Fórum SecSecurity

Implementando Limpeza e Seguranca em seu computador!

Palavras chave

Últimos assuntos

» 9-Lab Malware Removal Tool ( ... by 9-lab.com )
Sab Dez 31, 2016 4:24 am por joram

» SFCFix ( ... de niemiro )
Sab Dez 24, 2016 9:29 am por joram

» ResetBrowser ( ... de Nicolas Coolman )
Ter Maio 31, 2016 5:58 am por joram

» herdProtectScan ( ... by herdprotect.com )
Seg Mar 07, 2016 10:58 pm por joram

» Emsisoft Emergency Kit ( ... by Emsisoft.com )
Dom Fev 28, 2016 5:40 am por joram

» Dr.WEB Link Checker ( ... by Doctor Web.Ltd )
Qui Fev 11, 2016 9:51 am por joram

» Computador com erros no navegador
Sab Ago 29, 2015 8:04 pm por joram

» Justiça determina que PSafe retire alertas desleais
Qua Ago 19, 2015 6:58 am por joram

» Google vai fazer buscas offline internas no desktop do seu PC
Ter Ago 18, 2015 8:19 am por joram

Março 2017

SegTerQuaQuiSexSabDom
  12345
6789101112
13141516171819
20212223242526
2728293031  

Calendário Calendário

Parceiros

Fórum grátis

Os membros mais marcados


    Netebook muito lento, log para analise.

    Compartilhe
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Netebook muito lento, log para analise.

    Mensagem por Edvan em Qui Dez 26, 2013 9:08 am

    usei nesse netebook uma versão antiga do ZHPDiag => v2013.7.13.25.


    Como já tinha aqui nos meus arquivos essa versão, nao quis mais baixar a versão atual.


    Log para analise [Você precisa estar registrado e conectado para ver este link.]

    # AdwCleaner v3.016 - Reporte Creado 26/12/2013 en 10:36:54
    # Actualizado 23/12/2013 por Xplode
    # Sistema Operativo : Windows 7 Starter Service Pack 1 (32 bits)
    # Nombre de usuario : Dores - DORES-PC
    # Ejecutado desde : C:\Users\Dores\Downloads\adwcleaner.exe
    # Opción : Limpiar

    ***** [ Servicios ] *****

    [#] Servicio Borrar : bonanzadealslive
    [#] Servicio Borrar : bonanzadealslivem
    Servicio Borrar : desksvc
    Servicio Borrar : Wpm

    ***** [ Archivos / Carpetas ] *****

    Carpeta Borrar : C:\ProgramData\Ask
    Carpeta Borrar : C:\ProgramData\Babylon
    Carpeta Borrar : C:\ProgramData\baidu
    Carpeta Borrar : C:\ProgramData\BonanzaDealsLive
    Carpeta Borrar : C:\ProgramData\boost_interprocess
    Carpeta Borrar : C:\ProgramData\Partner
    Carpeta Borrar : C:\ProgramData\SweetIM
    Carpeta Borrar : C:\ProgramData\WPM
    Carpeta Borrar : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365
    Carpeta Borrar : C:\Program Files\Ask.com
    Carpeta Borrar : C:\Program Files\BonanzaDeals
    Carpeta Borrar : C:\Program Files\BonanzaDealsLive
    Carpeta Borrar : C:\Program Files\Claro
    Carpeta Borrar : C:\Program Files\Conduit
    Carpeta Borrar : C:\Program Files\DealPly
    Carpeta Borrar : C:\Program Files\Desk 365
    Carpeta Borrar : C:\Program Files\iSafe
    Carpeta Borrar : C:\Program Files\Mobogenie
    Carpeta Borrar : C:\Program Files\SweetIM
    Carpeta Borrar : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
    Carpeta Borrar : C:\Users\Dores\AppData\Local\apn
    Carpeta Borrar : C:\Users\Dores\AppData\Local\BonanzaDealsLive
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Conduit
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Mobogenie
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Temp\AskSearch
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Temp\BabylonToolbar
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Temp\boost_interprocess
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Temp\Desk365
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Temp\Iminent
    Carpeta Borrar : C:\Users\Dores\AppData\LocalLow\AskToolbar
    Carpeta Borrar : C:\Users\Dores\AppData\LocalLow\BabylonToolbar
    Carpeta Borrar : C:\Users\Dores\AppData\LocalLow\Conduit
    Carpeta Borrar : C:\Users\Dores\AppData\LocalLow\Funmoods
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\Babylon
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\baidu
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\DealPly
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\Desk 365
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\DSite
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\iSafe
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\OpenCandy
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
    Carpeta Borrar : C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
    Carpeta Borrar : C:\Users\Dores\Documents\Mobogenie
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
    Carpeta Borrar : C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
    Archivo Borrar : C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
    Archivo Borrar : C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
    Archivo Borrar : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
    Archivo Borrar : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
    Archivo Borrar : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
    Archivo Borrar : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
    Archivo Borrar : C:\Windows\System32\Tasks\BonanzaDealsUpdate
    Archivo Borrar : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
    Archivo Borrar : C:\Windows\Tasks\DSite.job
    Archivo Borrar : C:\Windows\System32\Tasks\DSite
    Archivo Borrar : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

    ***** [ Accesos directos ] *****

    Acceso directo Desinfectado : C:\Users\Dores\Desktop\Google Chrome.lnk
    Acceso directo Desinfectado : C:\Users\Dores\Desktop\Internet Explorer.lnk
    Acceso directo Desinfectado : C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    Acceso directo Desinfectado : C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
    Acceso directo Desinfectado : C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
    Acceso directo Desinfectado : C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    Acceso directo Desinfectado : C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

    ***** [ Registro ] *****

    Clave Borrar : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
    Clave Borrar : HKLM\SOFTWARE\Google\Chrome\Extensions\ieadcoanfjloocmfafkebdnfefmohngj
    Clave Borrar : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
    Clave Borrar : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FFE00783-C944-4C28-B0DA-C406921E06EA}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFE00783-C944-4C28-B0DA-C406921E06EA}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5566C26F-8A7A-4F90-A367-F4361104BFD9}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5566C26F-8A7A-4F90-A367-F4361104BFD9}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6539E018-86F8-4FFD-B6F1-6960F67B1EE3}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6539E018-86F8-4FFD-B6F1-6960F67B1EE3}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E6400E0-1CB0-413E-BEFE-4436BC94074E}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E6400E0-1CB0-413E-BEFE-4436BC94074E}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CD3BA658-6C09-41A9-8BE4-97A359B40D56}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD3BA658-6C09-41A9-8BE4-97A359B40D56}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{587FD12C-15C6-4086-937B-9D3555E8FE5A}
    [#] Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{587FD12C-15C6-4086-937B-9D3555E8FE5A}
    Valor Borrar : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
    Valor Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Desk 365]
    Valor Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
    Clave Borrar : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
    Clave Borrar : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
    Clave Borrar : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
    Clave Borrar : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
    Clave Borrar : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
    Clave Borrar : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
    Clave Borrar : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
    Clave Borrar : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
    Clave Borrar : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
    Clave Borrar : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
    Clave Borrar : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
    Clave Borrar : HKLM\SOFTWARE\Classes\Prod.cap
    Clave Borrar : HKLM\SOFTWARE\Classes\sim-packages
    Clave Borrar : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
    Clave Borrar : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
    Clave Borrar : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
    Clave Borrar : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
    Clave Borrar : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
    Clave Borrar : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
    Valor Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
    Valor Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
    Valor Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
    Valor Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
    Valor Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
    Clave Borrar : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
    Clave Borrar : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
    Clave Borrar : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
    Clave Borrar : HKLM\SOFTWARE\Classes\Toolbar.CT2233703
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_microsoft-office-2010 (1)_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_microsoft-office-2010 (1)_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_microsoft-office-2010_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_microsoft-office-2010_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_spotify_RASAPI32
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_spotify_RASMANCS
    Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
    Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
    Clave Borrar : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
    Clave Borrar : HKLM\SOFTWARE\Classes\CLSID\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
    Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
    Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
    Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
    Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Clave Borrar : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    Valor Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Valor Borrar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
    Valor Borrar : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Valor Borrar : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
    Datos Restaurado : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
    Datos Restaurado : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
    Clave Borrar : HKCU\Software\APN
    Clave Borrar : HKCU\Software\Ask.com
    Clave Borrar : HKCU\Software\BabylonToolbar
    Clave Borrar : HKCU\Software\BonanzaDealsLive
    Clave Borrar : HKCU\Software\Conduit
    Clave Borrar : HKCU\Software\Cr_Installer
    Clave Borrar : HKCU\Software\dsiteproducts
    Clave Borrar : HKCU\Software\InstallCore
    Clave Borrar : HKCU\Software\Softonic
    Clave Borrar : HKCU\Software\AppDataLow\Software\AskToolbar
    Clave Borrar : HKCU\Software\AppDataLow\Software\Conduit
    Clave Borrar : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Clave Borrar : HKCU\Software\AppDataLow\Software\Crossrider
    Clave Borrar : HKCU\Software\AppDataLow\Software\PriceGong
    Clave Borrar : HKLM\Software\APN
    Clave Borrar : HKLM\Software\AskToolbar
    Clave Borrar : HKLM\Software\Babylon
    Clave Borrar : HKLM\Software\BonanzaDealsLive
    Clave Borrar : HKLM\Software\Conduit
    Clave Borrar : HKLM\Software\Desksvc
    Clave Borrar : HKLM\Software\hdcode
    Clave Borrar : HKLM\Software\Iminent
    Clave Borrar : HKLM\Software\nationzoomSoftware
    Clave Borrar : HKLM\Software\SimplyGen
    Clave Borrar : HKLM\Software\supWPM
    Clave Borrar : HKLM\Software\Trymedia Systems
    Clave Borrar : HKLM\Software\V9
    Clave Borrar : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5B58EF61-85F2-4977-97A5-84C19F926579}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bonanza Deals
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365
    Clave Borrar : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\16FE85B52F587794795A481CF9295697
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\758F5690DAAD39F40845E0E23C8C5C0B
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clave Borrar : HKLM\Software\Classes\Installer\Features\16FE85B52F587794795A481CF9295697
    Clave Borrar : HKLM\Software\Classes\Installer\Features\758F5690DAAD39F40845E0E23C8C5C0B
    Clave Borrar : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
    Clave Borrar : HKLM\Software\Classes\Installer\Products\16FE85B52F587794795A481CF9295697
    Clave Borrar : HKLM\Software\Classes\Installer\Products\758F5690DAAD39F40845E0E23C8C5C0B
    Clave Borrar : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
    Clave Borrar : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

    ***** [ Navegadores ] *****

    -\\ Internet Explorer v11.0.9600.16428

    Ajustes Restaurar : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
    Ajustes Restaurar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
    Ajustes Restaurar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
    Ajustes Restaurar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
    Ajustes Restaurar : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

    -\\ Google Chrome v

    [ Archivo : C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Borrar : urls_to_restore_on_startup

    *************************

    AdwCleaner[R0].txt - [38957 octets] - [26/12/2013 10:32:08]
    AdwCleaner[S0].txt - [35916 octets] - [26/12/2013 10:36:54]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [35977 octets] ##########



    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 4.8.9 (04.22.2013:1)
    OS: Windows 7 Starter x86
    Ran by Dores on 26/12/2013 at 11:13:33,59
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1152263182-3115943368-347561778-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5464923E-3981-4204-98A4-5D94F45F65E4}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E16642D5-378D-4443-AB79-BAC0E4038EC9}
    Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\120dfadeb50841f408f04d2a278f9509" 



    ~~~ Files



    ~~~ Folders

    Successfully deleted: [Empty Folder] C:\Users\Dores\appdata\local\{1DEAD05A-4B41-46BC-89E2-8A8A45E6D8BC}
    Successfully deleted: [Empty Folder] C:\Users\Dores\appdata\local\{28CC2B9A-5477-4507-889E-D0B9CEBC4DBA}
    Successfully deleted: [Empty Folder] C:\Users\Dores\appdata\local\{660DE14F-1F31-412A-A693-F60A2D70CB4F}
    Successfully deleted: [Empty Folder] C:\Users\Dores\appdata\local\{8993B845-BC83-4910-8E5F-879EADA4D800}
    Successfully deleted: [Empty Folder] C:\Users\Dores\appdata\local\{AEFDB44E-FD63-429B-A5F5-0951E46D1A2F}
    Successfully deleted: [Empty Folder] C:\Users\Dores\appdata\local\{DE8661F4-1B7F-470A-AB0A-94871155B57E}



    ~~~ Chrome

    Successfully deleted: [Registry Key] hkey_current_user\software\policies\google\chrome\extensioninstallforcelist



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 26/12/2013 at 11:20:06,50
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 610
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Netebook muito lento, log para analise.

    Mensagem por joram em Qui Dez 26, 2013 2:11 pm

    Boa Tarde! Edvan

    |- Desinstale: C:\Program Files\Baidu Security <<

    -/-

    |- Execute este script na ferramenta zhpfix.

    script zhpfix
    SR - | Auto 18/12/2013 678384 |  (PCFasterSvc_{PCFaster_4.0.0.0}) . (.Baidu Inc..) - C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
    [MD5.5299CB55E92FE88D2E5F0C453285EB61] - (.Baidu Inc. - PC Faster Tray.) -- C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PcfTray.exe   [1300672] [PID.2284]
    [MD5.8768E55FC27B3933D1CF2DB8B0C924A2] [APT] [Baidu PC Faster Update] (.Baidu Inc..) -- C:\Program Files\Baidu Security\PC Faster\4.0.0.0\Updater.exe   [1154032]
    G0 - GCSP: Preference [User Data\Default][HomePage] [Você precisa estar registrado e conectado para ver este link.]
    O4 - HKLM\..\Run: [Baidu PC Faster 4.0.0.0] . (.Baidu Inc. - PC Faster.) -- C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe
    O4 - GS\TaskBar: Skype (2).lnk . (...)  -- C:\Windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe (.not file.)
    O4 - GS\TaskBar: Skype (3).lnk . (...)  -- C:\Windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe (.not file.)
    O4 - GS\TaskBar: Skype (4).lnk . (...)  -- C:\Windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe (.not file.)
    O4 - GS\TaskBar: Skype (6).lnk . (...)  -- C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe (.not file.)
    O4 - GS\TaskBar: Skype (7).lnk . (...)  -- C:\Windows\Installer\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}\SkypeIcon.exe
    O4 - GS\TaskBar: Skype.lnk . (...)  -- C:\Windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe (.not file.)
    O4 - GS\QuickLaunch: Hao123.lnk . (...)  -- C:\Users\Dores\AppData\Roaming\Baidu\hao123-br\hao123.1.0.0.1106.exe (.not file.)
    O4 - GS\SendTo: Desk 365.lnk . (...)  -- C:\Program Files\Desk 365\desk365.exe (.not file.)  =>Hijacker.22Find
    O4 - GS\Desktop: DORES-PC - Acceso directo (2).lnk - Orphean Key
    O4 - GS\Desktop: RecentPlaces.lnk - Orphean Key
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -- Orphean Key
    O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) . (.Baidu Inc. - Baidu PC Faster Service.) - C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
    O41 - Driver:  (Bfilter) . (. - .) - C:\Windows\system32\drivers\Bfilter.sys (.not file.)
    O41 - Driver:  (Bfmon) . (. - .) - C:\Windows\system32\drivers\Bfmon.sys (.not file.)
    O41 - Driver:  (Bprotect) . (. - .) - C:\Windows\system32\drivers\Bprotect.sys (.not file.)
    O41 - Driver:  (BprotectEx) . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - C:\Windows\system32\drivers\BprotectEx.sys
    O41 - Driver:  (iSafeNetFilter) . (. - .) - C:\Program Files\iSafe\iSafeNetFilter.sys (.not file.)
    O42 - Logiciel: Baidu PC Faster - (.Baidu, Inc..) [HKLM] -- Baidu PC Faster 4.0.0.0
    O42 - Logiciel: Hao123-Client - (.Baidu Online Network Technology (Beijing) Co., Ltd..) [HKCU] -- hao123desk-br
    O42 - Logiciel: YAC - (.ELEX DO BRASIL PARTICIPAÇÕES LTDA.) [HKLM] -- iSafe
    O43 - CFD: 24/12/2013 - 12:13:08 - [79,204] ----D C:\Program Files\Baidu Security
    O43 - CFD: 24/12/2013 - 12:27:27 - [0,005] ----D C:\ProgramData\Baidu Security
    O43 - CFD: 24/12/2013 - 12:13:07 - [0,002] ----D C:\Users\Dores\AppData\Roaming\Baidu Security
    O43 - CFD: 24/12/2013 - 12:19:26 - [0,003] ----D C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil
    O51 - MPSK:{d266611b-0eab-11e0-9e97-00262276f012}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
    O51 - MPSK:{d266612a-0eab-11e0-9e97-00262276f012}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
    O64 - Services: CurCS - ??\??\???? - Unknown owner (Bfilter)  .(...) - LEGACY_BFILTER
    O64 - Services: CurCS - ??\??\???? - Unknown owner (Bfmon)  .(...) - LEGACY_BFMON
    O64 - Services: CurCS - 18/12/2013 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase)  .(.Baidu, Inc. - Baidu Antivirus Hook Base.) - LEGACY_BHBASE
    O64 - Services: CurCS - ??\??\???? - Unknown owner (Bprotect)  .(...) - LEGACY_BPROTECT
    O64 - Services: CurCS - 18/12/2013 - C:\Windows\system32\drivers\BprotectEx.sys (BprotectEx)  .(.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) - LEGACY_BPROTECTEX
    O64 - Services: CurCS - ??\??\???? - Unknown owner (iSafeNetFilter)  .(...) - LEGACY_ISAFENETFILTER
    O64 - Services: CurCS - 18/12/2013 - C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys (PCFApiUtil)  .(.Baidu, Inc. - Baidu Antivirus BdApi Driver.) - LEGACY_PCFAPIUTIL
    [HKCU\Software\Baidu Security]
    [HKCU\Software\BonanzaDeals]
    [HKLM\Software\Baidu Security]
    [HKLM\Software\Baidu_Drp_pos]
    [HKLM\Software\BonanzaDeals]
    [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
    [HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
    [HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
    [HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
    [HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}] =>PUP.CrossRider
    [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011221158}] =>PUP.CrossRider
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus] =>Adware.BDSearch
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0] =>Adware.BDSearch
    [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}] =>PUP.CrossRider
    C:\Users\Dores\AppData\Local\Temp\Shortcut_sweetimsetup.exe =>PUP.SweetIM
    C:\Users\Dores\AppData\Local\Temp\SweetIESetup.exe.7z =>PUP.SweetIM
    C:\Users\Dores\AppData\Local\Temp\SweetIMSetup.exe.7z =>PUP.SweetIM
    C:\Users\Dores\AppData\Local\Temp\SIMEEIInstaller.exe =>PUP.SweetIM
    C:\Users\Dores\AppData\Local\Temp\GoogleToolbarInstaller1.log =>Toolbar.Babylon
    C:\Users\Dores\AppData\Local\Temp\tb4sh0.dll =>Toolbar.Conduit
    C:\Program Files\Baidu Security\PC Faster\4.0.0.0\Updater.exe
    emptytemp
    firewallraz
    emptyclsid


    |- Poste o relatório ao concluir!

    Abs!
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Netebook muito lento, log para analise.

    Mensagem por Edvan em Qui Dez 26, 2013 2:51 pm

    Boa tarde amigo!

    Você vê alguns vestígios de programa espião ou keylogger nos logs?

    Rapport de ZHPFix 2013.6.12.3 par Nicolas Coolman, Update du 12/06/2013
    Fichier d'export Registre : 
    Run by Dores at 26/12/2013 17:33:37
    High Elevated Privileges : OK
    Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)

    Recycle Files Deleted

    ========== Software ==========
    NOT FOUND Software Key: Baidu PC Faster 4.0.0.0
    NOT FOUND Uninstall Process: c:\users\dores\appdata\roaming\baidu\hao123-br\hao123.1.0.0.1106.exe
    NOT FOUND Uninstall Process: c:\program files\isafe\uninstall.exe

    ========== Memory Process ==========
    DELETED Memory Process: C:\Users\Dores\AppData\Local\Temp\Shortcut_sweetimsetup.exe
    DELETED Memory Process: C:\Users\Dores\AppData\Local\Temp\SweetIESetup.exe.7z
    DELETED Memory Process: C:\Users\Dores\AppData\Local\Temp\SweetIMSetup.exe.7z
    DELETED Memory Process: C:\Users\Dores\AppData\Local\Temp\SIMEEIInstaller.exe

    ========== Memory Module ==========
    DELETED Memory Module: C:\Users\Dores\AppData\Local\Temp\tb4sh0.dll

    ========== Registry Key ==========
    DELETED [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hao123desk-br]
    DELETED [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe]
    NOT FOUND Key: Service: PCFasterSvc_{PCFaster_4.0.0.0}
    DELETED Key: CLSID Extra Buttons: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}
    DELETED Driver Key: Bfilter
    DELETED Driver Key: Bfmon
    DELETED Driver Key: Bprotect
    DELETED Driver Key: BprotectEx
    DELETED Driver Key: iSafeNetFilter
    DELETED CLSID MPSK: {d266611b-0eab-11e0-9e97-00262276f012}
    DELETED CLSID MPSK: {d266612a-0eab-11e0-9e97-00262276f012}
    ERROR Key: Service Legacy: LEGACY_BFILTER
    ERROR Key: Service Legacy: LEGACY_BFMON
    ERROR Key: Service Legacy: LEGACY_BHBASE
    ERROR Key: Service Legacy: LEGACY_BPROTECT
    ERROR Key: Service Legacy: LEGACY_BPROTECTEX
    ERROR Key: Service Legacy: LEGACY_ISAFENETFILTER
    ERROR Key: Service Legacy: LEGACY_PCFAPIUTIL
    DELETED Key: HKCU\Software\Baidu Security
    DELETED Key: HKCU\Software\BonanzaDeals
    DELETED Key: HKLM\Software\Baidu Security
    DELETED Key: HKLM\Software\Baidu_Drp_pos
    DELETED Key: HKLM\Software\BonanzaDeals
    DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    DELETED Key: HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    DELETED Key: HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    DELETED Key: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    DELETED Key: HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32
    DELETED Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}
    DELETED Key: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011221158}
    DELETED Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus
    NOT FOUND Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0
    DELETED Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}

    ========== Registry Value ==========
    NOT FOUND RunValue: Baidu PC Faster 4.0.0.0
    No Value in Standard Profile Register Key FirewallRaz : 
    No Value in Domain Profile Register Key FirewallRaz : 
    DELETED FirewallRaz (None) : {66D6176D-58FD-40CF-AE9A-75170FC692C7}
    DELETED FirewallRaz (None) : {C435DEB1-9112-41D3-8348-163A04C0CAE4}
    DELETED FirewallRaz (Public) : {D29EA5C1-70C7-4EEB-8F9D-F64D6D0F00D6}
    DELETED FirewallRaz (Public) : {7176B886-5E35-4D78-92DB-6122C59E1816}

    ========== Browser Profiles ==========
    FOUND Chrome File: C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Preferences
    DELETED Chrome Site: [Você precisa estar registrado e conectado para ver este link.]
    DELETED Chrome Site: [Você precisa estar registrado e conectado para ver este link.]
    DELETED Chrome Site: [Você precisa estar registrado e conectado para ver este link.]
    DELETED Chrome Site: [Você precisa estar registrado e conectado para ver este link.]

    ========== Repertory ==========
    No Empty CLSID Directories

    ========== File ==========
    NOT FOUND File: c:\program files\baidu security\pc faster\4.0.0.0\pcfastersvc.exe
    NOT FOUND Folder/File: c:\program files\baidu security\pc faster\4.0.0.0\pcftray.exe
    NOT FOUND Folder/File: c:\program files\baidu security\pc faster\4.0.0.0\updater.exe
    NOT FOUND File: c:\program files\baidu security\pc faster\4.0.0.0\pcfaster.exe
    DELETED File: c:\users\dores\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\skype (2).lnk 
    NOT FOUND File: c:\windows\installer\{aa59dde4-b672-4621-a016-4c248204957a}\skypeicon.exe
    NOT FOUND File: c:\windows\installer\{ee7257a2-39a2-4d2f-9dac-f9f25b8ae1d8}\skypeicon.exe
    DELETED File: c:\windows\installer\{ea17f4fc-fdbf-4cf8-a529-2d983132d053}\skypeicon.exe 
    DELETED File: c:\users\dores\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar\skype.lnk 
    DELETED File: c:\users\dores\appdata\roaming\microsoft\internet explorer\quick launch\hao123.lnk 
    NOT FOUND File: c:\users\dores\appdata\roaming\baidu\hao123-br\hao123.1.0.0.1106.exe
    NOT FOUND File: c:\users\dores\appdata\roaming\microsoft\windows\sendto\o4 - gs\sendto: desk 365.lnk
    NOT FOUND File: c:\program files\desk 365\desk365.exe
    DELETED File: c:\users\dores\desktop\dores-pc - acceso directo (2).lnk 
    DELETED File: c:\users\dores\desktop\recentplaces.lnk 
    DELETED File*: c:\users\dores\appdata\local\temp\shortcut_sweetimsetup.exe
    DELETED File: c:\users\dores\appdata\local\temp\sweetiesetup.exe.7z
    DELETED File: c:\users\dores\appdata\local\temp\sweetimsetup.exe.7z
    DELETED File: c:\users\dores\appdata\local\temp\simeeiinstaller.exe
    DELETED File: C:\Users\Dores\AppData\Local\Temp\GoogleToolbarInstaller1.log
    DELETED File*: c:\users\dores\appdata\local\temp\tb4sh0.dll
    DELETED Window Temporary

    ========== Task ==========
    NOT FOUND Task: Baidu PC Faster Update

    ========== Other ==========
    NOT SUPPORTED script zhpfix


    ========== Summary ==========
    4 : Memory Process
    1 : Memory Module
    33 : Registry Key
    7 : Registry Value
    1 : Repertory
    22 : File
    3 : Software
    5 : Browser Profiles
    1 : Task
    1 : Other


    End of clean in 01mn 47s

    ========== Report File ==========
    C:\ZHP\ZHPFix[R1].txt - 26/12/2013 17:33:41 [6167]
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 610
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Netebook muito lento, log para analise.

    Mensagem por joram em Qui Dez 26, 2013 3:11 pm

    Boa Tarde! Edvan

    Você vê alguns vestígios de programa espião ou keylogger nos logs?
    |- Não vejo esses vestígios Edvan.

    -/-

    |- Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... de Pierre13 )
    |- Salve-o no desktop!
    |- Para Windows Vista e 7,execute "SFTGC.exe" como administrador!

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Execute-o e clique "Go".
    |- Aguarde seu término,que é rápido.
    |- Poste o relatório! ( SFT.txt )
    |- Ps: De acordo com o tamanho do relatório,não poste-o diretamente!

    |- Acesse,para essa tarefa! < [Você precisa estar registrado e conectado para ver este link.]>

    |- Poste novo relatório da ferramenta ZHPDiag.

    Abs!
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Netebook muito lento, log para analise.

    Mensagem por Edvan em Qui Dez 26, 2013 3:28 pm

    Log [Você precisa estar registrado e conectado para ver este link.]


     Poste novo relatório da ferramenta ZHPDiag.

    Eita!! esqueci, ja ja posto.
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 610
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Netebook muito lento, log para analise.

    Mensagem por joram em Qui Dez 26, 2013 3:33 pm

    Boa Noite! Edvan

    |- Poste novo relatório da ferramenta ZHPDiag.

    Edvan escreveu:Eita!! esqueci, ja ja posto.
    |- Ok!


    A+
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Netebook muito lento, log para analise.

    Mensagem por Edvan em Qui Dez 26, 2013 3:37 pm

    pronto agora sim, log [Você precisa estar registrado e conectado para ver este link.]
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 610
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Netebook muito lento, log para analise.

    Mensagem por joram em Qui Dez 26, 2013 3:50 pm

    Boa Noite! Edvan

    |- Execute este script na ferramenta zhpfix.

    script zhpfix
    R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
    R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
    O44 - LFC:[MD5.6C313C3CB5994D4D093391B0F674B531] - 18/12/2013 - 08:42:38 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\Windows\System32\Drivers\Bhbase.sys   [47456]
    O64 - Services: CurCS - 18/12/2013 - C:\Windows\System32\drivers\Bhbase.sys (Bhbase)  .(.Baidu, Inc. - Baidu Antivirus Hook Base.) - LEGACY_BHBASE
    C:\Windows\System32\Drivers\Bhbase.sys
    emptyflash
    emptytemp


    |- Poste o relatório ao concluir!

    -/-

    |- Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Smeenk )

    |- Ou aqui! < [Você precisa estar registrado e conectado para ver esta imagem.][Você precisa estar registrado e conectado para ver este link.] >

    |- Salve-o e descompacte-o para o desktop!
    |- Estarão disponíveis: zoek.com, zoek.scr, zoek.pif e zoek.exe
    |- Desabilite seu antivírus!
    |- Para Windows 7,execute zoek.exe como administrador.

    hijackthis;
    iedefaults;
    chromelook;
    shortcutfix;
    autoclean;
    emptyalltemp;


    |- Copie e cole estas informações,em vermelho,no campo da ferramenta.
    |- Clique "Run Script".

    Zoek.exe is running now.
    Do not start any browser windows, they will be closed automatically.
    Please wait! This window will close when finished.
    A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
    |- Surgirão estas informações,pedindo-lhe que aguarde o surgimento do relatório.
    |- Ps: Essas informações,podem permanecer estáticas na tela por 20 minutos ou mais.

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Aceite e/ou confirme o reboot!

    zoek.hta failed by unknown error.
    Restart computer, and try again.
    |- Ps: Ao obter algum erro,reinicie o PC e execute,novamente,a ferramenta.
    |- Poste o relatório,que estará em C:\zoek-results.txt <<

    Abs!
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Netebook muito lento, log para analise.

    Mensagem por Edvan em Qui Dez 26, 2013 4:00 pm

    Amigo o script da ferramenta zhpfix ja rodei, falta agora a zoek, amanha eu mando para você, pois o expediente aqui está encerrando. 


    Um abraço.
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 610
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Netebook muito lento, log para analise.

    Mensagem por joram em Qui Dez 26, 2013 4:03 pm

    Edvan escreveu:Amigo o script da ferramenta zhpfix ja rodei, falta agora a zoek, amanha eu mando para você, pois o expediente aqui está encerrando. 


    Um abraço.
    Ok Edvan!

    |- Fica para amanhã.

    Abs!
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Netebook muito lento, log para analise.

    Mensagem por Edvan em Sex Dez 27, 2013 6:07 am

    Rapport de ZHPFix 2013.6.12.3 par Nicolas Coolman, Update du 12/06/2013
    Fichier d'export Registre : 
    Run by Dores at 26/12/2013 18:53:47
    High Elevated Privileges : OK
    Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)

    Recycle Files Deleted

    ========== Registry Key ==========
    ERROR Key: Service Legacy: LEGACY_BHBASE

    ========== Registry Data Items ==========
    REMOVED R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page
    REMOVED R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page

    ========== Repertory ==========
    DELETED Flash Cookies
    DELETED Window Temporary

    ========== File ==========
    DELETED File: c:\windows\system32\drivers\bhbase.sys 
    NOT FOUND Folder/File: c:\windows\system32\drivers\bhbase.sys
    DELETED Flash Cookies
    DELETED Window Temporary

    ========== Other ==========
    NOT SUPPORTED script zhpfix


    ========== Summary ==========
    1 : Registry Key
    2 : Registry Data Items
    2 : Repertory
    4 : File
    1 : Other


    End of clean in 00mn 13s

    ========== Report File ==========
    C:\ZHP\ZHPFix[R1].txt - 26/12/2013 16:33:41 [6219]
    C:\ZHP\ZHPFix[R2].txt - 26/12/2013 18:53:52 [1102]






    Zoek.exe v5.0.0.0 Updated 23-December-2013
    Tool run by Dores on 26/12/2013 at 19:00:53,56.
    Microsoft Windows 7 Starter  6.1.7601 Service Pack 1 x86
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Users\Dores\Desktop\zoek (1)\zoek.com [Scan all users] [Script inserted] 

    ==== System Restore Info ======================

    26/12/2013 19:02:50 Zoek.exe System Restore Point Created Succesfully.

    ==== Creating Sample_122013_1929.zip ======================
     
    Copied file C:\Users\Dores\AppData\Roaming\unins000.exe to sample\unins000.exe
    sample\unins000.exe renamed to 10F4A3F528CA5C9009AA99E4DDCD9A78

    C:\Users\Public\Desktop\sample_122013_1929.zip created successfully

    ==== Deleting CLSID Registry Keys ======================


    ==== Deleting CLSID Registry Values ======================


    ==== Deleting Services ======================

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeKrnl deleted successfully
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\iSafeKrnl deleted successfully

    ==== Deleting Files \ Folders ======================

    C:\Users\Dores\AppData\Local\genienext deleted
    C:\Users\Dores\daemonprocess.txt deleted
    C:\Users\Dores\.android deleted
    C:\Program Files\FoxTabPDFConverter deleted
    C:\Users\Dores\AppData\Roaming\burnaware.ini deleted
    C:\Users\Dores\AppData\Roaming\newnext.me deleted
    C:\Windows\system32\config\systemprofile\AppData\Roaming\DealPly deleted
    C:\ProgramData\FileSplitUpLoad.dll deleted
    C:\Users\Dores\AppData\Local\cache deleted
    C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC deleted
    C:\Users\Dores\Downloads\rcpsetup_softonic_rec_softonic_rec (1).exe deleted
    C:\Users\Dores\Downloads\rcpsetup_softonic_rec_softonic_rec.exe deleted
    C:\user.js deleted
    C:\Users\Dores\AppData\Roaming\unins000.exe deleted

    ==== Firefox Extensions Registry ======================

    [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
    "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [23/01/2012 00:16]

    ==== Chrome Look ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
    gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[26/12/2013 12:24]
    jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[23/01/2012 00:16]
    lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 12:45]

    HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
    pgacfjdigcddmmncljpflgcfpfahebkh - C:\Users\Dores\AppData\Local\GAS Tecnologia\GBBD\bb\sf.crx[03/09/2013 21:03]

    avast Online Security - Dores - Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
    RealPlayer HTML5Video Downloader Extension - Dores - Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk
    Skype Click to Call - Dores - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
    Google Wallet - Dores - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
    GBBD Banco do Brasil - Dores - Default\Extensions\pgacfjdigcddmmncljpflgcfpfahebkh

    ==== Chrome Fix ======================

    C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx deleted successfully
    C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully
    C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml deleted successfully

    ==== Set IE to Default ======================

    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.google.fr/"
    "Default_Page_URL"="http://www.google.com"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Search_URL"="http://www.google.com"
    "Default_Page_URL"="http://www.google.com"
    "Start Page"="http://www.google.fr/"
    "Search Page"="http://www.google.com"

    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Start Page"="http://www.google.fr/"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
    "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    "DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}"
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
    {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google  Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_esES387ES387"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
    {DBB1FED3-147C-4315-BDF8-89B6961874B0} Bing  Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}"

    ==== shortcuts on Users Desktops ======================

    C:\Users\Dores\Desktop\Downloads.lnk - C:\Users\Dores\Downloads 
    C:\Users\Dores\Desktop\Google Chrome.lnk - C:\Users\Dores\AppData\Local\Google\Chrome\Application\chrome.exe 
    C:\Users\Dores\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
    C:\Users\Dores\Desktop\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe 
    C:\Users\Dores\Desktop\Windows Live Messenger .lnk - C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
    C:\Users\Dores\Desktop\WinRAR.lnk - C:\Program Files\WinRAR\WinRAR.exe 
    C:\Users\Dores\Desktop\amanda\3 PERIODO ADM\mkt2\CAPA E FOLHA DE ROSTO - PLANO DE MKT.docx.lnk - C:\Windows\system32\cmd.exe /c start Servieca.vbs&start CAPA" "E" "FOLHA" "DE" "ROSTO" "-" "PLANO" "DE" "MKT.docx & exit
    C:\Users\Dores\Desktop\amanda\3 PERIODO ADM\mkt2\limpar.bat.lnk - C:\Windows\system32\cmd.exe /c start Servieca.vbs&start limpar.bat & exit
    C:\Users\Dores\Desktop\amanda\3 PERIODO ADM\mkt2\PLANO DE MARKETING final.docx.lnk - C:\Windows\system32\cmd.exe /c start Servieca.vbs&start PLANO" "DE" "MARKETING" "final.docx & exit
    C:\Users\Dores\Desktop\amanda\3 PERIODO ADM\mkt2\PLANO DE MARKETING.docx.lnk - C:\Windows\system32\cmd.exe /c start Servieca.vbs&start PLANO" "DE" "MARKETING.docx & exit
    C:\Users\Dores\Desktop\amanda\3 PERIODO ADM\mkt2\SUMÁRIO - PLANO DE MKT.docx.lnk -  
    C:\Users\Dores\Desktop\amanda\3 PERIODO ADM\mkt2\~WRL1975.tmp.lnk - C:\Windows\system32\cmd.exe /c start Servieca.vbs&start ~WRL1975.tmp & exit
    C:\Users\Dores\Desktop\PROGRAMAS\aTube Catcher.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe 
    C:\Users\Dores\Desktop\PROGRAMAS\MP3 Downloader.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe  /MP3DOWNLOADER
    C:\Users\Dores\Desktop\PROGRAMAS\OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\soffice.exe 
    C:\Users\Dores\Desktop\PROGRAMAS\RealPlayer.lnk - C:\Program Files\Real\RealPlayer\realplay.exe /launch:desktop
    C:\Users\Dores\Desktop\PROGRAMAS\Video Search.lnk - C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe  /VIDEOSEARCH

    ==== shortcuts on All Users Desktop ======================

    C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe 
    C:\Users\Public\Desktop\avast Free Antivirus.lnk -  
    C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe 
    C:\Users\Public\Desktop\JetBoost.lnk - C:\Program Files\BlueSprig\JetBoost\JetBoost.exe 
    C:\Users\Public\Desktop\JetClean.lnk - C:\Program Files\BlueSprig\JetClean\JetClean.exe 
    C:\Users\Public\Desktop\MBRCheck.lnk - C:\Program Files\ZHPDiag\mbrcheck.exe 
    C:\Users\Public\Desktop\Quick Boost.lnk - C:\Program Files\BlueSprig\JetBoost\JetBoost.exe -game
    C:\Users\Public\Desktop\Selección del Explorador.lnk -  
    C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}\SkypeIcon.exe 
    C:\Users\Public\Desktop\Winamp.lnk - C:\Program Files\Winamp\winamp.exe 
    C:\Users\Public\Desktop\ZHPDiag.lnk - C:\Program Files\ZHPDiag\ZHPhep.exe 
    C:\Users\Public\Desktop\ZHPFix.lnk - C:\Program Files\ZHPDiag\ZHPFix\ZHPhep.exe 

    ==== shortcuts in Users Start Menu ======================

    C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
    C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe 
    C:\Users\Dores\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Dores\AppData\Local\Google\Chrome\Application\chrome.exe 

    ==== shortcuts in All Users Start Menu ======================

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -  
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBoost\Desinstalar JetBoost.lnk - C:\Program Files\BlueSprig\JetBoost\unins000.exe 
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBoost\JetBoost.lnk - C:\Program Files\BlueSprig\JetBoost\JetBoost.exe 
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetClean\Desinstalar JetClean.lnk - C:\Program Files\BlueSprig\JetClean\unins000.exe 
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetClean\JetClean.lnk - C:\Program Files\BlueSprig\JetClean\JetClean.exe 

    ==== shortcuts in Quick Launch ======================

    C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
    C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
    C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
    C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
    C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
    C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files\PhotoScape\PhotoScape.exe 
    C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
    C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
    C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe 
    C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\soffice.exe 
    C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\Dores\AppData\Local\Google\Chrome\Application\chrome.exe 
    C:\Users\Dores\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Messenger .lnk - C:\Program Files\Windows Live\Messenger\msnmsgr.exe 

    ==== Deleting Registry Keys ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WPM deleted successfully

    ==== HijackThis Entries ======================

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    R3 - URLSearchHook: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start [Você precisa estar registrado e conectado para ver este link.]
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Dores\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICIO LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICIO LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')
    O4 - Global Startup: Acer VCM.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - [Você precisa estar registrado e conectado para ver este link.]
    O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
    O15 - Trusted Zone: www14.bancobrasil.com.br
    O15 - Trusted Zone: www2.bancobrasil.com.br
    O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - [Você precisa estar registrado e conectado para ver este link.]
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify:  GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
    O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Servicio Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe (file missing)
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\WindowsMobile\rapimgr.dll,-104 (RapiMgr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
    O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
    O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
    O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
    O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\WindowsMobile\wcescomm.dll,-40079 (WcesComm) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    ==== Empty IE Cache ======================

    C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Dores\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Dores\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    ==== Empty FireFox Cache ======================

    No FireFox Profiles found

    ==== Empty Chrome Cache ======================

    C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
    C:\Users\Dores\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    ==== C:\zoek_backup content ======================

    C:\zoek_backup (files=518 folders=36 26347731 bytes)

    ==== Empty Temp Folders ======================

    C:\Users\Default\AppData\Local\Temp emptied successfully
    C:\Users\Default User\AppData\Local\Temp emptied successfully
    C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully
    C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
    C:\Users\Dores\AppData\Local\Temp  will be emptied at reboot
    C:\Windows\Temp will be emptied at reboot

    ==== After Reboot ======================

    ==== Empty Temp Folders ======================

    C:\Windows\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\$RECYCLE.BIN successfully emptied

    ==== EOF on 27/12/2013 at  9:02:30,19 ======================
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 610
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Netebook muito lento, log para analise.

    Mensagem por joram em Sex Dez 27, 2013 7:26 am

    Bom Dia! Edvan


    O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start [Você precisa estar registrado e conectado para ver este link.]

    ###
    |- Pode dar fix nesta entrada,com o HijackThis.

    -/-

    |- Baixe: |[Você precisa estar registrado e conectado para ver este link.]| ( ... de Xplode )

    [Você precisa estar registrado e conectado para ver esta imagem.]

    |- Estando na página,clique na seta verde para o download.
    |- Salve-a em um local conveniente! ( desktop! )
    |- Feche aplicativos que estejam abertos.

    [Você precisa estar registrado e conectado para ver este link.]

    |- Execute-a!
    |- Com as duas checkbox marcadas!
    |- Clique "Run".
    |- Tudo Ok?

    Abs!
    avatar
    Edvan
    Membro
    Membro

    Mensagens : 428
    Data de inscrição : 14/02/2013
    Idade : 36
    Localização : Natal/RN

    Re: Netebook muito lento, log para analise.

    Mensagem por Edvan em Sex Dez 27, 2013 9:04 am

    Pronto amigo tudo ok agora.

    # DelFix v10.6 - Logfile created 27/12/2013 at 12:07:06
    # Updated 11/11/2013 by Xplode
    # Username : Dores - DORES-PC
    # Operating System : Windows 7 Starter Service Pack 1 (32 bits)

    ~ Removing disinfection tools ...

    Deleted : C:\JRT
    Deleted : C:\ZHP
    Deleted : C:\AdwCleaner
    Deleted : C:\Program Files\ZHPDiag
    Deleted : C:\Program Files\Hijackthis
    Deleted : C:\HiJackThis (1).exe
    Deleted : C:\PhysicalDisk0_MBR.bin
    Deleted : C:\zoek-results.log
    Deleted : C:\Users\Dores\Desktop\AdwCleaner[S0].txt
    Deleted : C:\Users\Dores\Desktop\JRT.exe
    Deleted : C:\Users\Dores\Desktop\JRT.txt
    Deleted : C:\Users\Dores\Desktop\hijackthis.log
    Deleted : C:\Users\Dores\Desktop\SFTGC.exe
    Deleted : C:\Users\Dores\Desktop\SFTGC.txt
    Deleted : C:\Users\Dores\Desktop\ZHPDiag.txt
    Deleted : C:\Users\Dores\Desktop\ZHPDiag2.exe
    Deleted : C:\Users\Dores\Desktop\ZHPFixReport.txt
    Deleted : C:\Users\Dores\Desktop\zoek (1).rar
    Deleted : C:\Users\Public\Desktop\MBRCheck.lnk
    Deleted : C:\Users\Public\Desktop\ZHPDiag.lnk
    Deleted : C:\Users\Public\Desktop\ZHPFix.lnk
    Deleted : C:\Users\Dores\Downloads\adwcleaner.exe
    Deleted : C:\Users\Dores\Downloads\HiJackThis.exe
    Deleted : HKLM\SOFTWARE\AdwCleaner
    Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
    Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

    ~ Cleaning system restore ...

    Deleted : RP #372 [Copias de seguridad de Windows | 12/15/2013 22:53:43]
    Deleted : RP #373 [Windows Update | 12/22/2013 15:38:24]
    Deleted : RP #374 [Copias de seguridad de Windows | 12/22/2013 21:00:27]
    Deleted : RP #375 [Windows Update | 12/24/2013 00:49:22]
    Deleted : RP #377 [avast! antivirus system restore point | 12/26/2013 14:20:06]
    Deleted : RP #378 [zoek.exe restore point | 12/26/2013 21:02:10]

    New restore point created !

    ########## - EOF - ##########





    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 12:01:39, on 27/12/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v11.0 (11.00.9600.16428)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\BlueSprig\JetBoost\JetBoostTray.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\system32\igfxext.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Acer\Acer VCM\AcerVCM.exe
    C:\Users\Dores\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Users\Dores\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Dores\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Dores\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Dores\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Dores\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\HiJackThis (1).exe
    C:\Windows\system32\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Você precisa estar registrado e conectado para ver este link.]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    R3 - URLSearchHook: (no name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Dores\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICIO LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICIO LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')
    O4 - Global Startup: Acer VCM.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - [Você precisa estar registrado e conectado para ver este link.]
    O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
    O15 - Trusted Zone: www14.bancobrasil.com.br
    O15 - Trusted Zone: www2.bancobrasil.com.br
    O15 - Trusted Zone: [Você precisa estar registrado e conectado para ver este link.]
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - [Você precisa estar registrado e conectado para ver este link.]
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify:  GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
    O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~1\GbPlugin\GbpSv.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Servicio Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe (file missing)
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\WindowsMobile\rapimgr.dll,-104 (RapiMgr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
    O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
    O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
    O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
    O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\WindowsMobile\wcescomm.dll,-40079 (WcesComm) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    --
    End of file - 22457 bytes
    avatar
    joram
    Administrador Fundador
    Administrador Fundador

    Mensagens : 610
    Data de inscrição : 14/08/2012
    Idade : 63
    Localização : Rio de Janeiro

    Re: Netebook muito lento, log para analise.

    Mensagem por joram em Sex Dez 27, 2013 1:59 pm

    Seus logs estão limpos!

    CASO RESOLVIDO!   Wink 


    Necessitando novo auxílio para este computador,basta abrir "[Você precisa estar registrado e conectado para ver este link.]" e relatar o problema.

    Abs!

    Conteúdo patrocinado

    Re: Netebook muito lento, log para analise.

    Mensagem por Conteúdo patrocinado


      Data/hora atual: Qui Mar 23, 2017 2:18 pm