB04F83}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8EBD2E4-8CA4-4ABF-8785-0A890AB04F83}" => Key deleted successfully.
C:\Windows\System32\Tasks\{5BD34FD2-E6B4-4357-A955-D7B9C724B394} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5BD34FD2-E6B4-4357-A955-D7B9C724B394}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{EB02381F-D652-4B1C-894A-712498C62C51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE2E585A-5E6F-4D9B-B414-0E1073307E7A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE2E585A-5E6F-4D9B-B414-0E1073307E7A}" => Key deleted successfully.
C:\Windows\System32\Tasks\{55440E39-0B9B-4AB1-AE7B-82419C1E0DE0} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{55440E39-0B9B-4AB1-AE7B-82419C1E0DE0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FD645717-4417-49DF-BE66-243D695A36F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD645717-4417-49DF-BE66-243D695A36F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633" => Key deleted successfully.
C:\ProgramData\TEMP => ":CB0AACC9" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 124.4 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====
binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por joram Seg 15 Dez 2014, 07:35

Bom Dia! binalima

> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by OldTimer )

> Salve-o no desktop ou C:\.
> Duplo-clique em OTS.exe.
> Ps: Para Windows Vista ou 7,dê clique direito e execute OTS.exe como administrador.

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link] 

> Na opção "Additional Scans",clique em "Extras".

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Marque,também,as caixinhas:

[] Reg - NetSvcs
[] File - Lop Check

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Para SO 64 bits,marque a caixinha!

> Em "Basic Scans",marque a caixinha: Skip Microsoft

> Marque: [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

Código:
%systemdrive%\*.*
%systemdrive%\drivers\*.exe
%systemroot%\system32\drivers\*.* /90
%programfiles%\*.*
%localappdata%\*.exe
%localappdata%\*.txt
%localappdata%\*.ini
%localappdata%\*.dll
%localappdata%\*.dat
%userprofile%\*.exe
%userprofile%\*.txt
%userprofile%\*.ini
%userprofile%\*.dll
%userprofile%\*.dat /30
%appdata%\*.*
%systemroot%\system32\tasks\*.*
%windir%\tasks\*.*
HKLM\System\CCS\Services\Tcpip\Parameters
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

> Copie e cole estas informações que estão no Código,para o campo "Custom Scans".
> À seguir,clique em [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem] 

> Ao concluir,abrir-se-á o Bloco de Notas,com o relatório. ( OTS.txt )
> Poste-o em sua resposta!
> Acesse para isso! ( [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] ou [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] )

Abs!
joram
joram
Administrador
Administrador

Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por binalima Seg 15 Dez 2014, 09:20

OK.
Espero que seja desta forma a resposta

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Grato
binalima
binalima
Membro
Membro

Mensagens : 63
Reputação : 0
Data de inscrição : 13/12/2014

Ir para o topo Ir para baixo

Notebook Toshiba L675-S7133 - Trancando Empty Re: Notebook Toshiba L675-S7133 - Trancando

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Ir para o topo Ir para baixo

Página 1 de 3 1, 2, 3  Seguinte

Ir para o topo

- Tópicos semelhantes

Fórum PC Brasil :: Segurança da Informação :: Casos Resolvidos

 
Permissões neste sub-fórum
Não podes responder a tópicos