Fórum SecSecurity

Implementando Limpeza e Seguranca em seu computador!

Palavras chave

Últimos assuntos

» ResetBrowser ( ... de Nicolas Coolman )
Ter Maio 31, 2016 5:58 am por joram

» herdProtectScan ( ... by herdprotect.com )
Seg Mar 07, 2016 10:58 pm por joram

» Emsisoft Emergency Kit ( ... by Emsisoft.com )
Dom Fev 28, 2016 5:40 am por joram

» Dr.WEB Link Checker ( ... by Doctor Web.Ltd )
Qui Fev 11, 2016 9:51 am por joram

» Computador com erros no navegador
Sab Ago 29, 2015 8:04 pm por joram

» Justiça determina que PSafe retire alertas desleais
Qua Ago 19, 2015 6:58 am por joram

» Google vai fazer buscas offline internas no desktop do seu PC
Ter Ago 18, 2015 8:19 am por joram

» Baidu lança buscador no Brasil!
Seg Ago 17, 2015 12:25 pm por joram

» Kaspersky é acusada de inventar vírus!
Sex Ago 14, 2015 3:32 pm por joram

Dezembro 2016

SegTerQuaQuiSexSabDom
   1234
567891011
12131415161718
19202122232425
262728293031 

Calendário Calendário

Parceiros

Fórum grátis

Os membros mais marcados


    Netebook muito lento, log para analise.

    Compartilhe

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Netebook muito lento, log para analise.

    Mensagem por Edvan em Qui Dez 26, 2013 9:08 am

    usei nesse netebook uma versão antiga do ZHPDiag => v2013.7.13.25.


    Como já tinha aqui nos meus arquivos essa versão, nao quis mais baixar a versão atual.


    Log para analise [Você precisa estar registrado e conectado para ver este link.]

    # AdwCleaner v3.016 - Reporte Creado 26/12/2013 en 10:36:54
    # Actualizado 23/12/2013 por Xplode
    # Sistema Operativo : Windows 7 Starter Service Pack 1 (32 bits)
    # Nombre de usuario : Dores - DORES-PC
    # Ejecutado desde : C:\Users\Dores\Downloads\adwcleaner.exe
    # Opción : Limpiar

    ***** [ Servicios ] *****

    [#] Servicio Borrar : bonanzadealslive
    [#] Servicio Borrar : bonanzadealslivem
    Servicio Borrar : desksvc
    Servicio Borrar : Wpm

    ***** [ Archivos / Carpetas ] *****

    Carpeta Borrar : C:\ProgramData\Ask
    Carpeta Borrar : C:\ProgramData\Babylon
    Carpeta Borrar : C:\ProgramData\baidu
    Carpeta Borrar : C:\ProgramData\BonanzaDealsLive
    Carpeta Borrar : C:\ProgramData\boost_interprocess
    Carpeta Borrar : C:\ProgramData\Partner
    Carpeta Borrar : C:\ProgramData\SweetIM
    Carpeta Borrar : C:\ProgramData\WPM
    Carpeta Borrar : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365
    Carpeta Borrar : C:\Program Files\Ask.com
    Carpeta Borrar : C:\Program Files\BonanzaDeals
    Carpeta Borrar : C:\Program Files\BonanzaDealsLive
    Carpeta Borrar : C:\Program Files\Claro
    Carpeta Borrar : C:\Program Files\Conduit
    Carpeta Borrar : C:\Program Files\DealPly
    Carpeta Borrar : C:\Program Files\Desk 365
    Carpeta Borrar : C:\Program Files\iSafe
    Carpeta Borrar : C:\Program Files\Mobogenie
    Carpeta Borrar : C:\Program Files\SweetIM
    Carpeta Borrar : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
    Carpeta Borrar : C:\Users\Dores\AppData\Local\apn
    Carpeta Borrar : C:\Users\Dores\AppData\Local\BonanzaDealsLive
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Conduit
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Mobogenie
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Temp\AskSearch
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Temp\BabylonToolbar
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Temp\boost_interprocess
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Temp\Desk365
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Temp\Iminent
    Carpeta Borrar : C:\Users\Dores\AppData\LocalLow\AskToolbar
    Carpeta Borrar : C:\Users\Dores\AppData\LocalLow\BabylonToolbar
    Carpeta Borrar : C:\Users\Dores\AppData\LocalLow\Conduit
    Carpeta Borrar : C:\Users\Dores\AppData\LocalLow\Funmoods
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\Babylon
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\baidu
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\DealPly
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\Desk 365
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\DSite
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\iSafe
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\OpenCandy
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
    Carpeta Borrar : C:\Users\Dores\Documents\Mobogenie
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
    Archivo Borrar : C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
    Archivo Borrar : C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
    Archivo Borrar : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
    Archivo Borrar : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
    Archivo Borrar : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
    Archivo Borrar : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
    Archivo Borrar : C:\Windows\System32\Tasks\BonanzaDealsUpdate
    Archivo Borrar : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
    Archivo Borrar : C:\Windows\Tasks\DSite.job
    Archivo Borrar : C:\Windows\System32\Tasks\DSite
    Archivo Borrar : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

    ***** [ Accesos directos ] *****

    Acceso directo Desinfectado : C:\Users\Dores\Desktop\Google Chrome.lnk
    Acceso directo Desinfectado : C:\Users\Dores\Desktop\Internet Explorer.lnk
    Acceso directo Desinfectado : C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    Acceso directo Desinfectado : C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
    Acceso directo Desinfectado : C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
    Acceso directo Desinfectado : C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    Acceso directo Desinfectado : C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

    ***** [ Registro ] *****

    Clave Borrar : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
    Clave Borrar : HKLM\SOFTWARE\Google\Chrome\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
    Clave Borrar : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
    Clave Borrar : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FFE00783-C944-4C28-B0DA-C406921E06EA}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFE00783-C944-4C28-B0DA-C406921E06EA}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5566C26F-8A7A-4F90-A367-F4361104BFD9}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5566C26F-8A7A-4F90-A367-F4361104BFD9}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6539E018-86F8-4FFD-B6F1-6960F67B1EE3}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6539E018-86F8-4FFD-B6F1-6960F67B1EE3}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E6400E0-1CB0-413E-BEFE-4436BC94074E}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E6400E0-1CB0-413E-BEFE-4436BC94074E}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CD3BA658-6C09-41A9-8BE4-97A359B40D56}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD3BA658-6C09-41A9-8BE4-97A359B40D56}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{587FD12C-15C6-4086-937B-9D3555E8FE5A}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{587FD12C-15C6-4086-937B-9D3555E8FE5A}
    Valor Borrar : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
    Valor Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Desk 365]
    Valor Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
    Clave Borrar : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
    Clave Borrar : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
    Clave Borrar : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
    Clave Borrar : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
    Clave Borrar : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
    Clave Borrar : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
    Clave Borrar : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
    Clave Borrar : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
    Clave Borrar : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
    Clave Borrar : HKLM\SOFTWARE\Classes\Prod.cap
    Clave Borrar : HKLM\SOFTWARE\Classes\sim-packages
    Clave Borrar : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
    Clave Borrar : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
    Clave Borrar : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
    Clave Borrar : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
    Clave Borrar : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
    Clave Borrar : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
    Valor Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
    Valor Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
    Valor Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
    Valor Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
    Valor Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
    Clave Borrar : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
    Clave Borrar : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
    Clave Borrar : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
    Clave Borrar : HKLM\SOFTWARE\Classes\Toolbar.CT2233703
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_microsoft-office-2010 (1)_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_microsoft-office-2010 (1)_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_microsoft-office-2010_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_microsoft-office-2010_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_spotify_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_spotify_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
    Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
    Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
    Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
    Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
    Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
    Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    Valor Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Valor Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
    Valor Borrar : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Valor Borrar : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
    Datos Restaurado : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
    Datos Restaurado : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
    Clave Borrar : HKCU\Software\APN
    Clave Borrar : HKCU\Software\Ask.com
    Clave Borrar : HKCU\Software\BabylonToolbar
    Clave Borrar : HKCU\Software\BonanzaDealsLive
    Clave Borrar : HKCU\Software\Conduit
    Clave Borrar : HKCU\Software\Cr_Installer
    Clave Borrar : HKCU\Software\dsiteproducts
    Clave Borrar : HKCU\Software\InstallCore
    Clave Borrar : HKCU\Software\Softonic
    Clave Borrar : HKCU\Software\AppDataLow\Software\AskToolbar
    Clave Borrar : HKCU\Software\AppDataLow\Software\Conduit
    Clave Borrar : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Clave Borrar : HKCU\Software\AppDataLow\Software\Crossrider
    Clave Borrar : HKCU\Software\AppDataLow\Software\PriceGong
    Clave Borrar : HKLM\Software\APN
    Clave Borrar : HKLM\Software\AskToolbar
    Clave Borrar : HKLM\Software\Babylon
    Clave Borrar : HKLM\Software\BonanzaDealsLive
    Clave Borrar : HKLM\Software\Conduit
    Clave Borrar : HKLM\Software\Desksvc
    Clave Borrar : HKLM\Software\hdcode
    Clave Borrar : HKLM\Software\Iminent
    Clave Borrar : HKLM\Software\nationzoomSoftware
    Clave Borrar : HKLM\Software\SimplyGen
    Clave Borrar : HKLM\Software\supWPM
    Clave Borrar : HKLM\Software\Trymedia Systems
    Clave Borrar : HKLM\Software\V9
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B58EF61-85F2-4977-97A5-84C19F926579}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza Deals
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\16FE85B52F587794795A481CF9295697
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\758F5690DAAD39F40845E0E23C8C5C0B
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clave Borrar : HKLM\Software\Classes\Installer\Features\16FE85B52F587794795A481CF9295697
    Clave Borrar : HKLM\Software\Classes\Installer\Features\758F5690DAAD39F40845E0E23C8C5C0B
    Clave Borrar : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
    Clave Borrar : HKLM\Software\Classes\Installer\Products\16FE85B52F587794795A481CF9295697
    Clave Borrar : HKLM\Software\Classes\Installer\Products\758F5690DAAD39F40845E0E23C8C5C0B
    Clave Borrar : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

    ***** [ Navegadores ] *****

    -\\ Internet Explorer v11.0.9600.16428

    Ajustes Restaurar : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
    Ajustes Restaurar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
    Ajustes Restaurar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
    Ajustes Restaurar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
    Ajustes Restaurar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

    -\\ Google Chrome v

    [ Archivo : C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Borrar : urls_to_restore_on_startup

    *************************

    AdwCleaner[R0].txt - [38957 octets] - [26/12/2013 10:32:08]
    AdwCleaner[S0].txt - [35916 octets] - [26/12/2013 10:36:54]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [35977 octets] ##########



    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 4.8.9 (04.22.2013:1)
    OS: Windows 7 Starter x86
    Ran by Dores on 26/12/2013 at 11:13:33,59
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1152263182-3115943368-347561778-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5464923E-3981-4204-98A4-5D94F45F65E4}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E16642D5-378D-4443-AB79-BAC0E4038EC9}
    Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\120dfadeb50841f408f04d2a278f9509" 



    ~~~ Files



    ~~~ Folders

    Successfully deleted: [Empty Folder] C:\Users\Dores\appdata\local\{1DEAD05A-4B41-46BC-89E2-8A8A45E6D8BC}
    Successfully deleted: [Empty Folder] C:\Users\Dores\appdata\local\{28CC2B9A-5477-4507-889E-D0B9CEBC4DBA}
    Successfully deleted: [Empty Folder] C:\Users\Dores\appdata\local\{660DE14F-1F31-412A-A693-F60A2D70CB4F}
    Successfully deleted: [Empty Folder] C:\Users\Dores\appdata\local\{8993B845-BC83-4910-8E5F-879EADA4D800}
    Successfully deleted: [Empty Folder] C:\Users\Dores\appdata\local\{AEFDB44E-FD63-429B-A5F5-0951E46D1A2F}
    Successfully deleted: [Empty Folder] C:\Users\Dores\appdata\local\{DE8661F4-1B7F-470A-AB0A-94871155B57E}



    ~~~ Chrome

    Successfully deleted: [Registry Key] hkey_current_user\software\policies\google\chrome\extensioninstallforcelist



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 26/12/2013 at 11:20:06,50
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Netebook muito lento, log para analise.

    Mensagem por joram em Qui Dez 26, 2013 2:11 pm

    Boa Tarde! Edvan

    |- Desinstale: C:\Program Files\Baidu Security <<

    -/-

    |- Execute este script na ferramenta zhpfix.

    script zhpfix
    SR - | Auto 18/12/2013 678384 |  (PCFasterSvc_{PCFaster_4.0.0.0}) . (.Baidu Inc..) - C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
    [MD5.5299CB55E92FE88D2E5F0C453285EB61] - (.Baidu Inc. - PC Faster Tray.) -- C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PcfTray.exe   [1300672] [PID.2284]
    [MD5.8768E55FC27B3933D1CF2DB8B0C924A2] [APT] [Baidu PC Faster Update] (.Baidu Inc..) -- C:\Program Files\Baidu Security\PC Faster\4.0.0.0\Updater.exe   [1154032]
    G0 - GCSP: Preference [User Data\Default][HomePage] [Você precisa estar registrado e conectado para ver este link.]
    O4 - HKLM\..\Run: [Baidu PC Faster 4.0.0.0] . (.Baidu Inc. - PC Faster.) -- C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe
    O4 - GS\TaskBar: Skype (2).lnk . (...)  -- C:\Windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe (.not file.)
    O4 - GS\TaskBar: Skype (3).lnk . (...)  -- C:\Windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe (.not file.)
    O4 - GS\TaskBar: Skype (4).lnk . (...)  -- C:\Windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe (.not file.)
    O4 - GS\TaskBar: Skype (6).lnk . (...)  -- C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe (.not file.)
    O4 - GS\TaskBar: Skype (7).lnk . (...)  -- C:\Windows\Installer\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}\SkypeIcon.exe
    O4 - GS\TaskBar: Skype.lnk . (...)  -- C:\Windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe (.not file.)
    O4 - GS\QuickLaunch: Hao123.lnk . (...)  -- C:\Users\Dores\AppData\Roaming\Baidu\hao123-br\hao123.1.0.0.1106.exe (.not file.)
    O4 - GS\SendTo: Desk 365.lnk . (...)  -- C:\Program Files\Desk 365\desk365.exe (.not file.)  =>Hijacker.22Find
    O4 - GS\Desktop: DORES-PC - Acceso directo (2).lnk - Orphean Key
    O4 - GS\Desktop: RecentPlaces.lnk - Orphean Key
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -- Orphean Key
    O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) . (.Baidu Inc. - Baidu PC Faster Service.) - C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
    O41 - Driver:  (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
    O41 - Driver:  (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
    O41 - Driver:  (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
    O41 - Driver:  (BprotectEx) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\BprotectEx.sys
    O41 - Driver:  (iSafeNetFilter) . (. - .) - C:\Program Files\iSafe\iSafeNetFilter.sys (.not file.)
    O42 - Logiciel: Baidu PC Faster - (.Baidu, Inc..) [HKLM] -- Baidu PC Faster 4.0.0.0
    O42 - Logiciel: Hao123-Client - (.Baidu Online Network Technology (Beijing) Co., Ltd..) [HKCU] -- hao123desk-br
    O42 - Logiciel: YAC - (.ELEX DO BRASIL PARTICIPAÇÕES LTDA.) [HKLM] -- iSafe
    O43 - CFD: 24/12/2013 - 12:13:08 - [79,204] ----D C:\Program Files\Baidu Security
    O43 - CFD: 24/12/2013 - 12:27:27 - [0,005] ----D C:\ProgramData\Baidu Security
    O43 - CFD: 24/12/2013 - 12:13:07 - [0,002] ----D C:\Users\Dores\AppData\Roaming\Baidu Security
    O43 - CFD: 24/12/2013 - 12:19:26 - [0,003] ----D C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil
    O51 - MPSK:{d266611b-0eab-11e0-9e97-00262276f012}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
    O51 - MPSK:{d266612a-0eab-11e0-9e97-00262276f012}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
    O64 - Services: CurCS - ??\??\???? - Unknown owner (Bfilter)  .(...) - LEGACY_BFILTER
    O64 - Services: CurCS - ??\??\???? - Unknown owner (Bfmon)  .(...) - LEGACY_BFMON
    O64 - Services: CurCS - 18/12/2013 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase)  .(.Baidu, Inc. - Baidu Antivirus Hook Base.) - LEGACY_BHBASE
    O64 - Services: CurCS - ??\??\???? - Unknown owner (Bprotect)  .(...) - LEGACY_BPROTECT
    O64 - Services: CurCS - 18/12/2013 - C:\Windows\system32\drivers\BprotectEx.sys (BprotectEx)  .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BPROTECTEX
    O64 - Services: CurCS - ??\??\???? - Unknown owner (iSafeNetFilter)  .(...) - LEGACY_ISAFENETFILTER
    O64 - Services: CurCS - 18/12/2013 - C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys (PCFApiUtil)  .(.Baidu, Inc. - Baidu Antivirus BdApi Driver.) - LEGACY_PCFAPIUTIL
    [HKCU\Software\Baidu Security]
    [HKCU\Software\BonanzaDeals]
    [HKLM\Software\Baidu Security]
    [HKLM\Software\Baidu_Drp_pos]
    [HKLM\Software\BonanzaDeals]
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
    [HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
    [HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
    [HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
    [HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}] =>PUP.CrossRider
    [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011221158}] =>PUP.CrossRider
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus] =>Adware.BDSearch
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0] =>Adware.BDSearch
    [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}] =>PUP.CrossRider
    C:\Users\Dores\AppData\Local\Temp\Shortcut_sweetimsetup.exe =>PUP.SweetIM
    C:\Users\Dores\AppData\Local\Temp\SweetIESetup.exe.7z =>PUP.SweetIM
    C:\Users\Dores\AppData\Local\Temp\SweetIMSetup.exe.7z =>PUP.SweetIM
    C:\Users\Dores\AppData\Local\Temp\SIMEEIInstaller.exe =>PUP.SweetIM
    C:\Users\Dores\AppData\Local\Temp\GoogleToolbarInstaller1.log =>Toolbar.Babylon
    C:\Users\Dores\AppData\Local\Temp\tb4sh0.dll =>Toolbar.Conduit
    C:\Program Files\Baidu Security\PC Faster\4.0.0.0\Updater.exe
    emptytemp
    firewallraz
    emptyclsid


    |- Poste o relatório ao concluir!

    Abs!

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Netebook muito lento, log para analise.

    Mensagem por Edvan em Qui Dez 26, 2013 2:51 pm

    Boa tarde amigo!

    Você vê alguns vestígios de programa espião ou keylogger nos logs?

    Rapport de ZHPFix 2013.6.12.3 par Nicolas Coolman, Update du 12/06/2013
    Fichier d'export Registre : 
    Run by Dores at 26/12/2013 17:33:37
    High Elevated Privileges : OK
    Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)

    Recycle Files Deleted

    ========== Software ==========
    NOT FOUND Software Key: Baidu PC Faster 4.0.0.0
    NOT FOUND Uninstall Process: c:\users\dores\appdata\roaming\baidu\hao123-br\hao123.1.0.0.1106.exe
    NOT FOUND Uninstall Process: c:\program files\isafe\uninstall.exe

    ========== Memory Process ==========
    DELETED Memory Process: C:\Users\Dores\AppData\Local\Temp\Shortcut_sweetimsetup.exe
    DELETED Memory Process: C:\Users\Dores\AppData\Local\Temp\SweetIESetup.exe.7z
    DELETED Memory Process: C:\Users\Dores\AppData\Local\Temp\SweetIMSetup.exe.7z
    DELETED Memory Process: C:\Users\Dores\AppData\Local\Temp\SIMEEIInstaller.exe

    ========== Memory Module ==========
    DELETED Memory Module: C:\Users\Dores\AppData\Local\Temp\tb4sh0.dll

    ========== Registry Key ==========
    DELETED [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br]
    DELETED [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe]
    NOT FOUND Key: Service: PCFasterSvc_{PCFaster_4.0.0.0}
    DELETED Key: CLSID Extra Buttons: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}
    DELETED Driver Key: Bfilter
    DELETED Driver Key: Bfmon
    DELETED Driver Key: Bprotect
    DELETED Driver Key: BprotectEx
    DELETED Driver Key: iSafeNetFilter
    DELETED CLSID MPSK: {d266611b-0eab-11e0-9e97-00262276f012}
    DELETED CLSID MPSK: {d266612a-0eab-11e0-9e97-00262276f012}
    ERROR Key: Service Legacy: LEGACY_BFILTER
    ERROR Key: Service Legacy: LEGACY_BFMON
    ERROR Key: Service Legacy: LEGACY_BHBASE
    ERROR Key: Service Legacy: LEGACY_BPROTECT
    ERROR Key: Service Legacy: LEGACY_BPROTECTEX
    ERROR Key: Service Legacy: LEGACY_ISAFENETFILTER
    ERROR Key: Service Legacy: LEGACY_PCFAPIUTIL
    DELETED Key: HKCU\Software\Baidu Security
    DELETED Key: HKCU\Software\BonanzaDeals
    DELETED Key: HKLM\Software\Baidu Security
    DELETED Key: HKLM\Software\Baidu_Drp_pos
    DELETED Key: HKLM\Software\BonanzaDeals
    DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    DELETED Key: HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    DELETED Key: HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    DELETED Key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    DELETED Key: HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32
    DELETED Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}
    DELETED Key: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011221158}
    DELETED Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus
    NOT FOUND Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0
    DELETED Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}

    ========== Registry Value ==========
    NOT FOUND RunValue: Baidu PC Faster 4.0.0.0
    No Value in Standard Profile Register Key FirewallRaz : 
    No Value in Domain Profile Register Key FirewallRaz : 
    DELETED FirewallRaz (None) : {66D6176D-58FD-40CF-AE9A-75170FC692C7}
    DELETED FirewallRaz (None) : {C435DEB1-9112-41D3-8348-163A04C0CAE4}
    DELETED FirewallRaz (Public) : {D29EA5C1-70C7-4EEB-8F9D-F64D6D0F00D6}
    DELETED FirewallRaz (Public) : {7176B886-5E35-4D78-92DB-6122C59E1816}

    ========== Browser Profiles ==========
    FOUND Chrome File: C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Preferences
    DELETED Chrome Site: [Você precisa estar registrado e conectado para ver este link.]
    DELETED Chrome Site: [Você precisa estar registrado e conectado para ver este link.]
    DELETED Chrome Site: [Você precisa estar registrado e conectado para ver este link.]
    DELETED Chrome Site: [Você precisa estar registrado e conectado para ver este link.]

    ========== Repertory ==========
    No Empty CLSID Directories

    ========== File ==========
    NOT FOUND File: c:\program files\baidu security\pc faster\4.0.0.0\pcfastersvc.exe
    NOT FOUND Folder/File: c:\program files\baidu security\pc faster\4.0.0.0\pcftray.exe
    NOT FOUND Folder/File: c:\program files\baidu security\pc faster\4.0.0.0\updater.exe
    NOT FOUND File: c:\program files\baidu security\pc faster\4.0.0.0\pcfaster.exe
    DELETED File: c:\users\dores\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\skype (2).lnk 
    NOT FOUND File: c:\windows\installer\{aa59dde4-b672-4621-a016-4c248204957a}\skypeicon.exe
    NOT FOUND File: c:\windows\installer\{ee7257a2-39a2-4d2f-9dac-f9f25b8ae1d8}\skypeicon.exe
    DELETED File: c:\windows\installer\{ea17f4fc-fdbf-4cf8-a529-2d983132d053}\skypeicon.exe 
    DELETED File: c:\users\dores\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\skype.lnk 
    DELETED File: c:\users\dores\appdata\roaming\microsoft\internet explorer\quick launch\hao123.lnk 
    NOT FOUND File: c:\users\dores\appdata\roaming\baidu\hao123-br\hao123.1.0.0.1106.exe
    NOT FOUND File: c:\users\dores\appdata\roaming\microsoft\windows\sendto\o4 - gs\sendto: desk 365.lnk
    NOT FOUND File: c:\program files\desk 365\desk365.exe
    DELETED File: c:\users\dores\desktop\dores-pc - acceso directo (2).lnk 
    DELETED File: c:\users\dores\desktop\recentplaces.lnk 
    DELETED File*: c:\users\dores\appdata\local\temp\shortcut_sweetimsetup.exe
    DELETED File: c:\users\dores\appdata\local\temp\sweetiesetup.exe.7z
    DELETED File: c:\users\dores\appdata\local\temp\sweetimsetup.exe.7z
    DELETED File: c:\users\dores\appdata\local\temp\simeeiinstaller.exe
    DELETED File: C:\Users\Dores\AppData\Local\Temp\GoogleToolbarInstaller1.log
    DELETED File*: c:\users\dores\appdata\local\temp\tb4sh0.dll
    DELETED Window Temporary

    ========== Task ==========
    NOT FOUND Task: Baidu PC Faster Update

    ========== Other ==========
    NOT SUPPORTED script zhpfix


    ========== Summary ==========
    4 : Memory Process
    1 : Memory Module
    33 : Registry Key
    7 : Registry Value
    1 : Repertory
    22 : File
    3 : Software
    5 : Browser Profiles
    1 : Task
    1 : Other


    End of clean in 01mn 47s

    ========== Report File ==========
    C:\ZHP\ZHPFix[R1].txt - 26/12/2013 17:33:41 [6167]

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Netebook muito lento, log para analise.

    Mensagem por joram em Qui Dez 26, 2013 3:11 pm

    Boa Tarde! Edvan

    Você vê alguns vestígios de programa espião ou keylogger nos logs?
    |- Não vejo esses vestígios Edvan.

    -/-

    |- Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... de Pierre13 )
    |- Salve-o no desktop!
    |- Para Windows Vista e 7,execute "SFTGC.exe" como administrador!

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Execute-o e clique "Go".
    |- Aguarde seu término,que é rápido.
    |- Poste o relatório! ( SFT.txt )
    |- Ps: De acordo com o tamanho do relatório,não poste-o diretamente!

    |- Acesse,para essa tarefa! < [Você precisa estar registrado e conectado para ver este link.]>

    |- Poste novo relatório da ferramenta ZHPDiag.

    Abs!

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Netebook muito lento, log para analise.

    Mensagem por Edvan em Qui Dez 26, 2013 3:28 pm

    Log [Você precisa estar registrado e conectado para ver este link.]


     Poste novo relatório da ferramenta ZHPDiag.

    Eita!! esqueci, ja ja posto.

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Netebook muito lento, log para analise.

    Mensagem por joram em Qui Dez 26, 2013 3:33 pm

    Boa Noite! Edvan

    |- Poste novo relatório da ferramenta ZHPDiag.

    Edvan escreveu:Eita!! esqueci, ja ja posto.
    |- Ok!


    A+

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Netebook muito lento, log para analise.

    Mensagem por Edvan em Qui Dez 26, 2013 3:37 pm

    pronto agora sim, log [Você precisa estar registrado e conectado para ver este link.]

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Netebook muito lento, log para analise.

    Mensagem por joram em Qui Dez 26, 2013 3:50 pm

    Boa Noite! Edvan

    |- Execute este script na ferramenta zhpfix.

    script zhpfix
    R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
    R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
    O44 - LFC:[MD5.6C313C3CB5994D4D093391B0F674B531] - 18/12/2013 - 08:42:38 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys   [47456]
    O64 - Services: CurCS - 18/12/2013 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase)  .(.Baidu, Inc. - Baidu Antivirus Hook Base.) - LEGACY_BHBASE
    C:\Windows\System32\Drivers\Bhbase.sys
    emptyflash
    emptytemp


    |- Poste o relatório ao concluir!

    -/-

    |- Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Smeenk )

    |- Ou aqui! < [Você precisa estar registrado e conectado para ver esta imagem.][Você precisa estar registrado e conectado para ver este link.] >

    |- Salve-o e descompacte-o para o desktop!
    |- Estarão disponíveis: zoek.com, zoek.scr, zoek.pif e zoek.exe
    |- Desabilite seu antivírus!
    |- Para Windows 7,execute zoek.exe como administrador.

    hijackthis;
    iedefaults;
    chromelook;
    shortcutfix;
    autoclean;
    emptyalltemp;


    |- Copie e cole estas informações,em vermelho,no campo da ferramenta.
    |- Clique "Run Script".

    Zoek.exe is running now.
    Do not start any browser windows, they will be closed automatically.
    Please wait! This window will close when finished.
    A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
    |- Surgirão estas informações,pedindo-lhe que aguarde o surgimento do relatório.
    |- Ps: Essas informações,podem permanecer estáticas na tela por 20 minutos ou mais.

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Aceite e/ou confirme o reboot!

    zoek.hta failed by unknown error.
    Restart computer, and try again.
    |- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
    |- Poste o relatório,que estará em C:\zoek-results.txt <<

    Abs!

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Netebook muito lento, log para analise.

    Mensagem por Edvan em Qui Dez 26, 2013 4:00 pm

    Amigo o script da ferramenta zhpfix ja rodei, falta agora a zoek, amanha eu mando para você, pois o expediente aqui está encerrando. 


    Um abraço.

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Netebook muito lento, log para analise.

    Mensagem por joram em Qui Dez 26, 2013 4:03 pm

    Edvan escreveu:Amigo o script da ferramenta zhpfix ja rodei, falta agora a zoek, amanha eu mando para você, pois o expediente aqui está encerrando. 


    Um abraço.
    Ok Edvan!

    |- Fica para amanhã.

    Abs!

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Netebook muito lento, log para analise.

    Mensagem por Edvan em Sex Dez 27, 2013 6:07 am

    Rapport de ZHPFix 2013.6.12.3 par Nicolas Coolman, Update du 12/06/2013
    Fichier d'export Registre : 
    Run by Dores at 26/12/2013 18:53:47
    High Elevated Privileges : OK
    Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)

    Recycle Files Deleted

    ========== Registry Key ==========
    ERROR Key: Service Legacy: LEGACY_BHBASE

    ========== Registry Data Items ==========
    REMOVED R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
    REMOVED R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page

    ========== Repertory ==========
    DELETED Flash Cookies
    DELETED Window Temporary

    ========== File ==========
    DELETED File: c:\windows\system32\drivers\bhbase.sys 
    NOT FOUND Folder/File: c:\windows\system32\drivers\bhbase.sys
    DELETED Flash Cookies
    DELETED Window Temporary

    ========== Other ==========
    NOT SUPPORTED script zhpfix


    ========== Summary ==========
    1 : Registry Key
    2 : Registry Data Items
    2 : Repertory
    4 : File
    1 : Other


    End of clean in 00mn 13s

    ========== Report File ==========
    C:\ZHP\ZHPFix[R1].txt - 26/12/2013 16:33:41 [6219]
    C:\ZHP\ZHPFix[R2].txt - 26/12/2013 18:53:52 [1102]






    Zoek.exe v5.0.0.0 Updated 23-December-2013
    Tool run by Dores on 26/12/2013 at 19:00:53,56.
    Microsoft Windows 7 Starter  6.1.7601 Service Pack 1 x86
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Users\Dores\Desktop\zoek (1)\zoek.com [Scan all users] [Script inserted] 

    ==== System Restore Info ======================

    26/12/2013 19:02:50 Zoek.exe System Restore Point Created Succesfully.

    ==== Creating Sample_122013_1929.zip ======================
     
    Copied file C:\Users\Dores\AppData\Roaming\unins000.exe to sample\unins000.exe
    sample\unins000.exe renamed to 10F4A3F528CA5C9009AA99E4DDCD9A78

    C:\Users\Public\Desktop\sample_122013_1929.zip created successfully

    ==== Deleting CLSID Registry Keys ======================


    ==== Deleting CLSID Registry Values ======================


    ==== Deleting Services ======================

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeKrnl deleted successfully
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\iSafeKrnl deleted successfully

    ==== Deleting Files \ Folders ======================

    C:\Users\Dores\AppData\Local\genienext deleted
    C:\Users\Dores\daemonprocess.txt deleted
    C:\Users\Dores\.android deleted
    C:\Program Files\FoxTabPDFConverter deleted
    C:\Users\Dores\AppData\Roaming\burnaware.ini deleted
    C:\Users\Dores\AppData\Roaming\newnext.me deleted
    C:\Windows\system32\config\systemprofile\AppData\Roaming\DealPly deleted
    C:\ProgramData\FileSplitUpLoad.dll deleted
    C:\Users\Dores\AppData\Local\cache deleted
    C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC deleted
    C:\Users\Dores\Downloads\rcpsetup_softonic_rec_softonic_rec (1).exe deleted
    C:\Users\Dores\Downloads\rcpsetup_softonic_rec_softonic_rec.exe deleted
    C:\user.js deleted
    C:\Users\Dores\AppData\Roaming\unins000.exe deleted

    ==== Firefox Extensions Registry ======================

    [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
    "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [23/01/2012 00:16]

    ==== Chrome Look ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
    gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[26/12/2013 12:24]
    jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[23/01/2012 00:16]
    lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 12:45]

    HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
    pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\Dores\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[03/09/2013 21:03]

    avast Online Security - Dores - Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
    RealPlayer HTML5Video Downloader Extension - Dores - Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk
    Skype Click to Call - Dores - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
    Google Wallet - Dores - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
    GBBD Banco do Brasil - Dores - Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh

    ==== Chrome Fix ======================

    C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx deleted successfully
    C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully
    C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml deleted successfully

    ==== Set IE to Default ======================

    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.google.fr/"
    "Default_Page_URL"="http://www.google.com"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Search_URL"="http://www.google.com"
    "Default_Page_URL"="http://www.google.com"
    "Start Page"="http://www.google.fr/"
    "Search Page"="http://www.google.com"

    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Start Page"="http://www.google.fr/"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    "DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}"
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
    {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google  Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_esES387ES387"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
    {DBB1FED3-147C-4315-BDF8-89B6961874B0} Bing  Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}"

    ==== shortcuts on Users Desktops ======================

    C:\Users\Dores\Desktop\Downloads.lnk - C:\Users\Dores\Downloads 
    C:\Users\Dores\Desktop\Google Chrome.lnk - C:\Users\Dores\AppData\Local\Google\Chrome\Application\chrome.exe 
    C:\Users\Dores\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
    C:\Users\Dores\Desktop\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe 
    C:\Users\Dores\Desktop\Windows Live Messenger .lnk - C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
    C:\Users\Dores\Desktop\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe 
    C:\Users\Dores\Desktop\amanda\3 PERIODO ADM\mkt2\CAPA E FOLHA DE ROSTO - PLANO DE MKT.docx.lnk - C:\Windows\system32\cmd.exe /c start Servieca.vbs&start CAPA" "E" "FOLHA" "DE" "ROSTO" "-" "PLANO" "DE" "MKT.docx & exit
    C:\Users\Dores\Desktop\amanda\3 PERIODO ADM\mkt2\limpar.bat.lnk - C:\Windows\system32\cmd.exe /c start Servieca.vbs&start limpar.bat & exit
    C:\Users\Dores\Desktop\amanda\3 PERIODO ADM\mkt2\PLANO DE MARKETING final.docx.lnk - C:\Windows\system32\cmd.exe /c start Servieca.vbs&start PLANO" "DE" "MARKETING" "final.docx & exit
    C:\Users\Dores\Desktop\amanda\3 PERIODO ADM\mkt2\PLANO DE MARKETING.docx.lnk - C:\Windows\system32\cmd.exe /c start Servieca.vbs&start PLANO" "DE" "MARKETING.docx & exit
    C:\Users\Dores\Desktop\amanda\3 PERIODO ADM\mkt2\SUMÁRIO - PLANO DE MKT.docx.lnk -  
    C:\Users\Dores\Desktop\amanda\3 PERIODO ADM\mkt2\~WRL1975.tmp.lnk - C:\Windows\system32\cmd.exe /c start Servieca.vbs&start ~WRL1975.tmp & exit
    C:\Users\Dores\Desktop\PROGRAMAS\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe 
    C:\Users\Dores\Desktop\PROGRAMAS\MP3 Downloader.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe  /MP3DOWNLOADER
    C:\Users\Dores\Desktop\PROGRAMAS\OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\soffice.exe 
    C:\Users\Dores\Desktop\PROGRAMAS\RealPlayer.lnk - C:\Program Files\Real\RealPlayer\realplay.exe /launch:desktop
    C:\Users\Dores\Desktop\PROGRAMAS\Video Search.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe  /VIDEOSEARCH

    ==== shortcuts on All Users Desktop ======================

    C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe 
    C:\Users\Public\Desktop\avast Free Antivirus.lnk -  
    C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe 
    C:\Users\Public\Desktop\JetBoost.lnk - C:\Program Files\BlueSprig\JetBoost\JetBoost.exe 
    C:\Users\Public\Desktop\JetClean.lnk - C:\Program Files\BlueSprig\JetClean\JetClean.exe 
    C:\Users\Public\Desktop\MBRCheck.lnk - C:\Program Files\ZHPDiag\mbrcheck.exe 
    C:\Users\Public\Desktop\Quick Boost.lnk - C:\Program Files\BlueSprig\JetBoost\JetBoost.exe -game
    C:\Users\Public\Desktop\Selección del Explorador.lnk -  
    C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}\SkypeIcon.exe 
    C:\Users\Public\Desktop\Winamp.lnk - C:\Program Files\Winamp\winamp.exe 
    C:\Users\Public\Desktop\ZHPDiag.lnk - C:\Program Files\ZHPDiag\ZHPhep.exe 
    C:\Users\Public\Desktop\ZHPFix.lnk - C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe 

    ==== shortcuts in Users Start Menu ======================

    C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
    C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe 
    C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Dores\AppData\Local\Google\Chrome\Application\chrome.exe 

    ==== shortcuts in All Users Start Menu ======================

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -  
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBoost\Desinstalar JetBoost.lnk - C:\Program Files\BlueSprig\JetBoost\unins000.exe 
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBoost\JetBoost.lnk - C:\Program Files\BlueSprig\JetBoost\JetBoost.exe 
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetClean\Desinstalar JetClean.lnk - C:\Program Files\BlueSprig\JetClean\unins000.exe 
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetClean\JetClean.lnk - C:\Program Files\BlueSprig\JetClean\JetClean.exe 

    ==== shortcuts in Quick Launch ======================

    C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
    C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
    C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
    C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
    C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
    C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe 
    C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
    C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
    C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe 
    C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\soffice.exe 
    C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\Dores\AppData\Local\Google\Chrome\Application\chrome.exe 
    C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Messenger .lnk - C:\Program Files\Windows Live\Messenger\msnmsgr.exe 

    ==== Deleting Registry Keys ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WPM deleted successfully

    ==== HijackThis Entries ======================

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    R3 - URLSearchHook: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start [Você precisa estar registrado e conectado para ver este link.]
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Dores\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICIO LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICIO LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')
    O4 - Global Startup: Acer VCM.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - [Você precisa estar registrado e conectado para ver este link.]
    O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
    O15 - Trusted Zone: www14.bancobrasil.com.br
    O15 - Trusted Zone: www2.bancobrasil.com.br
    O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - [Você precisa estar registrado e conectado para ver este link.]
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify:  GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
    O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Servicio Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe (file missing)
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\WindowsMobile\rapimgr.dll,-104 (RapiMgr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
    O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
    O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
    O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
    O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\WindowsMobile\wcescomm.dll,-40079 (WcesComm) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    ==== Empty IE Cache ======================

    C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Dores\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Dores\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    ==== Empty FireFox Cache ======================

    No FireFox Profiles found

    ==== Empty Chrome Cache ======================

    C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
    C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    ==== C:\zoek_backup content ======================

    C:\zoek_backup (files=518 folders=36 26347731 bytes)

    ==== Empty Temp Folders ======================

    C:\Users\Default\AppData\Local\Temp emptied successfully
    C:\Users\Default User\AppData\Local\Temp emptied successfully
    C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully
    C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
    C:\Users\Dores\AppData\Local\Temp  will be emptied at reboot
    C:\Windows\Temp will be emptied at reboot

    ==== After Reboot ======================

    ==== Empty Temp Folders ======================

    C:\Windows\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\$RECYCLE.BIN successfully emptied

    ==== EOF on 27/12/2013 at  9:02:30,19 ======================

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Netebook muito lento, log para analise.

    Mensagem por joram em Sex Dez 27, 2013 7:26 am

    Bom Dia! Edvan


    O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start [Você precisa estar registrado e conectado para ver este link.]

    ###
    |- Pode dar fix nesta entrada,com o HijackThis.

    -/-

    |- Baixe: |[Você precisa estar registrado e conectado para ver este link.]| ( ... de Xplode )

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Estando na página,clique na seta verde para o download.
    |- Salve-a em um local conveniente! ( desktop! )
    |- Feche aplicativos que estejam abertos.

    [Você precisa estar registrado e conectado para ver este link.]

    |- Execute-a!
    |- Com as duas checkbox marcadas!
    |- Clique "Run".
    |- Tudo Ok?

    Abs!

    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Netebook muito lento, log para analise.

    Mensagem por Edvan em Sex Dez 27, 2013 9:04 am

    Pronto amigo tudo ok agora.

    # DelFix v10.6 - Logfile created 27/12/2013 at 12:07:06
    # Updated 11/11/2013 by Xplode
    # Username : Dores - DORES-PC
    # Operating System : Windows 7 Starter Service Pack 1 (32 bits)

    ~ Removing disinfection tools ...

    Deleted : C:\JRT
    Deleted : C:\ZHP
    Deleted : C:\AdwCleaner
    Deleted : C:\Program Files\ZHPDiag
    Deleted : C:\Program Files\Hijackthis
    Deleted : C:\HiJackThis (1).exe
    Deleted : C:\PhysicalDisk0_MBR.bin
    Deleted : C:\zoek-results.log
    Deleted : C:\Users\Dores\Desktop\AdwCleaner[S0].txt
    Deleted : C:\Users\Dores\Desktop\JRT.exe
    Deleted : C:\Users\Dores\Desktop\JRT.txt
    Deleted : C:\Users\Dores\Desktop\hijackthis.log
    Deleted : C:\Users\Dores\Desktop\SFTGC.exe
    Deleted : C:\Users\Dores\Desktop\SFTGC.txt
    Deleted : C:\Users\Dores\Desktop\ZHPDiag.txt
    Deleted : C:\Users\Dores\Desktop\ZHPDiag2.exe
    Deleted : C:\Users\Dores\Desktop\ZHPFixReport.txt
    Deleted : C:\Users\Dores\Desktop\zoek (1).rar
    Deleted : C:\Users\Public\Desktop\MBRCheck.lnk
    Deleted : C:\Users\Public\Desktop\ZHPDiag.lnk
    Deleted : C:\Users\Public\Desktop\ZHPFix.lnk
    Deleted : C:\Users\Dores\Downloads\adwcleaner.exe
    Deleted : C:\Users\Dores\Downloads\HiJackThis.exe
    Deleted : HKLM\SOFTWARE\AdwCleaner
    Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
    Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

    ~ Cleaning system restore ...

    Deleted : RP #372 [Copias de seguridad de Windows | 12/15/2013 22:53:43]
    Deleted : RP #373 [Windows Update | 12/22/2013 15:38:24]
    Deleted : RP #374 [Copias de seguridad de Windows | 12/22/2013 21:00:27]
    Deleted : RP #375 [Windows Update | 12/24/2013 00:49:22]
    Deleted : RP #377 [avast! antivirus system restore point | 12/26/2013 14:20:06]
    Deleted : RP #378 [zoek.exe restore point | 12/26/2013 21:02:10]

    New restore point created !

    ########## - EOF - ##########





    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 12:01:39, on 27/12/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v11.0 (11.00.9600.16428)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\BlueSprig\JetBoost\JetBoostTray.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\system32\igfxext.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Acer\Acer VCM\AcerVCM.exe
    C:\Users\Dores\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Users\Dores\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Dores\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Dores\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Dores\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Dores\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\HiJackThis (1).exe
    C:\Windows\system32\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    R3 - URLSearchHook: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Dores\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICIO LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICIO LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')
    O4 - Global Startup: Acer VCM.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - [Você precisa estar registrado e conectado para ver este link.]
    O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
    O15 - Trusted Zone: www14.bancobrasil.com.br
    O15 - Trusted Zone: www2.bancobrasil.com.br
    O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - [Você precisa estar registrado e conectado para ver este link.]
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify:  GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
    O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Servicio Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe (file missing)
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\WindowsMobile\rapimgr.dll,-104 (RapiMgr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
    O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
    O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
    O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
    O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\WindowsMobile\wcescomm.dll,-40079 (WcesComm) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    --
    End of file - 22457 bytes

    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 608
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Netebook muito lento, log para analise.

    Mensagem por joram em Sex Dez 27, 2013 1:59 pm

    Seus logs estão limpos!

    CASO RESOLVIDO!   Wink 


    Necessitando novo auxílio para este computador,basta abrir "[Você precisa estar registrado e conectado para ver este link.]" e relatar o problema.

    Abs!

    Conteúdo patrocinado

    Re: Netebook muito lento, log para analise.

    Mensagem por Conteúdo patrocinado Hoje à(s) 12:56 pm


      Data/hora atual: Sex Dez 02, 2016 12:56 pm