Fórum SecSecurity

Implementando Limpeza e Segurança em seu computador!

Palavras chave

Últimos assuntos

» Sujeira equiparada ao baidu e PC safe
Sab Set 27, 2014 11:33 am por joram

» Pastas voltaram a sumir do PC
Ter Set 02, 2014 3:02 pm por joram

» Adware Removal Tool ( ... by techsupportall.com )
Dom Ago 31, 2014 3:48 pm por joram

» HostsMan ( ... de abelhadigital.com )
Qui Ago 28, 2014 9:48 pm por joram

» Cjoint.com ( Hospedagem de Relatórios! )
Qua Ago 27, 2014 9:18 am por joram

» Flash Player Update ( ... de Pierre13 )
Sex Ago 22, 2014 11:54 am por joram

» AdsFix ( ... de g3n-h@ckm@n )
Qui Ago 21, 2014 6:07 am por joram

» Pastas sumindo do PC
Seg Ago 18, 2014 12:47 pm por joram

» Rootkits são mesmo sobras de vários softwares
Dom Ago 17, 2014 11:22 pm por joram

Outubro 2014

SegTerQuaQuiSexSabDom
  12345
6789101112
13141516171819
20212223242526
2728293031  

Calendário Calendário

Parceiros

Fórum grátis

    Maquina super lenta; Log para analise

    Compartilhe

    Edvan

    Mensagens: 409
    Data de inscrição: 14/02/2013
    Idade: 34
    Localização: Natal/RN

    Maquina super lenta; Log para analise

    Mensagem por Edvan em Dom Nov 03, 2013 3:54 pm

    apos passar algumas ferramentas o pc melhorou bastante.

    Log http://cjoint.com/13nv/CKds0Dpxg01.htm

    # AdwCleaner v3.010 - Relatório criado 02/11/2013 às 21:06:14
    # Atualizado 20/10/2013 por Xplode
    # Sistema Operacional : Windows 7 Ultimate  (32 bits)
    # Usuário : Marlindo - MARLINDO-PC
    # Executando de : C:\Users\Marlindo\Desktop\adwcleaner.exe
    # Opção : Limpar
    ***** [ Serviços ] *****
    Serviço Deletada : SProtection
    ***** [ Arquivos / Pastas ] *****
    Pasta Deletada : C:\ProgramData\baidu
    Pasta Deletada : C:\ProgramData\boost_interprocess
    Pasta Deletada : C:\ProgramData\Iminent
    Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Claro
    Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
    Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
    Pasta Deletada : C:\Program Files\Claro
    Pasta Deletada : C:\Program Files\Conduit
    Pasta Deletada : C:\Program Files\DealPly
    Pasta Deletada : C:\Program Files\Iminent
    Pasta Deletada : C:\Program Files\tuvaro
    Pasta Deletada : C:\Program Files\uTorrentBar_PT
    Pasta Deletada : C:\Program Files\Common Files\Umbrella
    Pasta Deletada : C:\Users\Marlindo\AppData\Local\b1e
    Pasta Deletada : C:\Users\Marlindo\AppData\Local\Conduit
    Pasta Deletada : C:\Users\Marlindo\AppData\Local\iac
    Pasta Deletada : C:\Users\Marlindo\AppData\Local\Temp\Iminent
    Pasta Deletada : C:\Users\Marlindo\AppData\Local\Temp\CT2851643
    Pasta Deletada : C:\Users\Marlindo\AppData\LocalLow\Conduit
    Pasta Deletada : C:\Users\Marlindo\AppData\LocalLow\PriceGong
    Pasta Deletada : C:\Users\Marlindo\AppData\LocalLow\tuvaro
    Pasta Deletada : C:\Users\Marlindo\AppData\LocalLow\uTorrentBar_PT
    Pasta Deletada : C:\Users\Marlindo\AppData\Roaming\B1Toolbar
    Pasta Deletada : C:\Users\Marlindo\AppData\Roaming\baidu
    Pasta Deletada : C:\Users\Marlindo\AppData\Roaming\DealPly
    Pasta Deletada : C:\Users\Marlindo\AppData\Roaming\Iminent
    Pasta Deletada : C:\Users\Marlindo\AppData\Roaming\tuvaro
    Pasta Deletada : C:\Users\Marlindo\AppData\Roaming\Mozilla\Firefox\Profiles\vt1nux8a.default\Smartbar
    Pasta Deletada : C:\Users\Marlindo\AppData\Roaming\Mozilla\Firefox\Profiles\vt1nux8a.default\CT2851643
    Pasta Deletada : C:\Users\Marlindo\AppData\Roaming\Mozilla\Firefox\Profiles\vt1nux8a.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
    Pasta Deletada : C:\Users\Marlindo\AppData\Roaming\Mozilla\Firefox\Profiles\vt1nux8a.default\Extensions\{e0301295-ab3e-4af3-979f-3d453c5f9f48}
    Pasta Deletada : C:\Users\Marlindo\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
    Arquivo Deletada : C:\Users\Marlindo\AppData\Roaming\Mozilla\Firefox\Profiles\vt1nux8a.default\Extensions\webbooster@iminent.com.xpi
    Arquivo Deletada : C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js
    Arquivo Deletada : C:\Users\Marlindo\AppData\Roaming\Mozilla\Firefox\Profiles\vt1nux8a.default\searchplugins\my-web-search.xml
    Arquivo Deletada : C:\Users\Marlindo\AppData\Roaming\Mozilla\Firefox\Profiles\vt1nux8a.default\user.js
    Arquivo Deletada : C:\Users\Marlindo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
    Arquivo Deletada : C:\Windows\System32\Tasks\Dealply
    Arquivo Deletada : C:\Windows\System32\Tasks\DealPlyUpdate
    ***** [ Atalhos ] *****

    ***** [ Registro ] *****
    Valor Deletedo : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]
    Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
    Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
    Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\hahpjplbmicfkmoccokbjejahjjpnena
    [#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply
    [#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF503CDB-617D-4E9D-86F2-EE410012DD0C}
    [#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF503CDB-617D-4E9D-86F2-EE410012DD0C}
    [#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate
    [#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1085A4B2-A491-4413-82D9-906F79F2ED4A}
    [#] Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1085A4B2-A491-4413-82D9-906F79F2ED4A}
    Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
    Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\secman.DLL
    Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane
    Chave Deletedo : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
    Chave Deletedo : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
    Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
    Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
    Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
    Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
    Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
    Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
    Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
    Chave Deletedo : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Iminent
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IminentMessenger
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
    Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT2851643
    Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DictionaryBoss Search Scope Monitor]
    Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
    Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
    Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
    Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{5CB02877-EFBC-4317-B608-9E24B11BAB40}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{6F001652-AF51-45C6-B029-86E0265A1851}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{E0301295-AB3E-4AF3-979F-3D453C5F9F48}
    Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{075FB993-E0E5-42BC-9558-BE07965E184A}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
    Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
    Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
    Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
    Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Chave Deletedo : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CB02877-EFBC-4317-B608-9E24B11BAB40}
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0301295-AB3E-4AF3-979F-3D453C5F9F48}
    Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5CB02877-EFBC-4317-B608-9E24B11BAB40}
    Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F001652-AF51-45C6-B029-86E0265A1851}
    Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
    Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E0301295-AB3E-4AF3-979F-3D453C5F9F48}
    Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{075FB993-E0E5-42BC-9558-BE07965E184A}
    Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5CB02877-EFBC-4317-B608-9E24B11BAB40}
    Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F001652-AF51-45C6-B029-86E0265A1851}
    Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
    Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E0301295-AB3E-4AF3-979F-3D453C5F9F48}
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{075FB993-E0E5-42BC-9558-BE07965E184A}
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00E33234-0D23-44C7-B8C9-E19A33542780}
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15A81D34-A01C-40EA-A570-D2259DE686F9}
    Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6F001652-AF51-45C6-B029-86E0265A1851}]
    Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
    Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
    Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
    Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{E0301295-AB3E-4AF3-979F-3D453C5F9F48}]
    Chave Deletedo : HKCU\Software\Conduit
    Chave Deletedo : HKCU\Software\DealPly
    Chave Deletedo : HKCU\Software\Iminent
    Chave Deletedo : HKCU\Software\InstallCore
    Chave Deletedo : HKCU\Software\uTorrentBar_PT
    Chave Deletedo : HKCU\Software\AppDataLow\Toolbar
    Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
    Chave Deletedo : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Chave Deletedo : HKCU\Software\AppDataLow\Software\PriceGong
    Chave Deletedo : HKCU\Software\AppDataLow\Software\smartbar
    Chave Deletedo : HKCU\Software\AppDataLow\Software\uTorrentBar_PT
    Chave Deletedo : HKLM\Software\Conduit
    Chave Deletedo : HKLM\Software\DealPly
    Chave Deletedo : HKLM\Software\Iminent
    Chave Deletedo : HKLM\Software\Umbrella
    Chave Deletedo : HKLM\Software\uTorrentBar_PT
    Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{118D6CE9-5F18-42F9-958A-14676A629FDE}
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\claro
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
    Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_PT Toolbar
    Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
    Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
    Chave Deletedo : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EC6D81181F59F2459A84176A626F9ED
    Chave Deletedo : HKLM\Software\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED
    Chave Deletedo : HKLM\Software\Classes\Installer\Products\9EC6D81181F59F2459A84176A626F9ED
    ***** [ Navegadores ] *****
    -\\ Internet Explorer v8.0.7600.16722
    Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
    Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
    Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page Before]
    Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page Before]
    -\\ Mozilla Firefox v19.0.2 (pt-BR)
    [ Arquivo : C:\Users\Marlindo\AppData\Roaming\Mozilla\Firefox\Profiles\vt1nux8a.default\prefs.js ]
    Linha deletada : user_pref("CT2851643.1000234.TWC_TMP_city", "SAO PAULO");
    Linha deletada : user_pref("CT2851643.1000234.TWC_TMP_country", "BR");
    Linha deletada : user_pref("CT2851643.1000234.TWC_country", "BRAZIL");
    Linha deletada : user_pref("CT2851643.1000234.TWC_locId", "BRXX0232");
    Linha deletada : user_pref("CT2851643.1000234.TWC_location", "Sao Paulo, Brazil");
    Linha deletada : user_pref("CT2851643.1000234.TWC_region", "BR");
    Linha deletada : user_pref("CT2851643.1000234.TWC_temp_dis", "c");
    Linha deletada : user_pref("CT2851643.1000234.TWC_wind_dis", "kmh");
    Linha deletada : user_pref("CT2851643.1000234.weatherData", "{\"icon\":\"30.png\",\"temperature\":\"26°C\",\"temperatureClear\":\"26°C\",\"highTemperature\":\"26°C\",\"lowTemperature\":\"20°C\",\"feelsLike\":\"27Â[...]
    Linha deletada : user_pref("CT2851643.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Linha deletada : user_pref("CT2851643.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Linha deletada : user_pref("CT2851643.FirstTime", "true");
    Linha deletada : user_pref("CT2851643.FirstTimeFF3", "true");
    Linha deletada : user_pref("CT2851643.LoginRevertSettingsEnabled", true);
    Linha deletada : user_pref("CT2851643.PG_ENABLE", "dHJ1ZQ==");
    Linha deletada : user_pref("CT2851643.PG_ENABLE.enc", "dHJ1ZQ==");
    Linha deletada : user_pref("CT2851643.PairingKey.enc", "RDY0MjQ0Njc1Qjg5NEVFNkMyMTc3QTUwODkxODI5MzM4NDAxMzIxRg==");
    Linha deletada : user_pref("CT2851643.RevertSettingsEnabled", true);
    Linha deletada : user_pref("CT2851643.SearchAppState.enc", "Mg==");
    Linha deletada : user_pref("CT2851643.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851643&SearchSource=2&CUI=UN40520031981235134&q=");
    Linha deletada : user_pref("CT2851643.UserID", "UN40520031981235134");
    Linha deletada : user_pref("CT2851643.addressBarTakeOverEnabledInHidden", "true");
    Linha deletada : user_pref("CT2851643.autoDisableScopes", -1);
    Linha deletada : user_pref("CT2851643.browser.search.defaultthis.engineName", "true");
    Linha deletada : user_pref("CT2851643.cbfirsttime.enc", "U3VuIEZlYiAxNyAyMDEzIDE3OjQ0OjU2IEdNVC0wMzAwIChIb3JhIG9maWNpYWwgZG8gQnJhc2lsKQ==");
    Linha deletada : user_pref("CT2851643.defaultSearch", "true");
    Linha deletada : user_pref("CT2851643.embeddedsData", "[{\"appId\":\"129351530870900444\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
    Linha deletada : user_pref("CT2851643.enableAlerts", "always");
    Linha deletada : user_pref("CT2851643.enableFix404ByUser", "FALSE");
    Linha deletada : user_pref("CT2851643.enableSearchFromAddressBar", "true");
    Linha deletada : user_pref("CT2851643.firstTimeDialogOpened", "true");
    Linha deletada : user_pref("CT2851643.fixPageNotFoundError", "true");
    Linha deletada : user_pref("CT2851643.fixPageNotFoundErrorByUser", "true");
    Linha deletada : user_pref("CT2851643.fixPageNotFoundErrorInHidden", "true");
    Linha deletada : user_pref("CT2851643.fixUrls", true);
    Linha deletada : user_pref("CT2851643.homepageuserchanged", true);
    Linha deletada : user_pref("CT2851643.installDate", "17/2/2013 17:44:23");
    Linha deletada : user_pref("CT2851643.installType", "xpe");
    Linha deletada : user_pref("CT2851643.isCheckedStartAsHidden", true);
    Linha deletada : user_pref("CT2851643.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Linha deletada : user_pref("CT2851643.isFirstTimeToolbarLoading", "false");
    Linha deletada : user_pref("CT2851643.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
    Linha deletada : user_pref("CT2851643.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
    Linha deletada : user_pref("CT2851643.keyword", "true");
    Linha deletada : user_pref("CT2851643.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2851643&octid=CT2851643&SearchSource=15&CUI=UN40520031981235134&SSPV=EB_SSPV&Lay=1&UM=U[...]
    Linha deletada : user_pref("CT2851643.lastVersion", "10.14.370.524");
    Linha deletada : user_pref("CT2851643.mam_gk_CouponBuddy_appState.enc", "b24=");
    Linha deletada : user_pref("CT2851643.mam_gk_PriceGong_appState.enc", "b24=");
    Linha deletada : user_pref("CT2851643.mam_gk_appStateReportTime.enc", "MTM2MjM0MjA1Mjk3Ng==");
    Linha deletada : user_pref("CT2851643.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnNEaWFsb2ciOnsiZGlzcGxheU5h[...]
    Linha deletada : user_pref("CT2851643.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
    Linha deletada : user_pref("CT2851643.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImNyaXRlcmlhcyI6W3siY3JpdGVyaWFJZCI6IjQzZmVjMDg1LWNkMzktNGQyZi05MDZhLTAyNTdkZjM2YzlhYiIsImRvbWFpbnMiOls[...]
    Linha deletada : user_pref("CT2851643.mam_gk_currentVersion.enc", "MS40LjMuMQ==");
    Linha deletada : user_pref("CT2851643.mam_gk_first_time.enc", "MQ==");
    Linha deletada : user_pref("CT2851643.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
    Linha deletada : user_pref("CT2851643.mam_gk_lastLoginTime.enc", "MTM2MjM0MjA0NjMxNw==");
    Linha deletada : user_pref("CT2851643.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJQb2zDrXRpY2EgZGUgY29udGXDumRvIn0sImdhZGdldERlc2NyaXB0aW9uUHJpbWFyeSI6eyJUZXh0IjoiVmFsdWUgQXBwcyBlbnJpcXVlY2Vt[...]
    Linha deletada : user_pref("CT2851643.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
    Linha deletada : user_pref("CT2851643.mam_gk_settings1.4.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHNlLCJpc1dlbGNvbWVFeHBlcmllbmNlRW5hYmxlZEJ5RGVmYXVsd[...]
    Linha deletada : user_pref("CT2851643.mam_gk_settings1.4.3.1.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHNlLCJpc1dlbGNvbWVFeHBlcmllbmNlRW5hYmxlZEJ5RGVmYXVsd[...]
    Linha deletada : user_pref("CT2851643.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
    Linha deletada : user_pref("CT2851643.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
    Linha deletada : user_pref("CT2851643.mam_gk_userId.enc", "OTUwYTU2ZmItY2RhNi00ZDE3LTgwOWMtOGRlNmQ4MmNiYTQ0");
    Linha deletada : user_pref("CT2851643.mam_gk_user_apps_selection.enc", "");
    Linha deletada : user_pref("CT2851643.migrateAppsAndComponents", true);
    Linha deletada : user_pref("CT2851643.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.google.com.br%2F%23hl%3Dpt%26output%3Dsearch%26sclient%3Dpsy-ab%26q%3Dsolid%25C3%25A3o%2Bedson%2Be%2Bhudson%26oq[...]
    Linha deletada : user_pref("CT2851643.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
    Linha deletada : user_pref("CT2851643.openThankYouPage", "true");
    Linha deletada : user_pref("CT2851643.openUninstallPage", "false");
    Linha deletada : user_pref("CT2851643.price-gong.isManagedApp", "true");
    Linha deletada : user_pref("CT2851643.revertSettingsEnabled", "false");
    Linha deletada : user_pref("CT2851643.scriptSource.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv");
    Linha deletada : user_pref("CT2851643.search.searchAppId", "129351530870900444");
    Linha deletada : user_pref("CT2851643.search.searchCount", "0");
    Linha deletada : user_pref("CT2851643.searchInNewTabEnabledByUser", "true");
    Linha deletada : user_pref("CT2851643.searchInNewTabEnabledInHidden", "true");
    Linha deletada : user_pref("CT2851643.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Linha deletada : user_pref("CT2851643.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
    Linha deletada : user_pref("CT2851643.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
    Linha deletada : user_pref("CT2851643.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2851643\"}");
    Linha deletada : user_pref("CT2851643.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentBarPT.OurToolbar.com//xpi\"}");
    Linha deletada : user_pref("CT2851643.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentBar_PT\"}");
    Linha deletada : user_pref("CT2851643.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Linha deletada : user_pref("CT2851643.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1363225852745");
    Linha deletada : user_pref("CT2851643.serviceLayer_services_appsMetadata_lastUpdate", "1363914156855");
    Linha deletada : user_pref("CT2851643.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1363687378775");
    Linha deletada : user_pref("CT2851643.serviceLayer_services_location_lastUpdate", "1363914155892");
    Linha deletada : user_pref("CT2851643.serviceLayer_services_login_10.14.42.7_lastUpdate", "1361133877913");
    Linha deletada : user_pref("CT2851643.serviceLayer_services_login_10.14.65.43_lastUpdate", "1362342101793");
    Linha deletada : user_pref("CT2851643.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1363687378864");
    Linha deletada : user_pref("CT2851643.serviceLayer_services_searchAPI_lastUpdate", "1363914156153");
    Linha deletada : user_pref("CT2851643.serviceLayer_services_serviceMap_lastUpdate", "1363914154935");
    Linha deletada : user_pref("CT2851643.serviceLayer_services_setupAPI_lastUpdate", "1362283164909");
    Linha deletada : user_pref("CT2851643.serviceLayer_services_toolbarContextMenu_lastUpdate", "1363687378693");
    Linha deletada : user_pref("CT2851643.serviceLayer_services_toolbarSettings_lastUpdate", "1363914157054");
    Linha deletada : user_pref("CT2851643.serviceLayer_services_translation_lastUpdate", "1363914157237");
    Linha deletada : user_pref("CT2851643.settingsINI", true);
    Linha deletada : user_pref("CT2851643.shouldFirstTimeDialog", "false");
    Linha deletada : user_pref("CT2851643.smartbar.CTID", "CT2851643");
    Linha deletada : user_pref("CT2851643.smartbar.Uninstall", "0");
    Linha deletada : user_pref("CT2851643.smartbar.homepage", "true");
    Linha deletada : user_pref("CT2851643.smartbar.toolbarName", "uTorrentBar_PT ");
    Linha deletada : user_pref("CT2851643.startPage", "true");
    Linha deletada : user_pref("CT2851643.toolbarBornServerTime", "17-2-2013");
    Linha deletada : user_pref("CT2851643.toolbarCurrentServerTime", "3-3-2013");
    Linha deletada : user_pref("CT2851643.toolbarLoginClientTime", "Wed Mar 13 2013 13:45:33 GMT-0300 (Hora oficial do Brasil)");
    Linha deletada : user_pref("CT2851643.uTTorrents.enc", "eyJidWlsZCI6Mjg3MDUsImxhYmVsIjpbXSwidG9ycmVudHMiOltbIjBFM0FGODI0NzQxNkE2MUY2QjY4OTdGOEZCNjU0MDg4NjA4RTFGNTUiLDEzNiwiQml0VG9ycmVudC1FcGljTWVhbFRpbWUtYSIsMjI4NjIxO[...]
    Linha deletada : user_pref("CT2851643.url_history0001.enc", "aHR0cDovL3d3dy5mYWNlYm9vay5jb20vIzo6OmNsaWNraGFuZGxlcjo6OjEzNjIyNjE0MDIxNjEsLCxodHRwOi8vd3d3LmZhY2Vib29rLmNvbS8jOjo6Y2xpY2toYW5kbGVyOjo6MTM2MjI2MTQwNTEzNCws[...]
    Linha deletada : user_pref("CT2851643_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1363915798514,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
    Linha deletada : user_pref("Smartbar.ConduitHomepagesList", "");
    Linha deletada : user_pref("Smartbar.ConduitSearchEngineList", "");
    Linha deletada : user_pref("Smartbar.ConduitSearchUrlList", "");
    Linha deletada : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
    Linha deletada : user_pref("Smartbar.keywordURLSelectedCTID", "CT2851643");
    Linha deletada : user_pref("browser.search.defaultenginename", "My Web Search");
    Linha deletada : user_pref("browser.search.defaultthis.engineName", "uTorrentBar_PT Customized Web Search");
    Linha deletada : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851643&SearchSource=3&q={searchTerms}&CUI=UN40520031981235134");
    Linha deletada : user_pref("browser.search.selectedEngine", "uTorrentBar_PT Customized Web Search");
    Linha deletada : user_pref("ct2851643.UserID", "UN40520031981235134");
    Linha deletada : user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
    Linha deletada : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
    Linha deletada : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851643&SearchSource=2&CUI=UN40520031981235134&UM=UM_ID&q=");
    Linha deletada : user_pref("extensions.mywebsearch.prevSelectedEngine", "uTorrentBar_PT Customized Web Search");
    Linha deletada : user_pref("extensions.toolbar.mindspark._v4Members_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=871AFC21-6E5B-4845-9FFF-31C89AEC7B1F&n=77fc480f&p2=^XQ^xdm085^YY^br&si=CPzD9J6ry7UCFQ3NnAodh[...]
    Linha deletada : user_pref("extensions.toolbar.mindspark._v4Members_.hp.enabled", true);
    Linha deletada : user_pref("extensions.toolbar.mindspark._v4Members_.hp.lastGuardTime", 235028990);
    Linha deletada : user_pref("extensions.toolbar.mindspark._v4Members_.hp.numGuards", 1);
    Linha deletada : user_pref("extensions.toolbar.mindspark._v4Members_.initialized", true);
    Linha deletada : user_pref("extensions.toolbar.mindspark._v4Members_.installation.contextKey", "");
    Linha deletada : user_pref("extensions.toolbar.mindspark._v4Members_.installation.installDate", "2013022223");
    Linha deletada : user_pref("extensions.toolbar.mindspark._v4Members_.installation.partnerId", "^XQ^xdm085^YY^br");
    Linha deletada : user_pref("extensions.toolbar.mindspark._v4Members_.installation.partnerSubId", "CPzD9J6ry7UCFQ3NnAodh3UAjA");
    Linha deletada : user_pref("extensions.toolbar.mindspark._v4Members_.installation.success", true);
    Linha deletada : user_pref("extensions.toolbar.mindspark._v4Members_.installation.toolbarId", "871AFC21-6E5B-4845-9FFF-31C89AEC7B1F");
    Linha deletada : user_pref("extensions.toolbar.mindspark._v4Members_.lastActivePing", "1363911851711");
    Linha deletada : user_pref("extensions.toolbar.mindspark._v4Members_.options.defaultSearch", true);
    Linha deletada : user_pref("extensions.toolbar.mindspark._v4Members_.options.homePageEnabled", true);
    Linha deletada : user_pref("extensions.toolbar.mindspark._v4Members_.options.keywordEnabled", true);
    Linha deletada : user_pref("extensions.toolbar.mindspark._v4Members_.options.tabEnabled", true);
    Linha deletada : user_pref("extensions.toolbar.mindspark._v4Members_.weather.location", "10001");
    Linha deletada : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
    Linha deletada : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "dictionaryboss@mindspark.com");
    Linha deletada : user_pref("extensions.toolbar.mindspark.lastInstalled", "dictionaryboss@mindspark.com");
    Linha deletada : user_pref("smartBar.searchInNewTabOwner", "CT2851643");
    Linha deletada : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2851643&SearchSource=13&CUI=UN40520031981235134");
    Linha deletada : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851643&SearchSource=2&CUI=UN40520031981235134&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2[...]
    Linha deletada : user_pref("smartbar.machineId", "6DS0XPCI3ZVMEIGLO7CX9VIKSJ2GI/MZY7CRHRYGHKFR48WLXX1QTJ6TZ4SN33C9FV1DF0I+IZ33NJ19JTGUXW");
    Linha deletada : user_pref("smartbar.originalHomepage", "hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal");
    Linha deletada : user_pref("smartbar.originalSearchAddressUrl", "");
    Linha deletada : user_pref("smartbar.originalSearchEngine", "");
    -\\ Google Chrome v
    [ Arquivo : C:\Users\Marlindo\AppData\Local\Google\Chrome\User Data\Default\preferences ]
    Deletedo : urls_to_restore_on_startup
    *************************
    AdwCleaner[R0].txt - [44261 octets] - [02/11/2013 21:05:36]
    AdwCleaner[S0].txt - [42873 octets] - [02/11/2013 21:06:14]
    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [42934 octets] ##########




    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.0.7 (10.15.2013:3)
    OS: Windows 7 Ultimate x64
    Ran by Marlindo on 03/11/2013 at 14:31:56,50
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    ~~~ Services

    ~~~ Registry Values
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs

    ~~~ Registry Keys
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_para_windows-password-cracker_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_para_windows-password-cracker_RASMANCS
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{72BDE7D8-76DF-4A0D-88A8-4957036142A2}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9A2D43BF-1AE5-4019-9B50-5DFE07D93FA6}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{ac2e4ae7-2d16-45ea-991c-2441dfd05696}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{ac2e4ae7-2d16-45ea-991c-2441dfd05696}

    ~~~ Files

    ~~~ Folders
    Successfully deleted: [Folder] "C:\ProgramData\apn"
    Successfully deleted: [Folder] "C:\Users\Marlindo\appdata\local\cre"
    Successfully deleted: [Folder] "C:\Users\Marlindo\appdata\local\iac"
    Successfully deleted: [Empty Folder] C:\Users\Marlindo\appdata\local\{67569D75-33E2-483C-93A8-1307A008BA51}

    ~~~ FireFox
    Successfully deleted the following from C:\Users\Marlindo\AppData\Roaming\mozilla\firefox\profiles\vt1nux8a.default\prefs.js
    user_pref("extensions.tuvaro.admin", false);
    user_pref("extensions.tuvaro.aflt", "orgnl");
    user_pref("extensions.tuvaro.appId", "{2768469C-717B-401F-8532-C6D88BAE0339}");
    user_pref("extensions.tuvaro.autoRvrt", "false");
    user_pref("extensions.tuvaro.dfltLng", "");
    user_pref("extensions.tuvaro.dfltSrch", true);
    user_pref("extensions.tuvaro.dnsErr", true);
    user_pref("extensions.tuvaro.excTlbr", false);
    user_pref("extensions.tuvaro.ffxUnstlRst", false);
    user_pref("extensions.tuvaro.hmpg", true);
    user_pref("extensions.tuvaro.hmpgUrl", "hxxp://tuvaro.com/ws/?source=536c75e7&tbp=homepage&toolbarid=base&u=90d491b400000000000080ee73064f07");
    user_pref("extensions.tuvaro.hpOld0", "hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal");
    user_pref("extensions.tuvaro.id", "90d491b400000000000080ee73064f07");
    user_pref("extensions.tuvaro.instlDay", "15753");
    user_pref("extensions.tuvaro.instlRef", "536c75e7");
    user_pref("extensions.tuvaro.kw_url", "hxxp://tuvaro.com/ws/?source=536c75e7&tbp=url&toolbarid=base&u=90d491b400000000000080ee73064f07&q=");
    user_pref("extensions.tuvaro.newTab", true);
    user_pref("extensions.tuvaro.newTabUrl", "chrome://tuvaro/content/new browser tab.html?source=536c75e7&tbp=tab&u=90d491b400000000000080ee73064f07");
    user_pref("extensions.tuvaro.prdct", "tuvaro");
    user_pref("extensions.tuvaro.prtnrId", "tuvaro");
    user_pref("extensions.tuvaro.rvrt", "false");
    user_pref("extensions.tuvaro.smplGrp", "none");
    user_pref("extensions.tuvaro.srchPrvdr", "Tuvaro");
    user_pref("extensions.tuvaro.tlbrId", "base");
    user_pref("extensions.tuvaro.tlbrSrchUrl", "hxxp://tuvaro.com/ws/?source=536c75e7&tbp=main&toolbarid=base&u=90d491b400000000000080ee73064f07&q=");
    user_pref("extensions.tuvaro.vrsn", "1.8.12.0");
    user_pref("extensions.tuvaro.vrsnTs", "1.8.12.017:43:16");
    user_pref("extensions.tuvaro.vrsni", "1.8.12.0");

    ~~~ Event Viewer Logs were cleared


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 03/11/2013 at 14:35:36,95
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    joram
    Admin

    Mensagens: 560
    Data de inscrição: 14/08/2012
    Idade: 61
    Localização: Rio de Janeiro

    Re: Maquina super lenta; Log para analise

    Mensagem por joram em Seg Nov 04, 2013 11:40 am

    Bom Dia! Edvan

    |- Execute este script na ferramenta ZHPFix.

    script zhpfix
    [MD5.47025DD5CBA8B43E9D26C960FF5B32A7] [SPRF][19/10/2013] (...) -- C:\Users\Marlindo\AppData\Local\Temp\Quarantine.exe   [344355]
    [MD5.00000000000000000000000000000000] [APT] [{18E3A08B-A6B1-4D9A-BE4A-46BF4B323329}] (...) -- E:\LGPCSuite\Setup.exe (.not file.)   [0]
    [MD5.00000000000000000000000000000000] [APT] [{2AD8E11B-24C7-4200-8C7D-98FB84C9C067}] (...) -- E:\DriverInstall_IncludeDX9.0c.exe (.not file.)   [0]
    [MD5.00000000000000000000000000000000] [APT] [{53ADC6F9-DAF0-4064-B940-FC16AFB6D913}] (...) -- E:\Ativador do windows 7\CRACK WIN7.exe (.not file.)   [0]   
    [MD5.00000000000000000000000000000000] [APT] [{8B6F4D31-7A2B-4B33-8317-C34644FA2530}] (...) -- E:\AP\DirectX\Setup.exe (.not file.)   [0]
    [MD5.AD6E810B9CE3D8C0C1FF0203C68C6FA6] [SPRF][16/07/2013] (.No owner - Setup/Uninstall.) -- C:\Users\Marlindo\AppData\Roaming\unins000.exe   [720082]
    [MD5.BF54A357AB751C3BE9259CF88E7A96C6] [WIS][17/02/2013] (.Iminent - Iminent.) -- C:\Windows\Installer\1a0b0d.msi   [10149888]  =>Adware.IMBooster
    G1 - GCS: Preference [User Data\Default] http://tuvaro.com =>Toolbar.Tuvaro
    M3 - MFPP: Plugins - [Marlindo] -- C:\Users\Marlindo\AppData\Roaming\Mozilla\Firefox\Profiles\vt1nux8a.default\searchplugins\tuvaro.xml =>Toolbar.Tuvaro
    M3 - MFPP: Plugins - [Marlindo] -- C:\Users\Marlindo\AppData\Roaming\Mozilla\Firefox\Profiles\vt1nux8a.default\searchplugins\utorrentbarpt-customized-web-search.xml =>Toolbar.Conduit
    O3 - Toolbar\WebBrowser: (no name) - [HKCU]{41545534-2D56-3700-76A7-7A786E7484D7} Chave orfã
    O41 - Driver:  (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
    O41 - Driver:  (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
    O41 - Driver:  (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
    O45 - LFCP:[MD5.A856903384A939C7C6FD95298A7D4D61] - 02/11/2013 - 19:13:52 ---A- - C:\Windows\Prefetch\SUNFLOWEROSD.EXE-E4AD21DF.pf
    O45 - LFCP:[MD5.3CAABDD28046880FCADB212C1A4AC8D4] - 02/11/2013 - 19:16:10 ---A- - C:\Windows\Prefetch\BAVTRAY.EXE-7A4A44F2.pf
    O45 - LFCP:[MD5.D4CA833075FCC91EA502D80B8A3A6513] - 02/11/2013 - 19:19:05 ---A- - C:\Windows\Prefetch\PCFBSREPORT.EXE-33CC7CBD.pf
    O45 - LFCP:[MD5.963D4EA8CEF322DDD02FFA78E025DE1A] - 02/11/2013 - 19:33:03 ---A- - C:\Windows\Prefetch\LEAKREPAIR.EXE-F000CCFB.pf
    O45 - LFCP:[MD5.79EBCCD3FC1FFB4A2D97A1990BF5325A] - 02/11/2013 - 19:33:04 ---A- - C:\Windows\Prefetch\FTEX.EXE-7D82C176.pf
    O45 - LFCP:[MD5.BF7EC7D9EFD915BED7FA0495D68D68A0] - 02/11/2013 - 19:33:04 ---A- - C:\Windows\Prefetch\LOGREPORTER.EXE-28896E2C.pf
    O45 - LFCP:[MD5.52037D7CAEC9FD11721FADF373F910AC] - 02/11/2013 - 20:23:44 ---A- - C:\Windows\Prefetch\CREXTPV4.EXE-486501C8.pf
    O45 - LFCP:[MD5.19339635C6BC65BAE7A6176314BB74F8] - 02/11/2013 - 20:23:44 ---A- - C:\Windows\Prefetch\V4MEDINT.EXE-1D410A2D.pf
    O45 - LFCP:[MD5.64F29BD96226E9F018BEF69F2B6B1576] - 02/11/2013 - 21:17:04 ---A- - C:\Windows\Prefetch\V4SRCHMN.EXE-CB520539.pf
    O45 - LFCP:[MD5.37D4DC9C2CB46A154E714B59E7689A07] - 02/11/2013 - 19:12:56 ---A- - C:\Windows\Prefetch\IMINENT.MESSENGERS.EXE-0CD6D400.pf  =>Adware.IMBooster
    O45 - LFCP:[MD5.3B75B57798F2562D54D10F066439CBEB] - 17/10/2013 - 15:50:20 ---A- - C:\Windows\Prefetch\IMINENT.EXE-75DD804E.pf  =>Adware.IMBooster
    O45 - LFCP:[MD5.2DB1904E2C5B0DB8A56084A4657A0899] - 06/10/2013 - 09:38:32 ---A- - C:\Windows\Prefetch\V4BRMON.EXE-99C43578.pf
    O45 - LFCP:[MD5.A5D257C31BDC630EB07BE3649A5CE93C] - 07/10/2013 - 08:29:58 ---A- - C:\Windows\Prefetch\WLRMDR.EXE-C2B47318.pf
    O45 - LFCP:[MD5.5C47204C0E9DFDFFD033D49888228792] - 15/10/2013 - 13:01:20 ---A- - C:\Windows\Prefetch\UPDATEMANAGER.EXE-7B0A8410.pf
    O45 - LFCP:[MD5.A3EE97C5FEEA984CB6162D24546A8D3F] - 24/10/2013 - 11:13:22 ---A- - C:\Windows\Prefetch\PCFASTER.EXE-A74C3EA3.pf
    O45 - LFCP:[MD5.8DD17AF3D695E5CE1AAFE451D3AC19A7] - 28/10/2013 - 20:30:14 ---A- - C:\Windows\Prefetch\APPLOGREPORTER.EXE-014A020C.pf
    O45 - LFCP:[MD5.EC5833D1351FA4BC403F110B3ADAEFF1] - 28/10/2013 - 20:35:26 ---A- - C:\Windows\Prefetch\APPSTORE_SYNC.EXE-F7300F08.pf
    O45 - LFCP:[MD5.4ABB75F3D44522BD1E4EB3C756E73835] - 29/10/2013 - 00:35:23 ---A- - C:\Windows\Prefetch\APPSTOREUTILEXE.EXE-42CED464.pf
    O45 - LFCP:[MD5.12F3DC3E2FC903EF7896B13928F060E7] - 29/10/2013 - 01:01:53 ---A- - C:\Windows\Prefetch\V4MEDINT.EXE-5FE99FE7.pf
    O45 - LFCP:[MD5.A97150240CE1177D84E781E5F7FFAD14] - 29/10/2013 - 01:01:54 ---A- - C:\Windows\Prefetch\SERVICELOCATOR.EXE-69FD153B.pf
    O45 - LFCP:[MD5.CAFDBC6552A76E155C426BE7539F7778] - 29/10/2013 - 01:01:57 ---A- - C:\Windows\Prefetch\TOOLBAR.EXE-A91844A1.pf
    O45 - LFCP:[MD5.B96FBF457F7BEE2F9A68C822D434F516] - 30/10/2013 - 15:27:49 ---A- - C:\Windows\Prefetch\UPDATEPOPUP.EXE-94628859.pf
    O45 - LFCP:[MD5.7B10BE507AFF59A88A3DD176BCC48424] - 30/10/2013 - 15:28:11 ---A- - C:\Windows\Prefetch\FTEX.EXE-C4709731.pf
    O45 - LFCP:[MD5.55E810529A61C067276306DCA2EF7E93] - 15/10/2013 - 13:02:14 ---A- - C:\Windows\Prefetch\APNMCP.EXE-3B6C9BED.pf   
    O45 - LFCP:[MD5.6AD652C4175C331BF135BB58AE41DBA0] - 30/10/2013 - 10:03:35 ---A- - C:\Windows\Prefetch\TBNOTIFIER.EXE-C54E61E5.pf   
    O51 - MPSK:{8c9b82a4-1c84-11e1-95c9-924deb5ca026}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)   
    O51 - MPSK:{c404deaa-9454-11e0-99e5-80ee73064f07}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)   
    O51 - MPSK:{c404deac-9454-11e0-99e5-80ee73064f07}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)   
    O51 - MPSK:{dc0821ea-9087-11e0-83b8-80ee73064f07}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)   
    O51 - MPSK:{dc08220a-9087-11e0-83b8-80ee73064f07}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)   
    O53 - SMSR:HKLM\...\startupreg\DictionaryBoss Browser Plugin Loader  [Key] . (...) -- C:\Program Files\DICTIO~2\bar\1.bin\v4brmon.exe (.not file.)
    O53 - SMSR:HKLM\...\startupreg\DictionaryBoss Search Scope Monitor  [Key] . (...) -- C:\Program Files\DICTIO~2\bar\1.bin\v4srchmn.exe (.not file.)
    O53 - SMSR:HKLM\...\startupreg\JavaUpdatecdy11  [Key] . (...) -- C:\systeam\JavaUpdatecdy11.cpl (.not file.)

    [HKCU\Software\tuvaro]   =>Toolbar.Tuvaro^
    [HKLM\Software\tuvaro]   =>Toolbar.Tuvaro^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A]   =>Adware.IMBooster
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]   =>Adware.BDSearch
    C:\Windows\Installer\1a0b0d.msi   =>Adware.IMBooster^

    firewallraz
    emptytemp
    emptyclsid


    |- Poste o relatório!

    A+

    Edvan

    Mensagens: 409
    Data de inscrição: 14/02/2013
    Idade: 34
    Localização: Natal/RN

    Re: Maquina super lenta; Log para analise

    Mensagem por Edvan em Seg Nov 04, 2013 12:12 pm

    Rapport de ZHPFix 2013.10.21.17 par Nicolas Coolman, Update du 21/10/2013
    Fichier d'export Registre :
    Run by Marlindo at 04/11/2013 11:10:57
    High Elevated Privileges : OK
    Windows 7 Ultimate Edition, 32-bit  (Build 7600)
    Reciclagem vazia (00mn 05s)
    ========== Processo memória ==========
    ELIMINÉ: Memory Process: C:\Users\Marlindo\AppData\Local\Temp\Quarantine.exe
    ELIMINÉ: Memory Process: C:\Users\Marlindo\AppData\Roaming\unins000.exe
    ========== Chaves do Registo ==========
    ELIMINÉ Driver Key: Bfilter
    ELIMINÉ Driver Key: Bfmon
    ELIMINÉ Driver Key: Bprotect
    ELIMINÉ CLSID MPSK: {8c9b82a4-1c84-11e1-95c9-924deb5ca026}
    ELIMINÉ CLSID MPSK: {c404deaa-9454-11e0-99e5-80ee73064f07}
    ELIMINÉ CLSID MPSK: {c404deac-9454-11e0-99e5-80ee73064f07}
    ELIMINÉ CLSID MPSK: {dc0821ea-9087-11e0-83b8-80ee73064f07}
    ELIMINÉ CLSID MPSK: {dc08220a-9087-11e0-83b8-80ee73064f07}
    ELIMINÉ:  StartupReg: DictionaryBoss Browser Plugin Loader
    ELIMINÉ:  StartupReg: DictionaryBoss Search Scope Monitor
    ELIMINÉ:  StartupReg: JavaUpdatecdy11
    ELIMINÉ: HKCU\Software\tuvaro
    ELIMINÉ: HKLM\Software\tuvaro
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
    ELIMINÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus
    ========== Valores do Registo ==========
    ELIMINÉ: Toolbar: {41545534-2D56-3700-76A7-7A786E7484D7}
    Ausente Valor Perfil Padrão: FirewallRaz :
    Ausente Valor Perfil Domínio FirewallRaz :
    ELIMINÉ: FirewallRaz (None) : {4515DBC7-CB94-4377-94B1-5924A8DD5517}
    ========== Preferências do navegador ==========
    AGORA Chrome File: C:\Users\Marlindo\AppData\Local\Google\Chrome\User Data\Default\Preferences
    ELIMINÉ Chrome Site: http://tuvaro.com
    ========== Pastas ==========
    Nenhuma pasta CLSID local utilizador vazia
    ========== Ficheiros ==========
    ELIMINÉ: C:\Windows\Installer\1a0b0d.msi
    ELIMINÉ: c:\users\marlindo\appdata\roaming\mozilla\firefox\profiles\vt1nux8a.default\searchplugins\tuvaro.xml
    ELIMINÉ: c:\users\marlindo\appdata\roaming\mozilla\firefox\profiles\vt1nux8a.default\searchplugins\utorrentbarpt-customized-web-search.xml
    ELIMINÉ: c:\windows\prefetch\sunflowerosd.exe-e4ad21df.pf
    ELIMINÉ: c:\windows\prefetch\bavtray.exe-7a4a44f2.pf
    ELIMINÉ: c:\windows\prefetch\pcfbsreport.exe-33cc7cbd.pf
    ELIMINÉ: c:\windows\prefetch\leakrepair.exe-f000ccfb.pf
    ELIMINÉ: c:\windows\prefetch\ftex.exe-7d82c176.pf
    ELIMINÉ: c:\windows\prefetch\logreporter.exe-28896e2c.pf
    ELIMINÉ: c:\windows\prefetch\crextpv4.exe-486501c8.pf
    ELIMINÉ: c:\windows\prefetch\v4medint.exe-1d410a2d.pf
    ELIMINÉ: c:\windows\prefetch\v4srchmn.exe-cb520539.pf
    ELIMINÉ: c:\windows\prefetch\iminent.messengers.exe-0cd6d400.pf
    ELIMINÉ: c:\windows\prefetch\iminent.exe-75dd804e.pf
    ELIMINÉ: c:\windows\prefetch\v4brmon.exe-99c43578.pf
    ELIMINÉ: c:\windows\prefetch\wlrmdr.exe-c2b47318.pf
    ELIMINÉ: c:\windows\prefetch\updatemanager.exe-7b0a8410.pf
    ELIMINÉ: c:\windows\prefetch\pcfaster.exe-a74c3ea3.pf
    ELIMINÉ: c:\windows\prefetch\applogreporter.exe-014a020c.pf
    ELIMINÉ: c:\windows\prefetch\appstore_sync.exe-f7300f08.pf
    ELIMINÉ: c:\windows\prefetch\appstoreutilexe.exe-42ced464.pf
    ELIMINÉ: c:\windows\prefetch\v4medint.exe-5fe99fe7.pf
    ELIMINÉ: c:\windows\prefetch\servicelocator.exe-69fd153b.pf
    ELIMINÉ: c:\windows\prefetch\toolbar.exe-a91844a1.pf
    ELIMINÉ: c:\windows\prefetch\updatepopup.exe-94628859.pf
    ELIMINÉ: c:\windows\prefetch\ftex.exe-c4709731.pf
    ELIMINÉ: c:\windows\prefetch\apnmcp.exe-3b6c9bed.pf
    ELIMINÉ: c:\windows\prefetch\tbnotifier.exe-c54e61e5.pf
    ELIMINÉ Temporários windows (0) (0 octets)
    ========== Tarefa planificada ==========
    ELIMINÉ: {18E3A08B-A6B1-4D9A-BE4A-46BF4B323329}
    ELIMINÉ: {2AD8E11B-24C7-4200-8C7D-98FB84C9C067}
    ELIMINÉ: {53ADC6F9-DAF0-4064-B940-FC16AFB6D913}
    ELIMINÉ: {8B6F4D31-7A2B-4B33-8317-C34644FA2530}

    ========== Recapitulativo ==========
    2 : Processo memória
    15 : Chaves do Registo
    4 : Valores do Registo
    1 : Pastas
    29 : Ficheiros
    2 : Preferências do navegador
    4 : Tarefa planificada

    End of clean in 00mn 31s
    ========== Caminho do ficheiro do relatório ==========
    C:\Users\Marlindo\AppData\Roaming\ZHP\ZHPFix[R1].txt - 04/11/2013 11:11:03 [4130]

    joram
    Admin

    Mensagens: 560
    Data de inscrição: 14/08/2012
    Idade: 61
    Localização: Rio de Janeiro

    Re: Maquina super lenta; Log para analise

    Mensagem por joram em Seg Nov 04, 2013 12:32 pm

    Boa Tarde! Edvan

    |- Baixe: < zoek > ( ... by Smeenk )

    |- Ou aqui! < zoek.exe >

    |- Salve-o no desktop!
    |- Desabilite seu antivírus!
    |- Para Windows 7,execute zoek.exe como administrador.

    hijackthis;
    iedefaults;
    chromelook;
    autoclean;
    emptyalltemp;


    |- Copie e cole estas informações,em vermelho,no campo da ferramenta.
    |- Clique "Run Script".

    Zoek.exe is running now.
    Do not start any browser windows, they will be closed automatically.
    Please wait! This window will close when finished.
    A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
    |- Surgirão estas informações,pedindo-lhe que aguarde o relatório.



    |- Aceite e/ou confirme o reboot!

    zoek.hta failed by unknown error.
    Restart computer, and try again.
    |- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
    |- Poste o relatório,que estará em C:\zoek-results.txt <<

    A+

    Edvan

    Mensagens: 409
    Data de inscrição: 14/02/2013
    Idade: 34
    Localização: Natal/RN

    Re: Maquina super lenta; Log para analise

    Mensagem por Edvan em Seg Nov 04, 2013 3:12 pm

    Zoek.exe Version 4.0.0.5 Updated 26-October-2013
    Tool run by Marlindo on 04/11/2013 at 11:39:36,54.
    Microsoft Windows 7 Ultimate  6.1.7600  x86
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Users\Marlindo\Desktop\zoek\zoek.scr [Script inserted]
    ==== System Restore Info ======================
    04/11/2013 11:50:01 Zoek.exe System Restore Point Created Succesfully.
    ==== Deleting CLSID Registry Keys ======================

    ==== Deleting CLSID Registry Values ======================

    ==== Deleting Services ======================

    ==== Deleting Files \ Folders ======================
    C:\Windows\system32\config\systemprofile\AppData\Roaming\DealPly deleted
    C:\ProgramData\FileSplitUpLoad.dll deleted
    C:\Windows\Installer\{118D6CE9-5F18-42F9-958A-14676A629FDE} deleted
    ==== Firefox Extensions Registry ======================
    [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
    "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [03/11/2013 10:39]
    [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
    "{87F8774F-B485-47E2-A755-A40A8A5E886C}"="C:\Users\Marlindo\AppData\Local\GAS Tecnologia\GBBD\bb\xpi" [29/07/2013 20:08]
    ==== Firefox Extensions ======================
    ProfilePath: C:\Users\Marlindo\AppData\Roaming\Mozilla\Firefox\Profiles\vt1nux8a.default
    - Undetermined - %ProfilePath%\extensions\v4ffxtbr@DictionaryBoss.com
    AppDir: C:\Program Files\Mozilla Firefox
    - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    ==== Firefox Plugins ======================
    Profilepath: C:\Users\Marlindo\AppData\Roaming\Mozilla\Firefox\Profiles\vt1nux8a.default
    DF75FC32D3EB681B6FE7C092D6FC4695 - C:\Users\Marlindo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll - Módulo de Proteção - Banco do Brasil
    A5C14075B571AF1C9592595BE724D9D2 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In
    69505F9C479C4FF95621C3E1A7B6E5CE - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
    D1CC5365F151777DF447242E476796BA - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
    DE3745A51B7AC7FEDC356A83F76C8023 - C:\Windows\system32\Macromed\Flash\NPSWF32.dll - Shockwave Flash
    E7838D22B19B9C121AAF93E282256586 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
    01F0264937036BD962563F1ADF35CE72 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll - RealPlayer Version Plugin
    2AA3703D87E1327A2290C9D416D89A28 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight

    ==== Chrome Look ======================
    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
    mdebcffgnijbblbinknkbefciofebcda - C:\Users\Marlindo\AppData\Local\CRE\mdebcffgnijbblbinknkbefciofebcda.crx[]
    omgjkafaoidbgamjoklhaiiciahohkbh - C:\Program Files\tuvaro\tuvaro\1.8.12.0\tuvaro.crx[]
    HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
    mdebcffgnijbblbinknkbefciofebcda - C:\Users\Marlindo\AppData\Local\CRE\mdebcffgnijbblbinknkbefciofebcda.crx[]

    ==== Chrome Fix ======================
    C:\Users\Marlindo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdebcffgnijbblbinknkbefciofebcda deleted successfully
    ==== Set IE to Default ======================
    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.google.com"
    "Start Page Before"="http://www.google.com"
    "Search Page"="http://www.google.com"
    "Search Page Before"="http://www.google.com"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.google.com"
    "Default_Page_URL"="http://www.google.com"
    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page Before"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Start Page"="http://www.google.com"
    "Start Page Before"="http://www.google.com"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
    "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    ==== All HKCU SearchScopes ======================
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
    ==== Deleting Registry Keys ======================
    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\omgjkafaoidbgamjoklhaiiciahohkbh deleted successfully
    HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update deleted successfully
    ==== HijackThis Entries ======================
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll
    O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    O4 - HKCU\..\Run: [uTorrent] "C:\Users\Marlindo\Desktop\uTorrent.exe"  /MINIMIZED
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
    O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
    O15 - Trusted Zone: www.bancobrasil.com.br
    O15 - Trusted Zone: www14.bancobrasil.com.br
    O15 - Trusted Zone: www2.bancobrasil.com.br
    O15 - Trusted Zone: www.bb.com.br
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MIF5BA~1\Office12\GRA32A~1.DLL
    O20 - Winlogon Notify:  GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8da98c8ea4b9eb25\STacSV.exe
    O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
    ==== Empty IE Cache ======================
    C:\Users\Marlindo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Marlindo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
    ==== Empty FireFox Cache ======================
    No FireFox Cache found
    ==== Empty Chrome Cache ======================
    C:\Users\Marlindo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
    ==== Empty All Flash Cache ======================
    Flash Cache Emptied Successfully
    ==== Empty All Java Cache ======================
    No Java Cache Found
    ==== After Reboot ======================
    ==== Empty Temp Folders ======================
    C:\Windows\Temp successfully emptied
    C:\Users\Marlindo\AppData\Local\Temp successfully emptied
    ==== Empty Recycle Bin ======================
    C:\$RECYCLE.BIN successfully emptied
    ==== Deleting Files / Folders ======================
    "C:\Users\Marlindo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
    "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
    "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
    ==== EOF on 04/11/2013 at 14:08:50,86 ======================

    joram
    Admin

    Mensagens: 560
    Data de inscrição: 14/08/2012
    Idade: 61
    Localização: Rio de Janeiro

    Re: Maquina super lenta; Log para analise

    Mensagem por joram em Seg Nov 04, 2013 11:05 pm

    Boa Noite! Edvan

    |- Copie e cole estas informações,em vermelho,no campo da ferramenta Zoek.
    |- Clique "Run Script".

    omgjkafaoidbgamjoklhaiiciahohkbh;chr
    C:\Program Files\tuvaro\tuvaro\1.8.12.0\tuvaro.crx;fs
    C:\Program Files\tuvaro\tuvaro\1.8.12.0;f
    C:\Program Files\tuvaro\tuvaro;f
    C:\Program Files\tuvaro;f
    chromelook;
    emptyalltemp;

    |- Poste o relatório!

    A+

    Edvan

    Mensagens: 409
    Data de inscrição: 14/02/2013
    Idade: 34
    Localização: Natal/RN

    Re: Maquina super lenta; Log para analise

    Mensagem por Edvan em Ter Nov 05, 2013 9:46 am

    Algum programa bom para melhorar o boot na inicialização amigo?


    Zoek.exe Version 4.0.0.5 Updated 05-November-2013
    Tool run by Marlindo on 05/11/2013 at  8:32:12,20.
    Microsoft Windows 7 Ultimate  6.1.7600  x86
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Users\Marlindo\Desktop\zoek\zoek.com [Script inserted]
    ==== Older Logs ======================
    C:\zoek-results2013-11-04-170850.log 11578 bytes
    ==== Deleting Files \ Folders ======================
    C:\Program Files\tuvaro\tuvaro\1.8.12.0\tuvaro.crx not found
    "C:\Program Files\tuvaro\tuvaro\1.8.12.0" not found
    "C:\Program Files\tuvaro\tuvaro" not found
    "C:\Program Files\tuvaro" not found
    ==== Chrome Look ======================

    ==== Empty IE Cache ======================
    C:\Users\Marlindo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Marlindo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
    ==== Empty FireFox Cache ======================
    C:\Users\Marlindo\AppData\Local\Mozilla\Firefox\Profiles\vt1nux8a.default\Cache will be emptied at reboot
    ==== Empty Chrome Cache ======================
    C:\Users\Marlindo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
    ==== Empty All Flash Cache ======================
    Flash Cache Emptied Successfully
    ==== Empty All Java Cache ======================
    No Java Cache Found
    ==== After Reboot ======================
    ==== Empty Temp Folders ======================
    C:\Windows\Temp successfully emptied
    C:\Users\Marlindo\AppData\Local\Temp successfully emptied
    ==== Empty Recycle Bin ======================
    C:\$RECYCLE.BIN successfully emptied
    ==== Deleting Files / Folders ======================
    "C:\Users\Marlindo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
    "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
    "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
    ==== EOF on 05/11/2013 at  8:44:15,62 ======================

    joram
    Admin

    Mensagens: 560
    Data de inscrição: 14/08/2012
    Idade: 61
    Localização: Rio de Janeiro

    Re: Maquina super lenta; Log para analise

    Mensagem por joram em Ter Nov 05, 2013 10:05 am

    Bom Dia! Edvan

    |- Baixe: |DelFix| ( ... de Xplode )



    |- Estando na página,clique na seta verde para o download.
    |- Salve-a em um local conveniente! ( desktop! )
    |- Feche aplicativos que estejam abertos.



    |- Execute-a!
    |- Com as 3 checkbox marcadas!
    |- Clique "Run".

    -/-

    |- Baixe: < JetClean 1.5.0 > ( ... by BlueSprig.com )

    < Maiores informações! > << Leia aqui!

    |- Salve-o em Arquivos de programas. ( jetclean-setup.exe )



    |- Instale o software e na guia "1-Click",escolha a opção "Registry Clean".
    |- Vá em "Scan Now" e escolha: Shut down PC after Repair



    |- Ou escolhendo a opção "Scan & Repair",sem o reboot do PC.

    < JetBoost >



    |- À seguir,tente melhorar a performance com o JetBoost.

    A+

    Edvan

    Mensagens: 409
    Data de inscrição: 14/02/2013
    Idade: 34
    Localização: Natal/RN

    Re: Maquina super lenta; Log para analise

    Mensagem por Edvan em Ter Nov 05, 2013 10:14 am

     Valeu amigo, obrigado por mais essa força!

    # DelFix v10.5 - Logfile created 05/11/2013 at 09:12:58
    # Updated 17/10/2013 by Xplode
    # Username : Marlindo - MARLINDO-PC
    # Operating System : Windows 7 Ultimate  (32 bits)
    ~ Removing disinfection tools ...
    Deleted : C:\AdwCleaner
    Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
    Deleted : C:\Program Files\ZHPDiag
    Deleted : C:\Program Files\Hijackthis
    Deleted : C:\PhysicalDisk0_MBR.bin
    Deleted : C:\zoek-results.log
    Deleted : C:\zoek-results2013-11-04-170850.log
    Deleted : C:\Users\Marlindo\Desktop\AdwCleaner[S0].txt
    Deleted : C:\Users\Marlindo\Desktop\JRT.exe
    Deleted : C:\Users\Marlindo\Desktop\JRT.txt
    Deleted : C:\Users\Marlindo\Desktop\ZHPDiag.lnk
    Deleted : C:\Users\Marlindo\Desktop\ZHPDiag.txt
    Deleted : C:\Users\Marlindo\Desktop\ZHPDiag2.exe
    Deleted : C:\Users\Marlindo\Desktop\ZHPFix.lnk
    Deleted : C:\Users\Marlindo\Desktop\ZHPFixReport.txt
    Deleted : C:\Users\Marlindo\Desktop\zoek.rar
    Deleted : HKLM\SOFTWARE\AdwCleaner
    Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
    Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
    ~ Cleaning system restore ...
    Deleted : RP #90 [Windows Update | 11/04/2013 14:53:12]
    Deleted : RP #91 [Windows Update | 11/04/2013 17:16:48]
    New restore point created !
    ~ Resetting system settings ... OK
    ########## - EOF - ##########

    joram
    Admin

    Mensagens: 560
    Data de inscrição: 14/08/2012
    Idade: 61
    Localização: Rio de Janeiro

    Re: Maquina super lenta; Log para analise

    Mensagem por joram em Ter Nov 05, 2013 10:44 am

    CASO RESOLVIDO!

    Necessitando novo auxílio para este computador,basta abrir "Novo Tópico" e relatar o problema.

      Data/hora atual: Qua Out 01, 2014 2:55 am