Ir para conteúdo

BABOO e KTS 2018 no YouTube Loja online do BABOO

zezelto

Participante
  • Postagens

    32
  • Desde

  • Última visita

Perfil

  • Escolaridade
    2º grau completo
  • Nível Profissional
    Autônomo
  • Estado
    Mato Grosso do Sul
  • Sexo
    masculino
  1. Analise de logs

    Segue logs para analise ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.3 (04.10.2017) Operating System: Windows 10 Pro x64 Ran by ZEZELTO (Administrator) on 21/04/2017 at 19:57:25,65 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 21/04/2017 at 20:39:26,98 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v6.045 - Relatório criado 21/04/2017 às 19:08:23 # Atualizado em 28/03/2017 por Malwarebytes # Banco de dados : 2017-04-21.1 [Servidor] # Sistema operacional : Windows 10 Pro (X64) # Usuário : ZEZELTO - DESKTOP-RI07GG2 # Executando de : C:\Users\ZEZELTO\Desktop\AdwCleaner (3).exe # Modo: Limpo # Apoio : https://www.malwarebytes.com/support ***** [ Serviços ] ***** [-] Serviço excluído:YSearchUtilSvc [-] Serviço excluído:iFunSoftUpdaterSvc [-] Serviço excluído:Solvusoft Suite Service ***** [ Pastas ] ***** [-] Pasta excluída:C:\Users\ZEZELTO\AppData\Local\slimware utilities inc [-] Pasta excluída:C:\Users\ZEZELTO\AppData\Local\YSearchUtil [#] Pasta excluída na reinicialização:C:\Users\ZEZELTO\AppData\Local\SlimWare Utilities Inc [-] Pasta excluída:C:\Users\ZEZELTO\AppData\LocalLow\iFunSoft [-] Pasta excluída:C:\Users\ZEZELTO\AppData\Roaming\PC faster [-] Pasta excluída:C:\Users\ZEZELTO\AppData\Roaming\iFunSoft [-] Pasta excluída:C:\Program Files\Enigma Software Group [-] Pasta excluída:C:\ProgramData\Solvusoft [-] Pasta excluída:C:\ProgramData\BSD\DriverHive [-] Pasta excluída:C:\ProgramData\iFunSoft [-] Pasta excluída:C:\ProgramData\BSD [#] Pasta excluída na reinicialização:C:\ProgramData\BSD\DriverHiveEngine [-] Pasta excluída:C:\ProgramData\Zbshareware Lab [-] Pasta excluída:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft [-] Pasta excluída:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security [-] Pasta excluída:C:\Users\Public\Documents\Guid [-] Pasta excluída:C:\Program Files (x86)\Solvusoft [-] Pasta excluída:C:\Program Files (x86)\Yahoo!\yset [-] Pasta excluída:C:\Program Files (x86)\iFunSoft [-] Pasta excluída:C:\Program Files (x86)\USB Disk Security [-] Pasta excluída:C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Solvusoft [-] Pasta excluída:C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil ***** [ Arquivos ] ***** [-] Arquivo excluído:C:\Users\ZEZELTO\Downloads\REGCLEANER.EXE [-] Arquivo excluído:C:\Users\ZEZELTO\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Atalhos ] ***** ***** [ Atividades agendadas ] ***** [-] Tarefa eliminada:DriverDoc Auto Start ***** [ Registro ] ***** [-] Chave excluída:HKU\S-1-5-21-259142593-962520523-2691621642-1001\Software\Solvusoft [-] Chave excluída:HKU\S-1-5-21-259142593-962520523-2691621642-1001\Software\BSD [#] Chave excluída na reinicialização:HKCU\Software\Solvusoft [#] Chave excluída na reinicialização:HKCU\Software\BSD [-] Chave excluída:HKLM\SOFTWARE\Trymedia Systems [-] Chave excluída:HKLM\SOFTWARE\BSD [-] Chave excluída:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet [#] Chave excluída na reinicialização:[x64] HKCU\Software\Solvusoft [#] Chave excluída na reinicialização:[x64] HKCU\Software\BSD [-] Chave excluída:[x64] HKLM\SOFTWARE\DtsEncodeTools [-] Chave excluída:HKLM\SOFTWARE\Classes\Installer\Features\0570A0D4430B8FD479ED621F12A22CFF [-] Chave excluída:HKLM\SOFTWARE\Classes\Installer\Products\0570A0D4430B8FD479ED621F12A22CFF [-] Chave excluída:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0570A0D4430B8FD479ED621F12A22CFF [#] Chave excluída na reinicialização:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0570A0D4430B8FD479ED621F12A22CFF [#] Chave excluída na reinicialização:[x64] HKLM\SOFTWARE\Classes\Installer\Features\0570A0D4430B8FD479ED621F12A22CFF [#] Chave excluída na reinicialização:[x64] HKLM\SOFTWARE\Classes\Installer\Products\0570A0D4430B8FD479ED621F12A22CFF ***** [ Verificando navegadores ... ] ***** [-] Preferências do Firefox limpas:"coupons.urls" - "[\"hxxps://i_spigjs_info.tlscdn.com/spig/javascript.js?hid=1&channel=FF\",\"hxxps://i_spigtrdpjs_info.tlscdn.com/spigtr/javascript.js?hid=1&channel=FF\"]" [-] [C:\Users\ZEZELTO\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Eliminado:br.ask.com ************************* :: Chaves "Tracing" excluídas :: Configurações Winsock restauradas ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [4356 Bytes] - [21/04/2017 19:08:23] C:\AdwCleaner\AdwCleaner[S0].txt - [4286 Bytes] - [21/04/2017 19:07:20] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4502 Bytes] ########## Segue log do adwCleaner: # AdwCleaner v6.045 - Relatório criado 21/04/2017 às 19:08:23 # Atualizado em 28/03/2017 por Malwarebytes # Banco de dados : 2017-04-21.1 [Servidor] # Sistema operacional : Windows 10 Pro (X64) # Usuário : ZEZELTO - DESKTOP-RI07GG2 # Executando de : C:\Users\ZEZELTO\Desktop\AdwCleaner (3).exe # Modo: Limpo # Apoio : https://www.malwarebytes.com/support ***** [ Serviços ] ***** [-] Serviço excluído:YSearchUtilSvc [-] Serviço excluído:iFunSoftUpdaterSvc [-] Serviço excluído:Solvusoft Suite Service ***** [ Pastas ] ***** [-] Pasta excluída:C:\Users\ZEZELTO\AppData\Local\slimware utilities inc [-] Pasta excluída:C:\Users\ZEZELTO\AppData\Local\YSearchUtil [#] Pasta excluída na reinicialização:C:\Users\ZEZELTO\AppData\Local\SlimWare Utilities Inc [-] Pasta excluída:C:\Users\ZEZELTO\AppData\LocalLow\iFunSoft [-] Pasta excluída:C:\Users\ZEZELTO\AppData\Roaming\PC faster [-] Pasta excluída:C:\Users\ZEZELTO\AppData\Roaming\iFunSoft [-] Pasta excluída:C:\Program Files\Enigma Software Group [-] Pasta excluída:C:\ProgramData\Solvusoft [-] Pasta excluída:C:\ProgramData\BSD\DriverHive [-] Pasta excluída:C:\ProgramData\iFunSoft [-] Pasta excluída:C:\ProgramData\BSD [#] Pasta excluída na reinicialização:C:\ProgramData\BSD\DriverHiveEngine [-] Pasta excluída:C:\ProgramData\Zbshareware Lab [-] Pasta excluída:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft [-] Pasta excluída:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security [-] Pasta excluída:C:\Users\Public\Documents\Guid [-] Pasta excluída:C:\Program Files (x86)\Solvusoft [-] Pasta excluída:C:\Program Files (x86)\Yahoo!\yset [-] Pasta excluída:C:\Program Files (x86)\iFunSoft [-] Pasta excluída:C:\Program Files (x86)\USB Disk Security [-] Pasta excluída:C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Solvusoft [-] Pasta excluída:C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil ***** [ Arquivos ] ***** [-] Arquivo excluído:C:\Users\ZEZELTO\Downloads\REGCLEANER.EXE [-] Arquivo excluído:C:\Users\ZEZELTO\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Atalhos ] ***** ***** [ Atividades agendadas ] ***** [-] Tarefa eliminada:DriverDoc Auto Start ***** [ Registro ] ***** [-] Chave excluída:HKU\S-1-5-21-259142593-962520523-2691621642-1001\Software\Solvusoft [-] Chave excluída:HKU\S-1-5-21-259142593-962520523-2691621642-1001\Software\BSD [#] Chave excluída na reinicialização:HKCU\Software\Solvusoft [#] Chave excluída na reinicialização:HKCU\Software\BSD [-] Chave excluída:HKLM\SOFTWARE\Trymedia Systems [-] Chave excluída:HKLM\SOFTWARE\BSD [-] Chave excluída:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet [#] Chave excluída na reinicialização:[x64] HKCU\Software\Solvusoft [#] Chave excluída na reinicialização:[x64] HKCU\Software\BSD [-] Chave excluída:[x64] HKLM\SOFTWARE\DtsEncodeTools [-] Chave excluída:HKLM\SOFTWARE\Classes\Installer\Features\0570A0D4430B8FD479ED621F12A22CFF [-] Chave excluída:HKLM\SOFTWARE\Classes\Installer\Products\0570A0D4430B8FD479ED621F12A22CFF [-] Chave excluída:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0570A0D4430B8FD479ED621F12A22CFF [#] Chave excluída na reinicialização:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0570A0D4430B8FD479ED621F12A22CFF [#] Chave excluída na reinicialização:[x64] HKLM\SOFTWARE\Classes\Installer\Features\0570A0D4430B8FD479ED621F12A22CFF [#] Chave excluída na reinicialização:[x64] HKLM\SOFTWARE\Classes\Installer\Products\0570A0D4430B8FD479ED621F12A22CFF ***** [ Verificando navegadores ... ] ***** [-] Preferências do Firefox limpas:"coupons.urls" - "[\"hxxps://i_spigjs_info.tlscdn.com/spig/javascript.js?hid=1&channel=FF\",\"hxxps://i_spigtrdpjs_info.tlscdn.com/spigtr/javascript.js?hid=1&channel=FF\"]" [-] [C:\Users\ZEZELTO\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Eliminado:br.ask.com ************************* :: Chaves "Tracing" excluídas :: Configurações Winsock restauradas ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [4356 Bytes] - [21/04/2017 19:08:23] C:\AdwCleaner\AdwCleaner[S0].txt - [4286 Bytes] - [21/04/2017 19:07:20] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4502 Bytes] ########## Segue log do hijackthis: ogfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:43:22, on 21/04/2017 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.10586.0873) Boot mode: Normal Running processes: C:\PROGRA~2\GbPlugin\GbpSv.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Users\ZEZELTO\Desktop\HijackThis (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://login.latinamweb.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll O4 - HKLM\..\Run: [USB antivírus] C:\Program Files (x86)\USB Disk Security\RunUSBGuard.exe O4 - HKLM\..\Run: [TVTray] C:\Program Files (x86)\ENLTV\TVTray.exe O4 - HKLM\..\Run: [TVTrayMCE] C:\PROGRA~2\ENLTV\TVTray.exe O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" O4 - Startup: Start.lnk = ? O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.aeriagames.com O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11172 bytes
  2. Analise de logs

    Boa tarde desculpe a demora em responder. Seque Log do MBAM. Malwarebytes www.malwarebytes.com -Detalhes de registro- Data da análise: 21/04/17 Hora da análise: 15:47 Arquivo de registro: anti virus.txt Administrador: Sim -Informação do software- Versão: 3.0.6.1469 Versão de componentes: 1.0.103 Versão do pacote de definições: 1.0.1777 Licença: Versão de avaliação -Informação do sistema- Sistema operacional: Windows 10 CPU: x64 Sistema de arquivos: NTFS Usuário: DESKTOP-RI07GG2\ZEZELTO -Resumo da análise- Tipo de análise: Análise de Ameaças Resultado: Concluído Objetos verificados: 432341 Tempo decorrido: 21 min, 57 seg -Opções da análise- Memória: Habilitado Inicialização: Habilitado Sistema de arquivos: Habilitado Arquivos compactados: Habilitado Rootkits: Habilitado Heurística: Habilitado PUP: Habilitado PUM: Habilitado -Detalhes da análise- Processo: 0 (Nenhum item malicioso detectado) Módulo: 0 (Nenhum item malicioso detectado) Chave de registro: 0 (Nenhum item malicioso detectado) Valor de registro: 0 (Nenhum item malicioso detectado) Dados de registro: 0 (Nenhum item malicioso detectado) Fluxo de dados: 0 (Nenhum item malicioso detectado) Pasta: 3 PUP.Optional.Solvusoft, C:\ProgramData\Solvusoft\Solvusoft Suite\Logs, Nenhuma ação do usuário, [349], [319820],1.0.1777 PUP.Optional.Solvusoft, C:\ProgramData\Solvusoft\Solvusoft Suite, Nenhuma ação do usuário, [349], [319820],1.0.1777 PUP.Optional.Solvusoft, C:\PROGRAMDATA\Solvusoft, Nenhuma ação do usuário, [349], [319820],1.0.1777 Arquivo: 1 PUP.Optional.Solvusoft, C:\ProgramData\Solvusoft\Solvusoft Suite\Logs\Service.log.txt, Nenhuma ação do usuário, [349], [319820],1.0.1777 Setor físico: 0 (Nenhum item malicioso detectado) Segue Log do Hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:24:19, on 21/04/2017 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.10586.0873) Boot mode: Normal Running processes: C:\PROGRA~2\GbPlugin\GbpSv.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\agent.exe C:\Users\ZEZELTO\Desktop\HijackThis (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://login.latinamweb.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll O4 - HKLM\..\Run: [USB antivírus] C:\Program Files (x86)\USB Disk Security\RunUSBGuard.exe O4 - HKLM\..\Run: [TVTray] C:\Program Files (x86)\ENLTV\TVTray.exe O4 - HKLM\..\Run: [TVTrayMCE] C:\PROGRA~2\ENLTV\TVTray.exe O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" O4 - Startup: Start.lnk = ? O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.aeriagames.com O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iFunSoft Updater (iFunSoftUpdaterSvc) - iFunSoft - C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Solvusoft Suite Service - Solvusoft Corporation - C:\Program Files (x86)\Solvusoft\SuiteService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: YSearchUtilSvc - Yahoo Inc. - C:\Program Files (x86)\Yahoo!\yset\{122B9384-7F01-A648-8701-03BAB08F1EA4}\YSearchUtilSvc.exe -- End of file - 11870 bytes
  3. Analise de logs

    Já fiz todos os procedimentos solicitados no Tópico Oficial...Meu PC esta muito lento e travandoSegue meu Log para exame: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:57:34, on 16/04/2017 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.10586.0873) Boot mode: Normal Running processes: C:\PROGRA~2\GbPlugin\GbpSv.exe C:\PROGRA~2\GbPlugin\GbpSv.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Users\ZEZELTO\Desktop\HijackThis (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://login.latinamweb.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll O4 - HKLM\..\Run: [USB antivírus] C:\Program Files (x86)\USB Disk Security\RunUSBGuard.exe O4 - HKLM\..\Run: [TVTray] C:\Program Files (x86)\ENLTV\TVTray.exe O4 - HKLM\..\Run: [TVTrayMCE] C:\PROGRA~2\ENLTV\TVTray.exe O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" O4 - HKUS\S-1-5-21-259142593-962520523-2691621642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04162017162157445\..\Run: [Akamai NetSession Interface] "C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe" (User '?') O4 - HKUS\S-1-5-21-259142593-962520523-2691621642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04162017162157445\..\Run: [ISUSPM Startup] "c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe" -startup (User '?') O4 - HKUS\S-1-5-21-259142593-962520523-2691621642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04162017162157445\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (User '?') O4 - HKUS\S-1-5-21-259142593-962520523-2691621642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04162017162157445\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64" (User '?') O4 - HKUS\S-1-5-21-259142593-962520523-2691621642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04162017162308306\..\Run: [Akamai NetSession Interface] "C:\Users\ZEZELTO\AppData\Local\Akamai\netsession_win.exe" (User '?') O4 - HKUS\S-1-5-21-259142593-962520523-2691621642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04162017162308306\..\RunOnce: [Uninstall C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ZEZELTO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64" (User '?') O4 - S-1-5-21-259142593-962520523-2691621642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04162017162157445 Startup: Start.lnk = ? (User '?') O4 - S-1-5-21-259142593-962520523-2691621642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04162017162308306 Startup: Start.lnk = ? (User '?') O4 - Startup: Start.lnk = ? O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.aeriagames.com O15 - Trusted Zone: http://www.bb.com.br O15 - Trusted Zone: http://www.caixa.gov.br O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iFunSoft Updater (iFunSoftUpdaterSvc) - iFunSoft - C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Solvusoft Suite Service - Solvusoft Corporation - C:\Program Files (x86)\Solvusoft\SuiteService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: YSearchUtilSvc - Yahoo Inc. - C:\Program Files (x86)\Yahoo!\yset\{122B9384-7F01-A648-8701-03BAB08F1EA4}\YSearchUtilSvc.exe -- End of file - 13703 bytes
  4. Analise de log Hijackthis

    Vlw amigo um grande abraço ok
  5. Analise de log Hijackthis

    Zoek.exe v5.0.0.0 Updated 23-March-2015 Tool run by Zezelto on 25/03/2015 at 6:41:14,85. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Zezelto\Desktop\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2015-03-25-013324.log 2730 bytes ==== System Restore Info ====================== 25/03/2015 06:42:35 Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-659561988-1454047286-3924272670-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3233CB5E-D530-4775-907E-EB11D130691F} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812\prefs.js: Added to C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); Deleted from C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\5xahgxb4.default\prefs.js: Added to C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\5xahgxb4.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_032015_0706_.backup ProfilePath: C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\5xahgxb4.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_032015_0706_.backup ==== Deleting Files \ Folders ====================== C:\DXSETUP.exe deleted C:\HijackThis.exe deleted C:\Users\Zezelto\AppData\Roaming\WB.CFG deleted C:\Users\Zezelto\AppData\Roaming\temp.ini deleted C:\Users\Zezelto\AppData\Roaming\FileShred.log deleted C:\PROGRA~3\FileSplitUpLoad.dll deleted C:\PROGRA~3\ProductData deleted C:\PROGRA~3\InstallMate deleted C:\Users\Zezelto\Downloads\DeviceDoctor_Bundle.exe deleted C:\Users\Zezelto\Downloads\sysrc_trial.exe deleted C:\Users\Zezelto\Downloads\SoftonicDownloader_para_directx.exe deleted C:\Users\Zezelto\AppData\LocalLow\{56B95465-ED77-52A1-EC8E-84B6C0A27A3F} deleted C:\Users\Zezelto\AppData\LocalLow\{ED6BFA63-59CF-58BD-430F-944B133370FC} deleted C:\Users\Zezelto\AppData\LocalLow\ADSRemoval deleted C:\Users\Zezelto\AppData\LocalLow\SIEN SA deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Toolbar4 deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted C:\Windows\Syswow64\InstallUtil.InstallLog deleted "C:\Users\Zezelto\AppData\Roaming\CIYUNS" deleted "C:\Users\Zezelto\AppData\Roaming\NFYLOST" deleted "C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\5xahgxb4.default\extensions\iobitapps@mybrowserbar.com" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812 user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\5xahgxb4.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Proxy Settings ====================== ProfilePath: C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812 user_pref("network.proxy.autoconfig_url", "file://C:\\Users\\Zezelto\\appdata\\Local\\Temp\\ZEZELTO-PC.txt"); user_pref("network.proxy.type", 2); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [23/03/2015 18:13] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812 - QuickJava - %ProfilePath%\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi - JavaScript Debugger - %ProfilePath%\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812 63F8C13F269B10BC9363B007DAAACAE6 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll - Shockwave Flash F6D12679B9112358AC705A1308156F59 - C:\Users\Zezelto\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 16E021336015A88C338889517AC8FDBC - C:\Users\Zezelto\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll - IGG Web3D Updater NP Plugin for Mozilla 4C8F3B45A1C7AAC854DC80E5FD644591 - C:\Users\Zezelto\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll - JoyConnectShell NP Plugin for Mozilla ==== Chromium Look ====================== Google Chrome Version: 41.0.2272.101 (Latest Stable version: 41.0.2272.101) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[23/03/2015 18:12] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 18:22] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions apdfllckaahabafndbhieahigkjlhalf - No path found[] Comodo Web Inspector - Zezelto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn surf and kkeep - Zezelto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fbilelocoegijpijfkblhnmgijnkkiib YoutubeAdblocker - Zezelto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lkcpjeokccfhhdaiggjiibchcgamcigl Skype Click to Call - Zezelto\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl undetermined - Zezelto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki undetermined - Zezelto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Startpages ====================== C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": " ==== Chromium Fix ====================== C:\Users\Zezelto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lkcpjeokccfhhdaiggjiibchcgamcigl deleted successfully C:\Users\Zezelto\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fbilelocoegijpijfkblhnmgijnkkiib deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {068443EE-D628-15AE-C844-0BF936CCB50E} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {D5A5F194-2541-47D4-92A1-2C9C8553C5DE} Google Url="https://www.google.com/search?q={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\Zezelto\AppData\Local\Comodo\Dragon\User Data\Default\Preferences was reset successfully C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Zezelto\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully C:\Users\Zezelto\AppData\Local\Comodo\Dragon\User Data\Default\Web Data was reset successfully C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\Zezelto\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\Zezelto\Desktop\AML Free Registry Cleaner.lnk - C:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exe C:\Users\Zezelto\Desktop\CrossFire AL.lnk - C:\Program Files (x86)\Z8Games\CrossFire BR\cfPT_launcher.exe C:\Users\Zezelto\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Zezelto\Desktop\Meu Computador.lnk - C:\Users\Zezelto\Desktop\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\Zezelto\Desktop\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Zezelto\Desktop\OS - Cubo Sistemas.lnk - C:\OS - Cubo Sistemas\OS - Cubo Sistemas.exe C:\Users\Zezelto\Desktop\Programa_ponyprog2000 - Atalho.lnk - C:\Users\Zezelto\Downloads\Programa_ponyprog2000.rar C:\Users\Zezelto\Desktop\Spybot - Search & Destroy.lnk - C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe C:\Users\Zezelto\Desktop\Velocidade Do PC.lnk - C:\Program Files (x86)\Velocidade Do PC\PCSULauncher.exe C:\Users\Zezelto\Desktop\Wolfteam.lnk - C:\AeriaGames\Wolfteam\aeria_launcher.exe wt C:\Users\Zezelto\Desktop\Documents\Zezelto - Atalho.lnk - C:\Users\Zezelto C:\Users\Zezelto\Desktop\zeze\Google Drive.lnk - C:\Users\Zezelto\Google Drive ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\ Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\Aeria Ignite.lnk - C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe C:\Users\Public\Desktop\Avast Free antivírus.lnk - C:\Program Files (x86)\AVAST Software\Avast\avastui.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\Game option.lnk - C:\Windows\USB Vibration\dr100&110\GameControler.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\MV RegClean 6.9.lnk - C:\Program Files (x86)\Marcos Velasco Security\MV RegClean 6.9\MVREGCLEAN.EXE C:\Users\Public\Desktop\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8 C:\Users\Public\Desktop\Registry Recycler.lnk - C:\Program Files (x86)\Registry Recycler\RegistryRecycler.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Zezelto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Wolfteam\Get Aeria Points.lnk - C:\AeriaGames\Wolfteam\Get Aeria Points.URL C:\Users\Zezelto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Wolfteam\Play Wolfteam.lnk - C:\AeriaGames\Wolfteam\aeria_launcher.exe wt C:\Users\Zezelto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Wolfteam\Uninstall.lnk - C:\AeriaGames\Wolfteam\Uninst.exe C:\Users\Zezelto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames\Wolfteam\Wolfteam Website.lnk - C:\AeriaGames\Wolfteam\Wolfteam Website.URL ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames\Ignite.lnk - C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Free antivírus.lnk - C:\Program Files\AVAST Software\Avast\avastui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Obter Ajuda.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visite Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Desinstalar Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Velocidade Do PC\Desinstalar Velocidade Do PC.lnk - C:\Program Files (x86)\Velocidade Do PC\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Velocidade Do PC\Velocidade Do PC.lnk - C:\Program Files (x86)\Velocidade Do PC\PCSULauncher.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games\CrossFire BR\CrossFire AL.lnk - C:\Program Files (x86)\Z8Games\CrossFire BR\cfPT_launcher.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games\CrossFire BR\Desinstalar crossfire.lnk - C:\Program Files (x86)\Z8Games\CrossFire BR\unins000.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Zezelto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Zezelto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Zezelto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Zezelto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk - C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe C:\Users\Zezelto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Zezelto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Zezelto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Aeria Ignite.lnk - C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe C:\Users\Zezelto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Zezelto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Zezelto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Zezelto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Zezelto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Zezelto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyOverride"="<local>" "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Zezelto\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Zezelto\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\Zezelto\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=42 folders=20 13233528 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\Zezelto\AppData\Local\Temp will be emptied at reboot C:\Users\USURIO~1\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Zezelto\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on 25/03/2015 at 7:36:44,03 ====================== Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 07:39:59, on 25/03/2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17344) Boot mode: Normal Running processes: C:\Windows\SysWOW64\notepad.exe C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Zezelto\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~2\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AML Registry Cleaner] C:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exe /min O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~2\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~2\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} - O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avast antivírus (avast! antivírus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10466 bytes
  6. Analise de log Hijackthis

    Segue log: # AdwCleaner v4.112 - Logfile created 20/03/2015 at 22:52:19# Updated 09/03/2015 by Xplode# Database : 2015-03-15.1 [server]# Operating system : Windows 7 Ultimate Service Pack 1 (x64)# Username : Zezelto - ZEZELTO-PC# Running from : C:\Users\Zezelto\Downloads\adwcleaner_4.112.exe# Option : Cleaning ***** [ Services ] ***** [#] Service Deleted : qrnfd_1_10_0_9 ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\baiduFolder Deleted : C:\ProgramData\IHProtectUpDateFolder Deleted : C:\Program Files (x86)\predmFolder Deleted : C:\Program Files (x86)\XTabFolder Deleted : C:\Program Files (x86)\GU PlayerFolder Deleted : C:\Users\Zezelto\AppData\Local\SmartWebFolder Deleted : C:\Users\Zezelto\AppData\Roaming\AnyProtectExFolder Deleted : C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812\Extensions\fftoolbar2014@etech.comFolder Deleted : C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812\Extensions\searchengine@gmail.comFolder Deleted : C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812\Extensions\istart_ffnt@gmail.comFile Deleted : C:\ProgramData\Duplicaterecord.jsFile Deleted : C:\Windows\System32\drivers\Msft_Kernel_webinstrNHKT_01009.WdfFile Deleted : C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\5xahgxb4.default\user.js ***** [ Scheduled tasks ] ***** Task Deleted : APSnotifierPP1Task Deleted : APSnotifierPP2Task Deleted : APSnotifierPP3Task Deleted : SmartWeb Upgrade Trigger Task ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Mozilla\ExtendsKey Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}Key Deleted : HKCU\Software\AnyProtectKey Deleted : HKCU\Software\InstalledBrowserExtensionsKey Deleted : HKCU\Software\GAMESDESKTOPKey Deleted : HKCU\Software\AppDataLow\Software\CheckMeUpKey Deleted : HKLM\SOFTWARE\AskPartnerNetworkKey Deleted : HKLM\SOFTWARE\ConduitKey Deleted : HKLM\SOFTWARE\InstalledBrowserExtensionsKey Deleted : HKLM\SOFTWARE\SearchProtectKey Deleted : HKLM\SOFTWARE\BaiduKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtectKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtectKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackageKey Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensionsKey Deleted : [x64] HKLM\SOFTWARE\BubbleSoundData Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local> ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17689 -\\ Mozilla Firefox v35.0.1 (x86 pt-BR) [2t7vd3nj.default-1354908366812\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.alias", "mystartsearch");[2t7vd3nj.default-1354908366812\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/web/favicon.ico");[2t7vd3nj.default-1354908366812\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.name", "mystartsearch");[2t7vd3nj.default-1354908366812\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=dspp&ts=1426888796&from=slbnew&uid=SAMSUNGXHD753LJ_S1VDJ50S402851&q={searchTerms}");[2t7vd3nj.default-1354908366812\prefs.js] - Line Deleted : user_pref("extensions.enabledAddons", "fftoolbar2014%40etech.com:1.0.0.1025,fftoolbar2014%40etech.com:1.0.0.1025,istart_ffnt%40gmail.com:5.3.7,searchengine%40gmail.com:1.0.0.1027,%7B972ce4c6-7e08-4474[...] -\\ Google Chrome v41.0.2272.89 [C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}[C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.hao123.com/s?tn=SE_garavast_6upp6eh1&cid=avastbcl&ie=utf-8&wd={searchTerms}[C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts=1426888796&from=slbnew&uid=SAMSUNGXHD753LJ_S1VDJ50S402851&q={searchTerms}[C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts=1426888796&from=slbnew&uid=SAMSUNGXHD753LJ_S1VDJ50S402851&q={searchTerms} -\\ Comodo Dragon v [C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}[C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.hao123.com/s?tn=SE_garavast_6upp6eh1&cid=avastbcl&ie=utf-8&wd={searchTerms}[C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts=1426888796&from=slbnew&uid=SAMSUNGXHD753LJ_S1VDJ50S402851&q={searchTerms}[C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts=1426888796&from=slbnew&uid=SAMSUNGXHD753LJ_S1VDJ50S402851&q={searchTerms} -\\ Opera v0.0.0.0 [C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}[C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.hao123.com/s?tn=SE_garavast_6upp6eh1&cid=avastbcl&ie=utf-8&wd={searchTerms}[C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts=1426888796&from=slbnew&uid=SAMSUNGXHD753LJ_S1VDJ50S402851&q={searchTerms}[C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts=1426888796&from=slbnew&uid=SAMSUNGXHD753LJ_S1VDJ50S402851&q={searchTerms} ************************* AdwCleaner[R0].txt - [16096 bytes] - [23/10/2013 08:58:56]AdwCleaner[R10].txt - [6316 bytes] - [20/03/2015 22:34:48]AdwCleaner[R1].txt - [23462 bytes] - [09/07/2014 07:49:54]AdwCleaner[R2].txt - [1339 bytes] - [10/07/2014 08:51:03]AdwCleaner[R3].txt - [1399 bytes] - [17/07/2014 14:09:34]AdwCleaner[R4].txt - [5884 bytes] - [31/10/2014 22:45:29]AdwCleaner[R5].txt - [1569 bytes] - [31/10/2014 22:52:17]AdwCleaner[R6].txt - [2112 bytes] - [03/11/2014 17:29:33]AdwCleaner[R7].txt - [2232 bytes] - [06/11/2014 11:53:15]AdwCleaner[R8].txt - [3712 bytes] - [09/11/2014 21:41:53]AdwCleaner[R9].txt - [4220 bytes] - [16/03/2015 21:55:35]AdwCleaner[s0].txt - [15731 bytes] - [23/10/2013 09:00:42]AdwCleaner[s1].txt - [21809 bytes] - [09/07/2014 07:51:01]AdwCleaner[s2].txt - [5462 bytes] - [31/10/2014 22:47:36]AdwCleaner[s3].txt - [2044 bytes] - [31/10/2014 22:53:46]AdwCleaner[s4].txt - [2162 bytes] - [03/11/2014 17:30:58]AdwCleaner[s5].txt - [2282 bytes] - [06/11/2014 11:54:44]AdwCleaner[s6].txt - [4274 bytes] - [16/03/2015 21:58:03]AdwCleaner[s7].txt - [7939 bytes] - [20/03/2015 22:52:19] ########## EOF - C:\AdwCleaner\AdwCleaner[s7].txt - [7998 bytes] ########### AdwCleaner v4.113 - Logfile created 24/03/2015 at 18:48:32# Updated 22/03/2015 by Xplode# Database : 2015-03-23.1 [server]# Operating system : Windows 7 Ultimate Service Pack 1 (x64)# Username : Zezelto - ZEZELTO-PC# Running from : C:\Users\Zezelto\Desktop\AdwCleaner (1).exe# Option : Cleaning ***** [ Services ] ***** [#] Service Deleted : SCService ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files (x86)\RBMFolder Deleted : C:\Users\Zezelto\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]Key Deleted : HKLM\SOFTWARE\Classes\PCSU.RegistryKey Deleted : HKLM\SOFTWARE\Classes\PCSU.SysUtilsKey Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]Key Deleted : HKCU\Software\Speedchecker LimitedKey Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local> ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17344 -\\ Mozilla Firefox v35.0.1 (x86 pt-BR) -\\ Google Chrome v41.0.2272.89 -\\ Comodo Dragon v -\\ Opera v0.0.0.0 ************************* AdwCleaner[R0].txt - [16096 bytes] - [23/10/2013 08:58:56]AdwCleaner[R10].txt - [9853 bytes] - [20/03/2015 22:34:48]AdwCleaner[R11].txt - [3384 bytes] - [24/03/2015 18:46:30]AdwCleaner[R1].txt - [23462 bytes] - [09/07/2014 07:49:54]AdwCleaner[R2].txt - [1339 bytes] - [10/07/2014 08:51:03]AdwCleaner[R3].txt - [1399 bytes] - [17/07/2014 14:09:34]AdwCleaner[R4].txt - [5884 bytes] - [31/10/2014 22:45:29]AdwCleaner[R5].txt - [1569 bytes] - [31/10/2014 22:52:17]AdwCleaner[R6].txt - [2112 bytes] - [03/11/2014 17:29:33]AdwCleaner[R7].txt - [2232 bytes] - [06/11/2014 11:53:15]AdwCleaner[R8].txt - [3712 bytes] - [09/11/2014 21:41:53]AdwCleaner[R9].txt - [4220 bytes] - [16/03/2015 21:55:35]AdwCleaner[s0].txt - [15731 bytes] - [23/10/2013 09:00:42]AdwCleaner[s1].txt - [21809 bytes] - [09/07/2014 07:51:01]AdwCleaner[s2].txt - [5462 bytes] - [31/10/2014 22:47:36]AdwCleaner[s3].txt - [2044 bytes] - [31/10/2014 22:53:46]AdwCleaner[s4].txt - [2162 bytes] - [03/11/2014 17:30:58]AdwCleaner[s5].txt - [2282 bytes] - [06/11/2014 11:54:44]AdwCleaner[s6].txt - [4274 bytes] - [16/03/2015 21:58:03]AdwCleaner[s7].txt - [11317 bytes] - [20/03/2015 22:52:19] ########## EOF - C:\AdwCleaner\AdwCleaner[s7].txt - [11377 bytes] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.4.6 (03.22.2015:1)OS: Windows 7 Ultimate x64Ran by Zezelto on 24/03/2015 at 18:54:08,05~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A75ADC9F-1B92-44A9-9CCC-5DE50BC5A91B} ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 24/03/2015 at 19:01:29,95End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Logfile of Trend Micro HijackThis v2.0.4Scan saved at 19:04:55, on 24/03/2015Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v11.0 (11.00.9600.17344)Boot mode: Normal Running processes:C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exeC:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXEC:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Users\Zezelto\Desktop\JRT.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\notepad.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Users\Zezelto\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~2\SDHelper.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dllO2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllO2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dllO4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /noguiO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [AML Registry Cleaner] C:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exe /minO4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exe"O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITORO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~2\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~2\SDHelper.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} - O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: Avast antivírus (avast! antivírus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exeO23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exeO23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 10291 bytes
  7. Analise de log Hijackthis

    Segue log mbam: Malwarebytes Anti-Malwarewww.malwarebytes.org Data da Verificação: 24/03/2015Hora da Verificação: 10:41:56Arquivo de Log: mbam.txtAdministrador: Sim Versão: 2.00.4.1028Base de Dados de Malware: v2015.03.24.05Base de Dados de Rootkit: v2015.02.25.01Licença: GrátisProteção de Malware: DesabilitadoProteção de Site Malicioso: DesabilitadoAuto-Proteção: Desabilitado SO: Windows 7 Service Pack 1Processador: x64Sistema de Arquivos: NTFSUsuário: Zezelto Tipo da Verificação: Verificar AmeaçaResultado: TerminadoObjetos Verificados: 363316Tempo Decorrido: 13 min, 56 seg Memória: HabilitadoInicialização: HabilitadoSistema de Arquivos: HabilitadoArquivos Compactados: HabilitadoRootkits: DesabilitadoHeurística: HabilitadoPUP: AvisoPUM: Habilitado Processos: 0(Nenhum item malicioso detectado) Módulos: 0(Nenhum item malicioso detectado) Chaves de Registro: 2PUP.Optional.SpeedChecker.A, HKLM\SOFTWARE\Speedchecker Limited, Quarentena, [193c292093f72b0b755f31930300ea16], PUP.Optional.SpeedChecker.A, HKLM\SOFTWARE\WOW6432NODE\Speedchecker Limited, Quarentena, [00554603c8c2350124b0853f7a89659b], Valores de Registro: 0(Nenhum item malicioso detectado) Dados de Registro: 0(Nenhum item malicioso detectado) Pastas: 1PUP.Optional.Cinema.A, C:\Program Files (x86)\CinemaP-1.9cV20.03, Quarentena, [ed684306692178bedad4cccb8b784eb2], Arquivos: 1PUP.Optional.DownloadAdmin, C:\Users\Zezelto\Downloads\mp3rocket (2).exe, Quarentena, [3d18e267e5a51a1c793992c6a95725db], Setores Físicos: 0(Nenhum item malicioso detectado) (end) Log hijackthis: Logfile of Trend Micro HijackThis v2.0.4Scan saved at 11:06:15, on 24/03/2015Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v11.0 (11.00.9600.17344)Boot mode: Normal Running processes:C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exeC:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exeC:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXEC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exeC:\Program Files (x86)\Velocidade Do PC\PCSUNotifier.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Users\Zezelto\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~2\SDHelper.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dllO2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllO2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /noguiO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [AML Registry Cleaner] C:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exe /minO4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exe"O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITORO4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\Velocidade Do PC\PCSUNotifier.exeO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~2\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~2\SDHelper.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} - O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: Avast antivírus (avast! antivírus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exeO23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exeO23 - Service: SpeedChecker Service (SCService) - Unknown owner - C:\Program Files (x86)\Velocidade Do PC\SpeedCheckerService.exeO23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 10739 bytes
  8. Analise de log Hijackthis

    amigo fiz todos os procedimentos iniciais segue abaixo log do Hijackthis: Logfile of Trend Micro HijackThis v2.0.4Scan saved at 22:08:41, on 23/03/2015Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v11.0 (11.00.9600.17344)Boot mode: Normal Running processes:C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exeC:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXEC:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exeC:\Program Files (x86)\Velocidade Do PC\PCSUNotifier.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~2\SDHelper.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dllO2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllO2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /noguiO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [AML Registry Cleaner] C:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exe /minO4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exe"O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITORO4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\Velocidade Do PC\PCSUNotifier.exeO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~2\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~2\SDHelper.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} - O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: Avast antivírus (avast! antivírus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exeO23 - Service: SpeedChecker Service (SCService) - Unknown owner - C:\Program Files (x86)\Velocidade Do PC\SpeedCheckerService.exeO23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 10410 bytes Obs:computador está muito lento e travando muito ok
  9. solicito análise de log do hijackthis

    Segue abaixo log do adwcleaner: # AdwCleaner v4.112 - Logfile created 20/03/2015 at 22:34:48# Updated 09/03/2015 by Xplode# Database : 2015-03-15.1 [server]# Operating system : Windows 7 Ultimate Service Pack 1 (x64)# Username : Zezelto - ZEZELTO-PC# Running from : C:\Users\Zezelto\Downloads\adwcleaner_4.112.exe# Option : Scan ***** [ Services ] ***** Service Found : qrnfd_1_10_0_9 ***** [ Files / Folders ] ***** File Found : C:\ProgramData\Duplicaterecord.jsFile Found : C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\5xahgxb4.default\user.jsFile Found : C:\Windows\System32\drivers\Msft_Kernel_webinstrNHKT_01009.WdfFolder Found : C:\Program Files (x86)\GU PlayerFolder Found : C:\Program Files (x86)\predmFolder Found : C:\Program Files (x86)\XTabFolder Found : C:\ProgramData\baiduFolder Found : C:\ProgramData\IHProtectUpDateFolder Found : C:\Users\Zezelto\AppData\Local\SmartWebFolder Found : C:\Users\Zezelto\AppData\Roaming\AnyProtectExFolder Found : C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812\Extensions\fftoolbar2014@etech.comFolder Found : C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812\Extensions\istart_ffnt@gmail.comFolder Found : C:\Users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812\Extensions\searchengine@gmail.com ***** [ Scheduled tasks ] ***** Task Found : APSnotifierPP1Task Found : APSnotifierPP2Task Found : APSnotifierPP3Task Found : SmartWeb Upgrade Trigger Task ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>Key Found : HKCU\Software\AnyProtectKey Found : HKCU\Software\AppDataLow\Software\CheckMeUpKey Found : HKCU\Software\GAMESDESKTOPKey Found : HKCU\Software\InstalledBrowserExtensionsKey Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtectKey Found : HKCU\Software\Mozilla\ExtendsKey Found : [x64] HKCU\Software\AnyProtectKey Found : [x64] HKCU\Software\GAMESDESKTOPKey Found : [x64] HKCU\Software\InstalledBrowserExtensionsKey Found : HKLM\SOFTWARE\AskPartnerNetworkKey Found : HKLM\SOFTWARE\BaiduKey Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}Key Found : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}Key Found : HKLM\SOFTWARE\ConduitKey Found : HKLM\SOFTWARE\InstalledBrowserExtensionsKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtectKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackageKey Found : HKLM\SOFTWARE\SearchProtectKey Found : [x64] HKLM\SOFTWARE\BubbleSoundKey Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}Key Found : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17689 -\\ Mozilla Firefox v35.0.1 (x86 pt-BR) [2t7vd3nj.default-1354908366812] - Line Found : user_pref("browser.search.searchengine.alias", "mystartsearch");[2t7vd3nj.default-1354908366812] - Line Found : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/web/favicon.ico");[2t7vd3nj.default-1354908366812] - Line Found : user_pref("browser.search.searchengine.name", "mystartsearch");[2t7vd3nj.default-1354908366812] - Line Found : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=dspp&ts=1426888796&from=slbnew&uid=SAMSUNGXHD753LJ_S1VDJ50S402851&q={searchTerms}");[2t7vd3nj.default-1354908366812] - Line Found : user_pref("extensions.enabledAddons", "fftoolbar2014%40etech.com:1.0.0.1025,fftoolbar2014%40etech.com:1.0.0.1025,istart_ffnt%40gmail.com:5.3.7,searchengine%40gmail.com:1.0.0.1027,%7B972ce4c6-7e08-4474[...] -\\ Google Chrome v41.0.2272.89 [C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}[C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://search.hao123.com/s?tn=SE_garavast_6upp6eh1&cid=avastbcl&ie=utf-8&wd={searchTerms}[C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts=1426888796&from=slbnew&uid=SAMSUNGXHD753LJ_S1VDJ50S402851&q={searchTerms}[C:\Users\Zezelto\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts=1426888796&from=slbnew&uid=SAMSUNGXHD753LJ_S1VDJ50S402851&q={searchTerms} -\\ Comodo Dragon v -\\ Opera v0.0.0.0 ************************* AdwCleaner[R0].txt - [16096 bytes] - [23/10/2013 08:58:56]AdwCleaner[R10].txt - [5201 bytes] - [20/03/2015 22:34:48]AdwCleaner[R1].txt - [23462 bytes] - [09/07/2014 07:49:54]AdwCleaner[R2].txt - [1339 bytes] - [10/07/2014 08:51:03]AdwCleaner[R3].txt - [1399 bytes] - [17/07/2014 14:09:34]AdwCleaner[R4].txt - [5884 bytes] - [31/10/2014 22:45:29]AdwCleaner[R5].txt - [1569 bytes] - [31/10/2014 22:52:17]AdwCleaner[R6].txt - [2112 bytes] - [03/11/2014 17:29:33]AdwCleaner[R7].txt - [2232 bytes] - [06/11/2014 11:53:15]AdwCleaner[R8].txt - [3712 bytes] - [09/11/2014 21:41:53]AdwCleaner[R9].txt - [4220 bytes] - [16/03/2015 21:55:35]AdwCleaner[s0].txt - [15731 bytes] - [23/10/2013 09:00:42]AdwCleaner[s1].txt - [21809 bytes] - [09/07/2014 07:51:01]AdwCleaner[s2].txt - [5462 bytes] - [31/10/2014 22:47:36]AdwCleaner[s3].txt - [2044 bytes] - [31/10/2014 22:53:46]AdwCleaner[s4].txt - [2162 bytes] - [03/11/2014 17:30:58]AdwCleaner[s5].txt - [2282 bytes] - [06/11/2014 11:54:44]AdwCleaner[s6].txt - [4274 bytes] - [16/03/2015 21:58:03] ########## EOF - C:\AdwCleaner\AdwCleaner[R10].txt - [6208 bytes] ########### AdwCleaner v4.113 - Logfile created 23/03/2015 at 21:01:25# Updated 22/03/2015 by Xplode# Database : 2015-03-23.1 [server]# Operating system : Windows 7 Ultimate Service Pack 1 (x64)# Username : Zezelto - ZEZELTO-PC# Running from : C:\Users\Zezelto\Desktop\AdwCleaner (1).exe# Option : Scan ***** [ Services ] ***** Service Found : pcsuserviceService Found : SCService ***** [ Files / Folders ] ***** Folder Found : C:\Program Files (x86)\RBMFolder Found : C:\ProgramData\baiduFolder Found : C:\Users\Zezelto\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp ***** [ Scheduled tasks ] ***** Task Found : PC SpeedUp Service Deactivator ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}Key Found : HKCU\Software\Speedchecker LimitedKey Found : [x64] HKCU\Software\Speedchecker LimitedKey Found : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}Key Found : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}Key Found : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}Key Found : HKLM\SOFTWARE\Classes\PCSU.RegistryKey Found : HKLM\SOFTWARE\Classes\PCSU.SysUtilsKey Found : HKLM\SOFTWARE\Speedchecker LimitedKey Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1Key Found : [x64] HKLM\SOFTWARE\Speedchecker LimitedValue Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}] ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17344 -\\ Mozilla Firefox v35.0.1 (x86 pt-BR) -\\ Google Chrome v41.0.2272.89 -\\ Comodo Dragon v -\\ Opera v0.0.0.0 ************************* AdwCleaner[R0].txt - [16096 bytes] - [23/10/2013 08:58:56]AdwCleaner[R10].txt - [8687 bytes] - [20/03/2015 22:34:48]AdwCleaner[R1].txt - [23462 bytes] - [09/07/2014 07:49:54]AdwCleaner[R2].txt - [1339 bytes] - [10/07/2014 08:51:03]AdwCleaner[R3].txt - [1399 bytes] - [17/07/2014 14:09:34]AdwCleaner[R4].txt - [5884 bytes] - [31/10/2014 22:45:29]AdwCleaner[R5].txt - [1569 bytes] - [31/10/2014 22:52:17]AdwCleaner[R6].txt - [2112 bytes] - [03/11/2014 17:29:33]AdwCleaner[R7].txt - [2232 bytes] - [06/11/2014 11:53:15]AdwCleaner[R8].txt - [3712 bytes] - [09/11/2014 21:41:53]AdwCleaner[R9].txt - [4220 bytes] - [16/03/2015 21:55:35]AdwCleaner[s0].txt - [15731 bytes] - [23/10/2013 09:00:42]AdwCleaner[s1].txt - [21809 bytes] - [09/07/2014 07:51:01]AdwCleaner[s2].txt - [5462 bytes] - [31/10/2014 22:47:36]AdwCleaner[s3].txt - [2044 bytes] - [31/10/2014 22:53:46]AdwCleaner[s4].txt - [2162 bytes] - [03/11/2014 17:30:58]AdwCleaner[s5].txt - [2282 bytes] - [06/11/2014 11:54:44]AdwCleaner[s6].txt - [4274 bytes] - [16/03/2015 21:58:03]AdwCleaner[s7].txt - [8094 bytes] - [20/03/2015 22:52:19] ########## EOF - C:\AdwCleaner\AdwCleaner[R10].txt - [9753 bytes] ########## Segue abaixo log do jrt: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.4.6 (03.22.2015:1)OS: Windows 7 Ultimate x64Ran by Zezelto on 23/03/2015 at 21:07:18,57~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\pcspeedup ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update rightsurfSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update serialtruncSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util rightsurfSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util serialtruncSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A75ADC9F-1B92-44A9-9CCC-5DE50BC5A91B} ~~~ Files Successfully deleted: [File] C:\Windows\Tasks\PC SpeedUp Service Deactivator.job ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\baidu"Successfully deleted: [Folder] "C:\ProgramData\baidu security"Successfully deleted: [Folder] "C:\Users\Zezelto\AppData\Roaming\baidu security"Successfully deleted: [Folder] "C:\Program Files (x86)\baidu security"Successfully deleted: [Folder] "C:\Users\Zezelto\AppData\Roaming\microsoft\windows\start menu\programs\baidu PC faster"Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"Successfully deleted: [Empty Folder] C:\Users\Zezelto\appdata\local\{11A35A28-83CE-4C89-B9C0-AACE0650A684} ~~~ FireFox Emptied folder: C:\Users\Zezelto\AppData\Roaming\mozilla\firefox\profiles\2t7vd3nj.default-1354908366812\minidumps [9 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 23/03/2015 at 21:16:40,81End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Segue abaixo log do hijackthis: Logfile of Trend Micro HijackThis v2.0.4Scan saved at 21:19:44, on 23/03/2015Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v11.0 (11.00.9600.17344)Boot mode: Normal Running processes:C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exeC:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exeC:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXEC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exeC:\Users\Zezelto\Desktop\JRT.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\SysWOW64\notepad.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Users\Zezelto\Desktop\HijackThis (4).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~2\SDHelper.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dllO2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllO2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /noguiO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [AML Registry Cleaner] C:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exe /minO4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exe"O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITORO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~2\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~2\SDHelper.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} - O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: Avast antivírus (avast! antivírus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\Velocidade Do PC\PCSUService.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exeO23 - Service: SpeedChecker Service (SCService) - Unknown owner - C:\Program Files (x86)\Velocidade Do PC\SpeedCheckerService.exeO23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 10711 bytes
  10. solicito análise de log do hijackthis

    eis abaixo o log: Logfile of Trend Micro HijackThis v2.0.4Scan saved at 20:04:12, on 23/03/2015Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v11.0 (11.00.9600.17344)Boot mode: Normal Running processes:C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exeC:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exeC:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXEC:\Program Files (x86)\Velocidade Do PC\PCSUNotifier.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exeC:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Users\Zezelto\Desktop\HijackThis (4).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~2\SDHelper.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dllO2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllO2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /noguiO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [AML Registry Cleaner] C:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exe /minO4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exe"O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITORO4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\Velocidade Do PC\PCSUNotifier.exeO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~2\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~2\SDHelper.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} - O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: Avast antivírus (avast! antivírus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\Velocidade Do PC\PCSUService.exeO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exeO23 - Service: SpeedChecker Service (SCService) - Unknown owner - C:\Program Files (x86)\Velocidade Do PC\SpeedCheckerService.exeO23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 10645 bytes
  11. Segue log do mbam: Malwarebytes Anti-Malware www.malwarebytes.org Data da Verificação: 10/11/2014Hora da Verificação: 20:58:46Arquivo de Log: mabam.txtAdministrador: Sim Versão: 2.00.3.1025Base de Dados de Malware: v2014.11.10.10Base de Dados de Rootkit: v2014.11.10.01Licença: GrátisProteção de Malware: DesabilitadoProteção de Site Malicioso: DesabilitadoAuto-Proteção: Desabilitado SO: Windows 7 Service Pack 1Processador: x64Sistema de Arquivos: NTFSUsuário: Zezelto Tipo da Verificação: Verificar AmeaçaResultado: TerminadoObjetos Verificados: 346246Tempo Decorrido: 21 min, 51 seg Memória: HabilitadoInicialização: HabilitadoSistema de Arquivos: HabilitadoArquivos Compactados: HabilitadoRootkits: HabilitadoHeurística: HabilitadoPUP: HabilitadoPUM: Habilitado Processos: 0(Nenhum item malicioso detectado) Módulos: 0(Nenhum item malicioso detectado) Chaves de Registro: 0(Nenhum item malicioso detectado) Valores de Registro: 0(Nenhum item malicioso detectado) Dados de Registro: 0(Nenhum item malicioso detectado) Pastas: 0(Nenhum item malicioso detectado) Arquivos: 0(Nenhum item malicioso detectado) Setores Físicos: 0(Nenhum item malicioso detectado) (end) Segue log do hijackthis: Logfile of Trend Micro HijackThis v2.0.4Scan saved at 21:43:18, on 10/11/2014Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v11.0 (11.00.9600.17344)Boot mode: Normal Running processes:C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exeC:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXEC:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exeC:\Program Files\AVAST Software\Avast\avastui.exeC:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Users\Zezelto\Desktop\HijackThis (4).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dllO2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllO2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dllO4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /noguiO4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [AML Registry Cleaner] C:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exe /minO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exe"O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITORO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO15 - Trusted Zone: http://*.aeriagames.comO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: avast! antivírus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 9833 bytes
  12. Amigo já fiz todos os procedimentos inicias e gostarim que me ajudasse a descobrir o que está acontecendo com meu PC ok ele anda meio lento e não sei o que fazer . to achando que é virus ok segue log do hijackthis: Logfile of Trend Micro HijackThis v2.0.4Scan saved at 18:06:48, on 10/11/2014Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v10.0 (10.00.9200.16843)Boot mode: Normal Running processes:C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exeC:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXEC:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exeC:\Program Files\AVAST Software\Avast\avastui.exeC:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Users\Zezelto\Desktop\HijackThis (4).exeC:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dllO2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllO2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dllO4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /noguiO4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [AML Registry Cleaner] C:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exe /minO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exe"O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITORO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO15 - Trusted Zone: http://*.aeriagames.comO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: avast! antivírus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 9644 bytes
  13. o que fazer para formatar meu PC ?

    meu PC anda meio lento estou achando que preciso formatar ele mas não sei como,alguém poderia me ajudar a fazer isoo?
  14. Amigo fiz tudo que você me disse ok Obs:você poderia me dizer quais eram os vírus que estavam no meu PC? Muito obrigado !!!!!!!!!
  15. Logfile of Trend Micro HijackThis v2.0.4Scan saved at 17:21:20, on 09/07/2014Platform: Windows 7 SP1 (WinNT 6.00.3505)MSIE: Internet Explorer v11.0 (11.00.9600.17126)Boot mode: Normal Running processes:C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files\AVAST Software\Avast\avastui.exeC:\Users\Zezelto\Desktop\HijackThis (3).exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com.br/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.comR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.comR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLLO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllO2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllO2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllO4 - HKLM\..\Run: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silentO4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /noguiO4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesO4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exeO4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Zezelto\AppData\Local\Akamai\netsession_win.exe"O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXEO8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllO9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllO9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO15 - Trusted Zone: http://*.aeriagames.comO17 - HKLM\System\CCS\Services\Tcpip\..\{99E2AE96-65A8-439A-8B15-27D296AACE06}: NameServer = 208.67.222.222,208.67.220.220O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: avast! antivírus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exeO23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --End of file - 9619 bytes O combo fix vou ter que mandar por partes pois ficou muito extenso ok 1)parte ComboFix 14-07-08.01 - Zezelto 09/07/2014 16:58:23.4.2 - x64Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.4086.2058 [GMT -4:00]Executando de: c:\users\Zezelto\Desktop\ComboFix.exeComandos utilizados :: c:\users\Zezelto\Desktop\CFScript.txt.txtAV: avast! antivírus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}FW: avast! antivírus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}SP: avast! antivírus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.FILE ::"c:\arquivos de programas\Baidu Security\Baidu antivírus\BavShx.dll""c:\arquivos de programas\Baidu Security\Baidu antivírus\BavTray.exe""c:\arquivos de programas\Baidu Security\Baidu antivírus\BdCameraProtect.sys""c:\program files (x86)\Baidu Security\Baidu antivírus\BdApiUtil64.sys""c:\program files (x86)\Baidu Security\Baidu antivírus\BdCameraProtect64.sys""c:\program files (x86)\Baidu Security\Baidu antivírus\Spring64.sys""c:\program files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys""c:\program files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys""c:\program files\Baidu Security\PC Faster\4.0.0.0\PCFaster.exe""c:\windows\system32\drivers\bnbasex64.sys""c:\windows\System32\drivers\Bfilter.sys""c:\windows\System32\drivers\Bfmon.sys""c:\windows\System32\drivers\Bhbase.sys""c:\windows\System32\drivers\BHipsEx.sys""c:\windows\system32\drivers\bnbasex64.sys""c:\windows\System32\drivers\bndef.sys""c:\windows\System32\drivers\bndef64.sys""c:\windows\System32\drivers\Bprotect.sys""c:\windows\System32\drivers\BprotectEx.sys""c:\windows\system32\DRIVERS\mvavpd.sys"..((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))..c:\program files (x86)\Baidu Securityc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aebb.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aecore.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aecrypto.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aedroid.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aeemu.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aeexp.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aegen.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aehelp.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aeheur.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aelibinf.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aelidb.datc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aemobile.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aeoffice.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aepack.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aerdl.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aesbx.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aescn.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aescript.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aeset.datc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aevdf.datc:\program files (x86)\Baidu Security\Baidu antivírus\avira\aevdf.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avengine.inic:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate.confc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate.exec:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate.logc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\ave2\win32\int\aeexp.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\ave2\win32\int\aeheur.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\ave2\win32\int\aeoffice.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\ave2\win32\int\aepack.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\ave2\win32\int\aescript.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\ave2\win32\int\aeset.datc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\aevdf.datc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase008.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase009.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase010.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase011.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase012.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase013.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase014.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase015.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase016.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase017.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase018.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase019.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase020.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase021.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase022.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase023.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase024.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase025.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase026.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase027.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase028.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase029.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase030.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_backup\n_vdf\vbase031.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\avupdate_msg.avrc:\program files (x86)\Baidu Security\Baidu antivírus\avira\HBEDV.KEYc:\program files (x86)\Baidu Security\Baidu antivírus\avira\idx\master.idxc:\program files (x86)\Baidu Security\Baidu antivírus\avira\Microsoft.VC90.CRT.manifestc:\program files (x86)\Baidu Security\Baidu antivírus\avira\Mname\AV-malware-names-1532-ghkFb3c:\program files (x86)\Baidu Security\Baidu antivírus\avira\msvcr90.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\savapi3.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\unacev2.dllc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase000.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase001.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase002.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase003.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase004.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase005.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase006.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase007.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase008.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase009.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase010.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase011.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase012.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase013.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase014.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase015.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase016.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase017.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase018.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase019.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase020.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase021.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase022.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase023.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase024.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase025.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase026.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase027.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase028.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase029.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase030.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\avira\vbase031.vdfc:\program files (x86)\Baidu Security\Baidu antivírus\Bav.exec:\program files (x86)\Baidu Security\Baidu antivírus\BavAs.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavBase.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavBh.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavBsReport.exec:\program files (x86)\Baidu Security\Baidu antivírus\BavClean.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavCloud.exec:\program files (x86)\Baidu Security\Baidu antivírus\BavCns.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavCommon.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavCs.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavDllFilter.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavDs.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavFi.dllc:\program files (x86)\Baidu Security\Baidu antivírus\bavhm.exec:\program files (x86)\Baidu Security\Baidu antivírus\BavIPC.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavLib.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavLSP.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavMem.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavNp.exec:\program files (x86)\Baidu Security\Baidu antivírus\Bavnt.dllc:\program files (x86)\Baidu Security\Baidu antivírus\Bavnt64.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavOa.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavPe.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavPluginRemove.exec:\program files (x86)\Baidu Security\Baidu antivírus\BavQv.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavR3Base.sysc:\program files (x86)\Baidu Security\Baidu antivírus\BavR3Base64.sysc:\program files (x86)\Baidu Security\Baidu antivírus\BavScan.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavShx.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavShx64.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavSig.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavSk.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavSs.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavSu.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BAVSvc.exec:\program files (x86)\Baidu Security\Baidu antivírus\BavTray.exec:\program files (x86)\Baidu Security\Baidu antivírus\BavUa.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavUl.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavUm.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavUm64.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavUp.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavUpdateInfo.inic:\program files (x86)\Baidu Security\Baidu antivírus\BavUpdater.exec:\program files (x86)\Baidu Security\Baidu antivírus\BavVt.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BavWebClient.exec:\program files (x86)\Baidu Security\Baidu antivírus\BavWl.datc:\program files (x86)\Baidu Security\Baidu antivírus\BavWl.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BdApiUtil.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BdApiUtil.sysc:\program files (x86)\Baidu Security\Baidu antivírus\BdApiUtil64.sysc:\program files (x86)\Baidu Security\Baidu antivírus\BdCameraProtect.sysc:\program files (x86)\Baidu Security\Baidu antivírus\BdCameraProtect64.sysc:\program files (x86)\Baidu Security\Baidu antivírus\bdMiniDownloaderGB_BAV-Mini_32_1002.exec:\program files (x86)\Baidu Security\Baidu antivírus\BDrvComm.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BETManger.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BETMData\History.datc:\program files (x86)\Baidu Security\Baidu antivírus\BEVMApi001.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BEVMEngine.dllc:\program files (x86)\Baidu Security\Baidu antivírus\Bfilter.sysc:\program files (x86)\Baidu Security\Baidu antivírus\Bfilter64.sysc:\program files (x86)\Baidu Security\Baidu antivírus\Bfmon.sysc:\program files (x86)\Baidu Security\Baidu antivírus\Bfmon64.sysc:\program files (x86)\Baidu Security\Baidu antivírus\bh.datc:\program files (x86)\Baidu Security\Baidu antivírus\Bhbase.sysc:\program files (x86)\Baidu Security\Baidu antivírus\BHipsConfig.inic:\program files (x86)\Baidu Security\Baidu antivírus\BHipsCore.dllc:\program files (x86)\Baidu Security\Baidu antivírus\BHipsSvc.exec:\program files (x86)\Baidu Security\Baidu antivírus\bhr.datc:\program files (x86)\Baidu Security\Baidu antivírus\bhw.datc:\program files (x86)\Baidu Security\Baidu antivírus\Bnbase.sysc:\program files (x86)\Baidu Security\Baidu antivírus\Bnbasex.sysc:\program files (x86)\Baidu Security\Baidu antivírus\Bnbasex64.sysc:\program files (x86)\Baidu Security\Baidu antivírus\Bndef.sysc:\program files (x86)\Baidu Security\Baidu antivírus\Bndef64.sysc:\program files (x86)\Baidu Security\Baidu antivírus\Bprotect.sysc:\program files (x86)\Baidu Security\Baidu antivírus\Bprotect64.sysc:\program files (x86)\Baidu Security\Baidu antivírus\CheckNetwork.exec:\program files (x86)\Baidu Security\Baidu antivírus\CloudDefense.dllc:\program files (x86)\Baidu Security\Baidu antivírus\Communication.dllc:\program files (x86)\Baidu Security\Baidu antivírus\config.inic:\program files (x86)\Baidu Security\Baidu antivírus\CP.dllc:\program files (x86)\Baidu Security\Baidu antivírus\CrashReport.exec:\program files (x86)\Baidu Security\Baidu antivírus\CrashReport64.exec:\program files (x86)\Baidu Security\Baidu antivírus\CrashUL.exec:\program files (x86)\Baidu Security\Baidu antivírus\data\ac.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\ag.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\cdcfg.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\ep.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\er.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\fs.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\hr.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\hsc.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\kp.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\mn.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\qs.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\rl.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\rr.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\sb.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\sbr.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\sgf.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\sw.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\tg.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\tr.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\ub.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\uf.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\ufo.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\up.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\uu.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\uw.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\vf.datc:\program files (x86)\Baidu Security\Baidu antivírus\data\vr.datc:\program files (x86)\Baidu Security\Baidu antivírus\dbg64\dbghelp.dllc:\program files (x86)\Baidu Security\Baidu antivírus\dbgeng.dllc:\program files (x86)\Baidu Security\Baidu antivírus\dbghelp.dllc:\program files (x86)\Baidu Security\Baidu antivírus\DirectUI.dllc:\program files (x86)\Baidu Security\Baidu antivírus\DrvInst.dllc:\program files (x86)\Baidu Security\Baidu antivírus\dump\bugreportconfig.inic:\program files (x86)\Baidu Security\Baidu antivírus\fa.datc:\program files (x86)\Baidu Security\Baidu antivírus\feedback.exec:\program files (x86)\Baidu Security\Baidu antivírus\FileShredder.exec:\program files (x86)\Baidu Security\Baidu antivírus\HackerDefense.dllc:\program files (x86)\Baidu Security\Baidu antivírus\HipsDR.dllc:\program files (x86)\Baidu Security\Baidu antivírus\HipsDR.inic:\program files (x86)\Baidu Security\Baidu antivírus\HipsHB.dllc:\program files (x86)\Baidu Security\Baidu antivírus\HipsHp.dllc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavCloud\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavCloud\skin\main\btn_cloud_add_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavCloud\skin\main\btn_cloud_add_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavCloud\skin\main\btn_cloud_add_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavCloud\skin\main\enultrafast.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavCloud\skin\main\risky.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavCloud\skin\main\safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavCloud\skin\main\unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavPluginRemove\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavTray\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavTray\skin\black_pop_detected.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavTray\skin\black_pop_excluded.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavTray\skin\black_pop_suessfully.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavTray\skin\dl_safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavTray\skin\dl_safe_s.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavTray\skin\dl_scanning.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavTray\skin\dl_threat.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavTray\skin\dl_threat_s.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavTray\skin\menu_item_background.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\guide_welcome.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\GuideSlice_5_1.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\GuideSlice_6.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\GuideSlice_7_BrowserProtect.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\GuideSlice_7_ScanNow.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\main_title_canceled.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\main_title_nolastscan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\main_title_noprocess.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\main_title_noscanlongtime.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\main_title_safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\main_tools_title.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\offBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\offBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\onBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\onBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\ProcessCustomScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\ProcessFullScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\ProcessQuickScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\ProcessRightmenuScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\real_time.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\summary_top_safe_text.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUi\skin\antivírus\UserGuide_protect.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUpdater\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\BavUpdater\skin\en_reboot_title.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\context\context.inic:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\feedback\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\feedback\skin\main-feedback_tittle.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\feedback\skin\SUBMIT_bg2.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\fileshredder\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\fileshredder\skin\btn_AddFiles_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\fileshredder\skin\btn_AddFiles_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\fileshredder\skin\btn_AddFiles_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\fileshredder\skin\btn_done_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\fileshredder\skin\btn_done_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\fileshredder\skin\btn_done_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\fileshredder\skin\btn_shred_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\fileshredder\skin\btn_shred_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\fileshredder\skin\btn_shred_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\fileshredder\skin\button_history_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\fileshredder\skin\button_history_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\fileshredder\skin\button_history_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\Font\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\ieprotect\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\ieprotect\skin\lockClosed.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\ieprotect\skin\lockOpen.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\ieprotect\skin\safeicon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\ieprotect\skin\setbtn_off_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\ieprotect\skin\setbtn_off_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\ieprotect\skin\setbtn_on_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\ieprotect\skin\setbtn_on_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\investigate\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\investigate\skin\investigate_op_layout1_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\investigate\skin\investigate_op_layout2_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\investigate\skin\investigate_op_layout3_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\investigate\skin\investigate_op_layout4_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\investigate\skin\mainFrame_investigate_mini_layout1_slice.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\investigate\skin\mainFrame_investigate_mini_layout2_slice.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\investigate\skin\mainFrame_investigate_mini_layout3_slice.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\investigate\skin\unloadInvestigateTitle.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\investigate\skin\unloadInvestigateTitle_cry.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\language.inic:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\ShopProtect\safesites.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\ShopProtect\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\ShopProtect\skin\menu_item_bg.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1033\Translator\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavCloud\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavCloud\skin\main\btn_cloud_add_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavCloud\skin\main\btn_cloud_add_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavCloud\skin\main\btn_cloud_add_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavCloud\skin\main\enultrafast.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavCloud\skin\main\risky.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavCloud\skin\main\safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavCloud\skin\main\unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavPluginRemove\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavTray\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavTray\skin\black_pop_detected.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavTray\skin\black_pop_excluded.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavTray\skin\black_pop_suessfully.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavTray\skin\dl_safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavTray\skin\dl_safe_s.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavTray\skin\dl_scanning.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavTray\skin\dl_threat.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavTray\skin\dl_threat_s.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavTray\skin\menu_item_background.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\guide_welcome.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\GuideSlice_5_1.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\GuideSlice_6.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\GuideSlice_7_BrowserProtect.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\GuideSlice_7_ScanNow.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\main_title_canceled.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\main_title_nolastscan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\main_title_noprocess.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\main_title_noscanlongtime.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\main_title_safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\main_tools_title.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\offBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\offBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\onBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\onBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\ProcessCustomScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\ProcessFullScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\ProcessQuickScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\ProcessRightmenuScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\real_time.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\summary_top_safe_text.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUi\skin\antivírus\UserGuide_protect.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUpdater\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\BavUpdater\skin\pu_reboot_title.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\context\context.inic:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\feedback\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\feedback\skin\main-feedback_tittle.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\feedback\skin\SUBMIT_bg2.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\fileshredder\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\fileshredder\skin\btn_AddFiles_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\fileshredder\skin\btn_AddFiles_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\fileshredder\skin\btn_AddFiles_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\fileshredder\skin\btn_done_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\fileshredder\skin\btn_done_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\fileshredder\skin\btn_done_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\fileshredder\skin\btn_shred_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\fileshredder\skin\btn_shred_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\fileshredder\skin\btn_shred_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\fileshredder\skin\button_history_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\fileshredder\skin\button_history_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\fileshredder\skin\button_history_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\Font\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\ieprotect\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\ieprotect\skin\lockClosed.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\ieprotect\skin\lockOpen.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\ieprotect\skin\safeicon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\ieprotect\skin\setbtn_off_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\ieprotect\skin\setbtn_off_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\ieprotect\skin\setbtn_on_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\ieprotect\skin\setbtn_on_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\investigate\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\investigate\skin\investigate_op_layout1_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\investigate\skin\investigate_op_layout2_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\investigate\skin\investigate_op_layout3_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\investigate\skin\investigate_op_layout4_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\investigate\skin\mainFrame_investigate_mini_layout1_slice.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\investigate\skin\mainFrame_investigate_mini_layout2_slice.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\investigate\skin\mainFrame_investigate_mini_layout3_slice.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\investigate\skin\unloadInvestigateTitle.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\investigate\skin\unloadInvestigateTitle_cry.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\language.inic:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\ShopProtect\safesites.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\ShopProtect\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\ShopProtect\skin\menu_item_bg.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1046\Translator\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavCloud\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavCloud\skin\main\btn_cloud_add_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavCloud\skin\main\btn_cloud_add_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavCloud\skin\main\btn_cloud_add_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavCloud\skin\main\enultrafast.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavCloud\skin\main\risky.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavCloud\skin\main\safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavCloud\skin\main\unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavPluginRemove\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavTray\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavTray\skin\black_pop_detected.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavTray\skin\black_pop_excluded.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavTray\skin\black_pop_suessfully.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavTray\skin\dl_safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavTray\skin\dl_safe_s.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavTray\skin\dl_scanning.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavTray\skin\dl_threat.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavTray\skin\dl_threat_s.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavTray\skin\menu_item_background.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\guide_welcome.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\GuideSlice_5_1.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\GuideSlice_6.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\GuideSlice_7_BrowserProtect.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\GuideSlice_7_ScanNow.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\main_title_canceled.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\main_title_nolastscan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\main_title_noprocess.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\main_title_noscanlongtime.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\main_title_safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\main_tools_title.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\offBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\offBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\onBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\onBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\ProcessCustomScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\ProcessFullScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\ProcessQuickScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\ProcessRightmenuScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\real_time.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\summary_top_safe_text.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUi\skin\antivírus\UserGuide_protect.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUpdater\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\BavUpdater\skin\th_reboot_title.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\context\context.inic:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\feedback\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\feedback\skin\main-feedback_tittle.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\feedback\skin\SUBMIT_bg2.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\fileshredder\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\fileshredder\skin\btn_AddFiles_thai_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\fileshredder\skin\btn_AddFiles_thai_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\fileshredder\skin\btn_AddFiles_thai_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\fileshredder\skin\btn_done_thai_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\fileshredder\skin\btn_done_thai_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\fileshredder\skin\btn_done_thai_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\fileshredder\skin\btn_shred_thai_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\fileshredder\skin\btn_shred_thai_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\fileshredder\skin\btn_shred_thai_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\fileshredder\skin\button_history_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\fileshredder\skin\button_history_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\fileshredder\skin\button_history_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\Font\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\ieprotect\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\ieprotect\skin\lockClosed.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\ieprotect\skin\lockOpen.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\ieprotect\skin\safeicon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\ieprotect\skin\setbtn_off_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\ieprotect\skin\setbtn_off_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\ieprotect\skin\setbtn_on_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\ieprotect\skin\setbtn_on_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\investigate\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\investigate\skin\investigate_op_layout1_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\investigate\skin\investigate_op_layout2_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\investigate\skin\investigate_op_layout3_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\investigate\skin\investigate_op_layout4_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\investigate\skin\mainFrame_investigate_mini_layout1_slice.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\investigate\skin\mainFrame_investigate_mini_layout2_slice.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\investigate\skin\mainFrame_investigate_mini_layout3_slice.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\investigate\skin\unloadInvestigateTitle.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\investigate\skin\unloadInvestigateTitle_cry.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\language.inic:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\ShopProtect\safesites.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\ShopProtect\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\ShopProtect\skin\menu_item_bg.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1054\Translator\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavCloud\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavCloud\skin\main\btn_cloud_add_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavCloud\skin\main\btn_cloud_add_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavCloud\skin\main\btn_cloud_add_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavCloud\skin\main\btn_cloud_add_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavCloud\skin\main\enultrafast.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavCloud\skin\main\risky.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavCloud\skin\main\safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavCloud\skin\main\unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavPluginRemove\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavTray\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavTray\skin\black_pop_detected.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavTray\skin\black_pop_excluded.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavTray\skin\black_pop_suessfully.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavTray\skin\dl_safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavTray\skin\dl_safe_s.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavTray\skin\dl_scanning.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavTray\skin\dl_threat.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavTray\skin\dl_threat_s.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavTray\skin\menu_item_background.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\guide_welcome.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\GuideSlice_5_1.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\GuideSlice_6.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\GuideSlice_7_BrowserProtect.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\GuideSlice_7_ScanNow.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\main_title_canceled.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\main_title_nolastscan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\main_title_noprocess.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\main_title_noscanlongtime.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\main_title_safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\main_tools_title.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\offBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\offBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\onBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\onBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\ProcessCustomScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\ProcessFullScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\ProcessQuickScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\ProcessRightmenuScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\real_time.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\summary_top_safe_text.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUi\skin\antivírus\UserGuide_protect.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUpdater\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\BavUpdater\skin\en_reboot_title.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\context\context.inic:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\feedback\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\feedback\skin\main-feedback_tittle.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\feedback\skin\SUBMIT_bg2.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\fileshredder\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\fileshredder\skin\btn_AddFiles_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\fileshredder\skin\btn_AddFiles_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\fileshredder\skin\btn_AddFiles_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\fileshredder\skin\btn_done_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\fileshredder\skin\btn_done_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\fileshredder\skin\btn_done_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\fileshredder\skin\btn_shred_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\fileshredder\skin\btn_shred_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\fileshredder\skin\btn_shred_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\fileshredder\skin\button_history_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\fileshredder\skin\button_history_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\fileshredder\skin\button_history_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\Font\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\ieprotect\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\ieprotect\skin\lockClosed.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\ieprotect\skin\lockOpen.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\ieprotect\skin\safeicon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\ieprotect\skin\setbtn_off_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\ieprotect\skin\setbtn_off_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\ieprotect\skin\setbtn_on_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\ieprotect\skin\setbtn_on_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\investigate\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\investigate\skin\investigate_op_layout1_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\investigate\skin\investigate_op_layout2_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\investigate\skin\investigate_op_layout3_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\investigate\skin\investigate_op_layout4_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\investigate\skin\mainFrame_investigate_mini_layout1_slice.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\investigate\skin\mainFrame_investigate_mini_layout2_slice.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\investigate\skin\mainFrame_investigate_mini_layout3_slice.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\investigate\skin\unloadInvestigateTitle.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\investigate\skin\unloadInvestigateTitle_cry.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\language.inic:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\ShopProtect\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\ShopProtect\skin\menu_item_bg.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\1057\Translator\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavCloud\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavCloud\skin\main\btn_cloud_add_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavCloud\skin\main\btn_cloud_add_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavCloud\skin\main\btn_cloud_add_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavCloud\skin\main\enultrafast.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavCloud\skin\main\risky.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavCloud\skin\main\safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavCloud\skin\main\unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavPluginRemove\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavTray\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavTray\skin\black_pop_detected.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavTray\skin\black_pop_excluded.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavTray\skin\black_pop_suessfully.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavTray\skin\dl_safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavTray\skin\dl_safe_s.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavTray\skin\dl_scanning.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavTray\skin\dl_threat.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavTray\skin\dl_threat_s.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavTray\skin\menu_item_background.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\guide_welcome.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\GuideSlice_5_1.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\GuideSlice_6.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\GuideSlice_7_BrowserProtect.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\GuideSlice_7_ScanNow.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\main_title_canceled.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\main_title_nolastscan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\main_title_noprocess.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\main_title_noscanlongtime.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\main_title_safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\main_tools_title.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\offBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\offBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\onBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\onBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\ProcessCustomScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\ProcessFullScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\ProcessQuickScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\ProcessRightmenuScan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\real_time.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\summary_top_safe_text.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUi\skin\antivírus\UserGuide_protect.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUpdater\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\BavUpdater\skin\en_reboot_title.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\context\context.inic:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\feedback\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\feedback\skin\main-feedback_tittle.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\feedback\skin\SUBMIT_bg2.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\fileshredder\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\fileshredder\skin\btn_AddFiles_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\fileshredder\skin\btn_AddFiles_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\fileshredder\skin\btn_AddFiles_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\fileshredder\skin\btn_done_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\fileshredder\skin\btn_done_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\fileshredder\skin\btn_done_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\fileshredder\skin\btn_shred_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\fileshredder\skin\btn_shred_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\fileshredder\skin\btn_shred_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\fileshredder\skin\button_history_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\fileshredder\skin\button_history_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\fileshredder\skin\button_history_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\Font\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\ieprotect\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\ieprotect\skin\lockClosed.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\ieprotect\skin\lockOpen.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\ieprotect\skin\safeicon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\ieprotect\skin\setbtn_off_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\ieprotect\skin\setbtn_off_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\ieprotect\skin\setbtn_on_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\ieprotect\skin\setbtn_on_normal.png 2)parte do combo fix c:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\investigate\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\investigate\skin\investigate_op_layout1_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\investigate\skin\investigate_op_layout2_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\investigate\skin\investigate_op_layout3_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\investigate\skin\investigate_op_layout4_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\investigate\skin\mainFrame_investigate_mini_layout1_slice.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\investigate\skin\mainFrame_investigate_mini_layout2_slice.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\investigate\skin\mainFrame_investigate_mini_layout3_slice.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\investigate\skin\unloadInvestigateTitle.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\investigate\skin\unloadInvestigateTitle_cry.pngc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\language.inic:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\ShopProtect\safesites.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\ShopProtect\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\ShopProtect\skin\menu_item_bg.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\I18N\3082\Translator\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\IEProtect.exec:\program files (x86)\Baidu Security\Baidu antivírus\Investigate.exec:\program files (x86)\Baidu Security\Baidu antivírus\log.dllc:\program files (x86)\Baidu Security\Baidu antivírus\log\Bav.logc:\program files (x86)\Baidu Security\Baidu antivírus\log\BAVSvc.logc:\program files (x86)\Baidu Security\Baidu antivírus\log\BavTray.logc:\program files (x86)\Baidu Security\Baidu antivírus\log\BavUpdater.logc:\program files (x86)\Baidu Security\Baidu antivírus\log\BavWebClient.logc:\program files (x86)\Baidu Security\Baidu antivírus\log\BHipsSvc.logc:\program files (x86)\Baidu Security\Baidu antivírus\log\DIYResource_cfg.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\log\FileShredder.logc:\program files (x86)\Baidu Security\Baidu antivírus\log\I18N_cfg.inic:\program files (x86)\Baidu Security\Baidu antivírus\log\numlog\1404938830_BavTray_4600_numr.datc:\program files (x86)\Baidu Security\Baidu antivírus\log\numlog\av1404938836numr.datc:\program files (x86)\Baidu Security\Baidu antivírus\log\popmsg.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\log\strlog\1404938830_BavTray_4600_strr.datc:\program files (x86)\Baidu Security\Baidu antivírus\log\strlog\av1404919821strr.datc:\program files (x86)\Baidu Security\Baidu antivírus\log\strlog\av1404938836strr.datc:\program files (x86)\Baidu Security\Baidu antivírus\log\vflog\av1404938836vf.datc:\program files (x86)\Baidu Security\Baidu antivírus\mm.datc:\program files (x86)\Baidu Security\Baidu antivírus\nfa.datc:\program files (x86)\Baidu Security\Baidu antivírus\nsc.inic:\program files (x86)\Baidu Security\Baidu antivírus\nwi.datc:\program files (x86)\Baidu Security\Baidu antivírus\PC_Faster_Setup_Mini_GL16.exec:\program files (x86)\Baidu Security\Baidu antivírus\PCAppStore_Setup_bav.exec:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\Plugin_Antivirus.dllc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\bg\anti_guide_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\bg\anti_process_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\bg\current_item_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\bg\current_item_bottom_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\bg\customscanFrame.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\bg\hightlight_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\bg\listHeadLine.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\bg\nosel_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\bg\shutdown_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\bg\summary_bg1.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\bg\summaryBg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\bg\title_safe_icon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\bg\tree_title_bk.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\arrow_down_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\arrow_down_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\arrow_up_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\arrow_up_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\biggreenBtnDisable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\biggreenBtnDown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\biggreenBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\biggreenBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\changeLeftShadow.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\changeRightShadow.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\custom_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\custom_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\custom_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\customscanHoverBg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\deep_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\DownArrowHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\DownArrowNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\fastscan_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\fastscan_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\fastscan_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\folderBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\folderBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\full_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\full_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\full_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\goLeftBtnDown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\goLeftBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\goLeftBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\goRightBtnDown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\goRightBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\goRightBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\green_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\green_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\green_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\setting_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\setting_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\setting_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\small_green_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\small_green_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\small_green_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\threat_bg_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\threat_bg_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\white_deep_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\white_deep_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\button\white_deep_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\checkbox\check_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\checkbox\check_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\checkbox\check_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\checkbox\check_sound_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\checkbox\check_sound_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\checkbox\check_sound_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\checkbox\uncheck_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\checkbox\uncheck_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\checkbox\uncheck_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\checkbox\uncheck_sound_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\checkbox\uncheck_sound_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\checkbox\uncheck_sound_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\checkbox\unknown_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\checkbox\unknown_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\checkbox\unknown_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\engine\closedown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\engine\closenormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\engine\closeover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\engine\disabledTips.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\engine\dLine.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\engine\enabledTips.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\engine\engineClickPop.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\engine\updating.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\feedback\bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\feedback\success.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\avira_engine_ico.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\avira_engine_ico_gray.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\cloud_engine_ico.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\cloud_engine_ico_gray.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\current_scan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\cutover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\cutover_select.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\icon_del.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\icon_failed.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\icon_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\icon_ok.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\icon_scanning.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\icon_waiting.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\log_files.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\log_repaired.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\log_threats.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\log_time.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\logo_updating.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\main_title_number.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\main_title_number+.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\nosel_icon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\number_white.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\number_white_line.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\pcficon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\risk_board.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\rss_icon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\safe_board.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\splitline.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\icon\title_virus_icon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\progressbar\bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\progressbar\focus.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\progressbar\focus_all.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\progressbar\light.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\progressbar\light_head.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\arrowDown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\arrowUp.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\bigCheckbtnDown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\bigCheckbtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\iconPriHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\iconPriNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\iconSysHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\iconSysNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\iconWebHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\iconWebNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\pro_Close.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\pro_Open.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\pro_StatusHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\protect_icon_full.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\protect_icon_no.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\protect_icon_part.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\scrollbarBg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\scrollbarDown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\scrollbarHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\protect\scrollbarNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\scrollbar\scrollbar_1.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\scrollbar\scrollbar_thumb_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\scrollbar\scrollbar_thumb_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\scrollbar\scrollbar_thumb_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tools\tools_board.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tools\tools_download.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tools\tools_icon_cloud.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tools\tools_icon_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tools\tools_icon_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tools\tools_icon_ieprotect.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tools\tools_icon_onlineshopping.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tools\tools_icon_plugin.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tools\tools_icon_sandbox.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tools\tools_icon_sandbox_gray.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tools\tools_icon_translater.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tools\tools_tips.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tree\listBg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tree\listLine.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tree\menu_item_background.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tree\pop_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tree\pop_ormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tree\pop_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tree\tree_item_scanning.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tree\vertical_line.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tree\virus_trust_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tree\virusGray.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Antivirus\res\skin\tree\virusRed.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\arrawalpha.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\arrawicon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\bg2.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\browerIcon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\continue.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\feedback.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\green_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\green_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\green_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\guide_7_slice_browser_malicious.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\guide_7_slice_browser_setup_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\guide_7_slice_browser_setup_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\guide_7_slice_browser_setup_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\guide_7_slice_malware.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\guide_8_slice_browser_secure.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\guide_bg1.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\guide_bg2.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\guide_malware_scan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\line1.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\line2.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\line3.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\line4.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\logosmall.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\logosmall1.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\logosmall2.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\logosmall3.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\logosmall4.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\preicon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\rect.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Guide\res\skin\scanicon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_LogStatus\res\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Download\Plugin_Pop_Download.dllc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Download\res\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Download\res\skin\bg\bg_tips_menu_sep.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Download\res\skin\bg\safe_bk.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Download\res\skin\bg\virus_bk.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Download\res\skin\button\green_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Download\res\skin\button\green_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Download\res\skin\button\green_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Download\res\skin\icon\greenIcon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Download\res\skin\icon\redIcon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Download\res\skin\icon\saftyIcon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Download\res\skin\icon\scanning.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Download\res\skin\icon\watting.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Download\res\skin\scrollbar\scrollbar_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Download\res\skin\scrollbar\scrollbar_thumb_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Download\res\skin\scrollbar\scrollbar_thumb_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Download\res\skin\scrollbar\scrollbar_thumb_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\Plugin_Pop_Hips.dllc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\bg\bg_alert.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\bg\bg_camera.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\bg\bg_green.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\bg\bg_installav.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\bg\bg_notify.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\bg\bg_orange.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\bg\bg_red.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\bg\bg_safe.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\bg\bg_scan.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\bg\bg_scan_menu.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\bg\bg_scan_menu_sep.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\bg\bg_warning.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\arrow_btn_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\arrow_btn_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\arrow_btn_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\blue_btn_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\blue_btn_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\blue_btn_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\gray_btn_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\gray_btn_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\gray_btn_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\green_btn_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\green_btn_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\green_btn_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\offBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\offBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\onBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\onBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\orange_btn_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\orange_btn_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\orange_btn_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\protectSetDown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\protectSetHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\protectSetNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\red_btn_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\red_btn_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\red_btn_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\scan_arrow_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\scan_arrow_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\scan_arrow_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\scan_close_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\scan_close_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\scan_close_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\side_orange_arrow_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\side_orange_arrow_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\side_orange_arrow_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\side_red_arrow_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\side_red_arrow_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\side_red_arrow_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\TrustBtnDown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\TrustBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\button\TrustBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\camrea_logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_addautorun.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_addietoolbar.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_createschtask.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_danger.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_infectdesktop.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_infectfile.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_modifyhomepage.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_modifyhost.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_tip.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_tip_orange.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_tip_red.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_type_file.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_type_netkill.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_type_process.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_type_reg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_type_suspicious.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\icon_type_virus.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\statusIcon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\statusIconLight.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_Hips\res\skin\icon\wattingStatus.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\Plugin_Pop_OA.dllc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\button\btnDisable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\button\greenBtnClick.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\button\greenBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\button\greenBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\button\red_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\button\red_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\button\red_pushdown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\button\TrustBtnDown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\button\TrustBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\button\TrustBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\checkbox\checkbox_disable_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\checkbox\checkbox_hot_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\checkbox\checkbox_nor_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\checkbox\checkbox_sel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\checkbox\checkbox_sel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\checkbox\checkbox_unsel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\checkbox\checkbox_unsel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\checkbox\checkox_sel_disale.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\checkbox\checkox_unsel_disale.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\onaccess\bg_autofix.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\onaccess\icon_ok.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\onaccess\lineH.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\onaccess\listBg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\onaccess\listHeadLine.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\onaccess\loading.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\onaccess\loading_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\onaccess\oaIcon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\onaccess\plugin\bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\onaccess\plugin\button_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\onaccess\plugin\button_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\onaccess\plugin\button_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\onaccess\plugin\icon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\onaccess\safe_icon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\onaccess\top_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\onaccess\topline.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\onaccess\virus_bk.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\scrollbar\scrollbar_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\scrollbar\scrollbar_thumb_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\scrollbar\scrollbar_thumb_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Pop_OA\res\skin\scrollbar\scrollbar_thumb_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Quarantine\res\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Quarantine\res\skin\animate.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Quarantine\res\skin\bg_animate.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Quarantine\res\skin\bg_successfully.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Quarantine\res\skin\qua_icon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Quarantine\res\skin\tree_title_bk.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\calender.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\combobox_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\combobox_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_advanced_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_advanced_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_audio_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_audio_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_default.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_defense_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_defense_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_dl_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_dl_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_engine_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_engine_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_general_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_general_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_protect_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_protect_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_scan_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_scan_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_schedule_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_schedule_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_update_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_update_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_usb_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\icon_usb_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\role_1.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\role_2.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\role_3.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\role_4.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\set_btn_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\set_tab_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\set_tab_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\speechrolechecked.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\speechrolehover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Settings\res\skin\voicePlayGif.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Trust\res\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Trust\res\skin\icon_allowed.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_Trust\res\skin\icon_rejected.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\Plugin_USBProtect.dllc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FailedTips\closeDown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FailedTips\closeHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FailedTips\closeNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FailedTips\failedBg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FailedTips\FailedSkin.txtc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\arrowdown_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\arrowdown_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\arrowdown_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\arrowup_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\arrowup_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\arrowup_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\Bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\button_menu_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\button_menu_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\button_menu_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\button_packup_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\button_packup_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\button_packup_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\disk_icon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\dot_line.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\FloatSkin.txtc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\lineH.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\lineV.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\lineV_Short.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\Listhover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\popup_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\popup_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\popup_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\rightBtn.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\rightBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\scan_bg_blue.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\scan_bg_green.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\scan_bg_red.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\scanning_icon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\usb_icon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\usb_scan_icon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\usb_scan_res_risk.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\usb_scan_res_safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\USBscanGifEX.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\FloatingWnd\warning_icon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\LockList\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\LockList\skin\blue_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\LockList\skin\blue_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\LockList\skin\blue_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\LockList\skin\button_close_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\LockList\skin\button_close_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\LockList\skin\button_close_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\LockList\skin\dottedline.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\LockList\skin\icon_warning.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\LockList\skin\orange_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\LockList\skin\orange_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\LockList\skin\orange_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\LockList\skin\scroll.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\LockList\skin\usblockBlueBg.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\LockList\skin\usblockIcon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\LockList\skin\usblockOrangeBg.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\RemovedTips\removedTipsBg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\RemovedTips\TipsSkin.txtc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\button\btnDisable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\button\greenBtnClick.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\button\greenBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\button\greenBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\button\red_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\button\red_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\button\red_pushdown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\onaccess\icon_ok.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\onaccess\lineH.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\onaccess\listBg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\onaccess\listHeadLine.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\onaccess\loading.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\onaccess\loading_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\onaccess\top_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\onaccess\usbIcon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\onaccess\virus_bk.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\scrollbar\scrollbar_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\scrollbar\scrollbar_thumb_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\scrollbar\scrollbar_thumb_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\Plugins\Plugin_USBProtect\res\VirusList\skin\scrollbar\scrollbar_thumb_normal.png c:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\BavPc.dllc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1045.AccuWeather.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1046.appbario12.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1047.A180Darts.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1048.MixiDjV30.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1049.SocialSearchBar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1050.SolidSavings.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1051.SavingsApp.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1052.TigerSavings.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1053.SupremeSavings.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1054.CouponCaddy.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1055.WhiteSmoke.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1056.WhiteSmkeUSNew.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1057.TrustWorthy.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1058.ScenicReflections.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1060.LuckySavings.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1061.SearchProtect.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1062.OnlineRadioPlayerRecorderToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1063.SnapDo.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1064.Webblog.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1065.DeltaToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1067.SearchAssistant.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1068.AppBario2.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1070.IMVUToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1072.MyHomepage.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1074.CodecPerformer.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1076.SavingsAddon.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1077.BrowserCompanion.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1081.Funmoods.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1082.PricePeep.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1083.PriceGong.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1085.facesmooch.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1086.DownloadEnergyToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1087.MediaFinder.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1088.yontooToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1089.DVDVideoSoftToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1090.DVDVideoSoftToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1093.BittorrentBar_FRToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1094.BittorrentBar_DEToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1095.DigiModeToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1097.NCH FRToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1098.NewYorkYankeesToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1099.SearchDeals.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1101.VAFMusic.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1102.FastFreeConverter.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1104.SavepathDeals.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1105.FreeYoutubeDownload.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1106.GetSavin.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1107.TVGenie.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1108.SmartSuggestor.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1110.BrowseForTheCause.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1111.Vuze.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1112.SaveValet.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1113.SpyGuard.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1114.ST-Eng7.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1115.Qwiklinx.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1116.NewVeoh.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1117.RewardsArcade.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1118.A2ZLyrics.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1121.KeyBar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1122.Mysearchdial.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1124.MagicDesktopENToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1125.NCH_ENToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1126.Hao123SearchRemovalTool.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1127.BSPlayerControlBar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1128.EasyTVBar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1129.HamInfoBar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1130.PhotoJoyBar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1131.SocialSearchBar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1132.SerifBar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1133.Mp3TubeToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1134.ooVoo.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1136.AF_HSS.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1137.TVersityBar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1138.MapsBar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1139.RecipesBar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1140.BroderbundBar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1141.GameMasterToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1142.KeyBar1.13.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1143.BrowserPlus2.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1144.WiseConvertB2.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1145.FreeSoundRecorder.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1146.BrotherSoftExtremeToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1147.EntrustedToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1148.KeyBar1.8.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1150.DealSlider.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1151.NinjaSavings.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1152.DealCola.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1153.TubeDimmer.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1155.CouponChaser.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1157.AppsHat.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1158.UnfriendCheck.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1161.Linksicle.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1162.TidyNetwork.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1163.BubbleDock.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1164.RecordChecker.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1165.SavingsScout.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1166.SpyAlert.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1167.KingTranslate.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1168.LessTabs.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1169.LoadTubes.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1170.Alawar_Ask_brch.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1172.AskPartnerNetwork.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1175.SySaver.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1176.AutoLyrics.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1178.IminentToolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1179.FilesFrogUpdateChecker.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1180.TNT2-ide.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1181.Highlightly.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1183.SuperfishWindowShopper.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1185.InstantSavingsApp.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1187.Strongvault.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1188.InfoAtoms.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1189.JollyWallet.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1195.WProtectManager.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1196.V9Toolbar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\1197.Desk365.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\85Play_Games.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\Aflamster.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\appbario7.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\BrowserDefender.rul.bakc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\BrowserProtect.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\CouponCompanion.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\CouponDropDown.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\Deal Spy.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\Dealio.rul.bakc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\Deals.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\Genieo.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\GiantSavings.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\Inbox.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\InternetHelper.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\IWantThis.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\MixiDJ.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\MyWebSearch.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\oovoo.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\RebateInformer.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\SearchAmong.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\searchya.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\ShoppingSidekick.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\StartNow.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\Tuvaro.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\uTorrentBar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\uTorrentControl.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\VDownloader_Ask.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\VidSaver.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\webcake.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\WhiteSmokeToolBar.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\data\Yontoo.rulc:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\EnumModules.exec:\program files (x86)\Baidu Security\Baidu antivírus\plugscan\plugins.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\ProgramFileList.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\qv\53bda96a.qvc:\program files (x86)\Baidu Security\Baidu antivírus\rcs.datc:\program files (x86)\Baidu Security\Baidu antivírus\sc.inic:\program files (x86)\Baidu Security\Baidu antivírus\shortcut.icoc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\bg_critical_reboot.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\bg_pcf_popularise.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\bg_reinstall_warning.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\blue_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\blue_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\blue_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\bubble_set_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\bubble_set_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\bubble_set_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\button_close_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\button_close_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\button_close_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\button_min_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\button_min_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\button_min_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\checkbox\checkbox_disable_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\checkbox\checkbox_hot_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\checkbox\checkbox_nor_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\checkbox\checkbox_sel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\checkbox\checkbox_sel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\checkbox\checkbox_unsel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\checkbox\checkbox_unsel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\checkbox\checkox_sel_disale.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\checkbox\checkox_unsel_disale.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\frameSmall.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\gray_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\gray_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\gray_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\green_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\green_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\green_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\icon_big_logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\icon_complete_big.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\icon_complete_small.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\icon_doing.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\icon_Fail.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\icon_note.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\icon_note_big.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\icon_pcf_popularise_title.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\icon_reinstall_warning.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\icon_warning.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\orange_btn_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\orange_btn_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\orange_btn_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\pop_bg.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\pop_button_close_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\pop_button_close_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\pop_button_close_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\progressbar\Installing.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\progressbar\Installing_bc.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\progressbar\light.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\progressbar\loading.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\progressbar\loading_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\setting_btn_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\setting_btn_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\setting_btn_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\stepbar\doing.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\stepbar\finished.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\stepbar\inner.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\stepbar\waiting.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bav_updater\skin\update_pop_icon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\bg\button_close_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\bg\button_close_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\bg\button_colse_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\bg\cloud_bg.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\bg\main_success.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\button\blue_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\button\blue_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\button\blue_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\button\red_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\button\red_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\button\red_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\button\red_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\button\small_green_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\button\small_green_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\button\small_green_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\icon\icon_cloud.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\icon\logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\icon\number.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\icon\numberpoint.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\menu\menu_item_background.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\menu\menu_item_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\menu\menu_item_pup.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\menu\menu_item_seperator.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\msgbox\blue_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\msgbox\blue_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\msgbox\blue_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\msgbox\blue_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\msgbox\button_close_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\msgbox\button_close_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\msgbox\button_close_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\msgbox\msgbox_bc_blue.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\scrollbar\scroll.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\sysbutton\button_close_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\sysbutton\button_close_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\sysbutton\button_close_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\sysbutton\button_min_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\sysbutton\button_min_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\sysbutton\button_min_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\tree\eyes_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\tree\eyes_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\tree\eyes_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\tree\identify.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\tree\pop_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\tree\pop_ormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\tree\pop_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\tree\risk.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\tree\safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\tree\tree_head_line.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\tree\tree_item_checked.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\tree\tree_title_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\tree\tree_title_bk1.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\bavcloud\skin\tree\unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\bg\pop_bk.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\bg\pop_bk.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\bg\pop_bk_noline.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\bg\pop_bk_noline.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\button\blue_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\button\blue_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\button\blue_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\button\blue_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\button\gray_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\button\gray_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\button\gray_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\button\gray_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\button\green_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\button\green_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\button\green_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\button\green_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\button\tab.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\button\tab_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\checkbox\checkbox_disable_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\checkbox\checkbox_hot_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\checkbox\checkbox_nor_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\checkbox\checkbox_sel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\checkbox\checkbox_sel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\checkbox\checkbox_unsel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\checkbox\checkbox_unsel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\checkbox\checkox_sel_disale.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\checkbox\checkox_unsel_disale.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\icon\icon_failed.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\icon\icon_ignored.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\icon\icon_ok.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\icon\icon_rejected.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\icon\logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\icon\TitleLogo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\LockFile.icoc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\radiobox\radio_sel_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\radiobox\radio_sel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\radiobox\radio_sel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\radiobox\radio_unsel_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\radiobox\radio_unsel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\radiobox\radio_unsel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\scrollbar\scroll.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\sysbutton\TopBtnClose.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\sysbutton\TopBtnDown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\sysbutton\TopBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\sysbutton\TopBtnMin.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\sysbutton\TopBtnSet.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\tree\down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\tree\tree_head_line_blue.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\tree\tree_item_checked.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\tree\tree_list_title.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\tree\tree_title_bk1.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\tree\tree_title_bk2.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\common\skin\tree\up.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\arrow.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\arrow_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\arrow_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\arrow_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\arrow_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\blue_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\blue_down.png c:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\blue_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\blue_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\button_close_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\button_close_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\button_close_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\button_min_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\button_min_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\button_min_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\green_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\green_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\green_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\green_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\guide.close.down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\guide.close.normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\button\guide.close.over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\checkbox\checkbox_disable_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\checkbox\checkbox_hot_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\checkbox\checkbox_nor_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\checkbox\checkbox_sel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\checkbox\checkbox_sel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\checkbox\checkbox_unsel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\checkbox\checkbox_unsel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\checkbox\checkox_sel_disale.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\checkbox\checkox_unsel_disale.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\circle.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\dottedLine.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\guide_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\headbase.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\homeLockTitleBg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\iconLock.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\iconUnlock.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\ielogo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\ieprotect_logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\pop_bk.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\pop_bk_noline.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\ieprotect\skin\tip.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\button\TopBtnClose.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\button\TopBtnDisable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\button\TopBtnDown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\button\TopBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\button\TopBtnMore.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\button\TopBtnSet.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\checkbox_disable_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\checkbox_hot_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\checkbox_nor_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\checkbox_sel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\checkbox_sel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\checkbox_sound_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\checkbox_sound_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\checkbox_sound_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\checkbox_sound_uncheck_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\checkbox_sound_uncheck_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\checkbox_sound_uncheck_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\checkbox_unsel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\checkbox_unsel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\checkox_sel_disale.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\checkox_unsel_disale.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\offBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\offBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\onBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\checkbox\onBtnNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\combobox\combobox_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\combobox\combobox_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\firsttips\close_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\firsttips\close_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\firsttips\close_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\firsttips\green_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\firsttips\green_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\firsttips\green_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\firsttips\tips_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\firsttips\tips_bg2.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\icon\logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\float_menu_bg.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_checked.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_icon_feedback.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_icon_feedbackhover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_icon_float.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_icon_floathover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_icon_open.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_icon_openbav.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_icon_openbavhover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_icon_openhover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_icon_popup.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_icon_popuphover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_icon_scan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_icon_scanhover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_icon_setting.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_icon_settinghover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_item_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_item_pup.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\menu\menu_item_seperator.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\msgbox\blue_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\msgbox\blue_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\msgbox\blue_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\msgbox\blue_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\msgbox\gray_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\msgbox\gray_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\msgbox\gray_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\msgbox\gray_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\msgbox\icon_blue_tip.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\msgbox\icon_red_tip.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\msgbox\msgbox_bc_blue.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\msgbox\msgbox_bc_blue.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\msgbox\msgbox_bc_red.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\msgbox\msgbox_bc_red.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\msgbox\red_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\msgbox\red_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\msgbox\red_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\radiobox\radio_sel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\radiobox\radio_sel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\radiobox\radio_unsel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavtray\skin\radiobox\radio_unsel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavui_frame\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavui_frame\skin\aboutus\about_us_logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavui_frame\skin\bavui\bc.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavui_frame\skin\bavui\TopBtnClose.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavui_frame\skin\bavui\TopBtndown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavui_frame\skin\bavui\TopBtnForum.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavui_frame\skin\bavui\TopBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavui_frame\skin\bavui\TopBtnMin.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavui_frame\skin\bavui\TopBtnMore.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavui_frame\skin\bavui\TopBtnSet.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavui_frame\skin\menu\menu_icon_feedback.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavui_frame\skin\menu\menu_icon_feedbackhover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavui_frame\skin\menu\menu_item_background.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavui_frame\skin\menu\menu_item_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavui_frame\skin\menu\menu_item_pup.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_bavui_frame\skin\menu\menu_item_seperator.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_crashreporter\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_crashreporter\skin\btn_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_crashreporter\skin\btn_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_crashreporter\skin\btn_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_crashreporter\skin\button_close_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_crashreporter\skin\button_close_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_crashreporter\skin\button_close_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_crashreporter\skin\checkbox_sel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_crashreporter\skin\checkbox_sel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_crashreporter\skin\checkbox_unsel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_crashreporter\skin\checkbox_unsel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_crashreporter\skin\logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_crashreporter\skin\mainwnd.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_feedback\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_feedback\skin\closedown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_feedback\skin\closenormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_feedback\skin\closeover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_feedback\skin\combobox_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_feedback\skin\combobox_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_feedback\skin\feedback_button_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_feedback\skin\feedback_button_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_feedback\skin\feedback_button_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_feedback\skin\file-false-positives.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_feedback\skin\main-feedback_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_feedback\skin\Other.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_feedback\skin\Product-suggestions.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_feedback\skin\Report-suspicious-files.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_feedback\skin\submit_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_feedback\skin\Unprocessed-threats-detected.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_feedback\skin\Upgrade-info.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\button_close_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\button_close_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\button_close_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\button_min_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\button_min_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\button_min_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\checkbox_sel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\checkbox_sel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\checkbox_unsel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\checkbox_unsel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\checkox_sel_disale.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\checkox_unsel_disale.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\gray_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\gray_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\gray_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\green_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\green_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\green_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\green_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\investigate_black.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\investigate_black2.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\investigate_black3.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\investigate_cer.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\investigate_feedback.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\investigate_focus.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\investigate_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\investigate_keep.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\investigate_line.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\investigate_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\investigate_redfocus.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\investigate_redhover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\investigate_unstall.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\investigate_update.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\main_logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\mainFrame_investigate_mini_layout1_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\mainFrame_investigate_mini_layout2_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\mainFrame_investigate_mini_layout3_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\popbaseblueF.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\popbaseblueF_op.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\red_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\red_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_investigate\skin\red_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\animate_scanning.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\animation_scan_progress.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\browserFrame.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\areaCloseD.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\areaCloseH.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\areaCloseN.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\areaD.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\areaH.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\areaN.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\blue_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\blue_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\blue_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\blue_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\btnclasschecked.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\btnclassdown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\btnclasshover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\btnDisable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\btnGreenD.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\btnGreenH.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\btnGreenN.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\btnWhiteD.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\btnWhiteDisable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\btnWhiteH.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\btnWhiteN.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\button_close_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\button_close_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\button_close_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\button_min_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\button_min_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\button_min_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\gray_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\gray_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\gray_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\gray_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\leftDown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\leftHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\leftNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\ospTabLine.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\plusD.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\plusH.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\plusN.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\rightDown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\rightHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\RightNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\TopBtnClose.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\TopBtndown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\TopBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\button\TopBtnMin.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\cutoverFocus.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\cutoverNormal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\enjoy.pop.ico.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\enjoy.pop.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\lefticon1.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\lefticon2.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\lefticon3.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\menu_item_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\menu_item_seperator.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\namebom2.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\navigate.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\navigate.button.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\ospIcon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\ospPic.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\page1.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\pop_bk.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\agoda.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\agoda.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\Alibaba.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\alibaba.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\amazon.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\amazon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\americanas.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\americanas.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\bancobmg.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\bancobmg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\bancopan.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\bancopan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\bancovotorantim.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\bancovotorantim.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\bangkokbank.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\bangkokbank.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\banrisul.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\banrisul.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\bb.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\bb.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\bcb.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\bcb.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\bradesco0.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\bradesco0.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\bradesco1.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\bradesco1.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\caixa.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\caixa.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\casasbahia.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\casasbahia.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\central.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\central.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\cimbclicks.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\cimbclicks.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\citibank.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\citibank.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\cmd.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\comprafacil.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\comprafacil.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\corpoperfeito.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\corpoperfeito.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\credicard.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\credicard.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\default.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\default.tn.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\ebay.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\ebay.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\ensogo.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\ensogo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\expedia.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\expedia.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\fastshop.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\fastshop.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\gsb.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\gsb.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\guruwan.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\guruwan.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\hsbc.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\hsbc.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\insinuante.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\insinuante.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\itau.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\itau.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\itruemart.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\itruemart.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\kalunga.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\kalunga.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\kasikornbankgroup.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\kasikornbankgroup.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\kiatnakin.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\kiatnakin.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\krungsrionline.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\krungsrionline.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\ktbnetbank.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\ktbnetbank.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\lazada.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\lazada.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\lhbankspeedy.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\lhbankspeedy.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\magazineluiza.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\magazineluiza.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\mercadolivre.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\mercadolivre.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\mercantildobrasil.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\mercantildobrasil.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\mobly.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\mobly.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\mygroupon.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\mygroupon.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\polishop.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\polishop.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\pontofrio.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\pontofrio.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\portal.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\portal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\reebonz.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\reebonz.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\ricardoeletro.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\ricardoeletro.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\rural.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\rural.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\santander.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\santander.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\scbeasy.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\scbeasy.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\shopat7.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\shopat7.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\shopfacil.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\shopfacil.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\shoptime.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\shoptime.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\sofisadireto.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\sofisadireto.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\standardchartered.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\standardchartered.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\submarino.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\submarino.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\tarad.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\tarad.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\thaicitydeals.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\thaicitydeals.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\thaisale.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\thaisale.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\thaiticketmajor.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\thaiticketmajor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\thanachartbank.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\thanachartbank.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\tisco.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\tisco.png c:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\tmbdirect.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\tmbdirect.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\uobcyberbanking.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\uobcyberbanking.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\visa.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\visa.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\wearyouwant.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\wearyouwant.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\weloveshopping.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\weloveshopping.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\zalora.bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\sites\zalora.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\URLDanger.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\URLSafe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\skin_shopprotect\skin\URLUnkown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\arrow.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\arrow_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\arrow_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\arrow_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\arrow_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\blue_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\blue_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\blue_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\blue_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\button_close_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\button_close_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\button_close_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\button_min_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\button_min_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\button_min_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\green_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\green_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\green_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\green_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\guide.close.down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\guide.close.normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\button\guide.close.over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\checkbox\checkbox_disable_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\checkbox\checkbox_hot_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\checkbox\checkbox_nor_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\checkbox\checkbox_sel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\checkbox\checkbox_sel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\checkbox\checkbox_unsel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\checkbox\checkbox_unsel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\checkbox\checkox_sel_disale.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\checkbox\checkox_unsel_disale.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\circle.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\dottedLine.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\guide_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\headbase.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\homeLockTitleBg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\iconLock.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\iconUnlock.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\ielogo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\ieprotect_logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\pop_bk.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\pop_bk_noline.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\ieprotect\skin\tip.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\bg\bg_process.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\bg\bg_result.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\button\blue_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\button\blue_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\button\blue_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\button\blue_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\button\green_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\button\green_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\button\green_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\button\green_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\button\orange_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\button\orange_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\button\orange_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\checkbox\checkbox_disable_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\checkbox\checkbox_hot_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\checkbox\checkbox_nor_unknown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\checkbox\checkbox_sel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\checkbox\checkbox_sel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\checkbox\checkbox_unsel_hot.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\checkbox\checkbox_unsel_nor.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\checkbox\checkox_sel_disale.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\checkbox\checkox_unsel_disale.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\clear_warning.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\icon\icon_remove.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\icon\icon_safe.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\icon\logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\list_head\down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\list_head\hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\list_head\normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\list_head\sperator.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\plugin_list_risk.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\progress\loading.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\progress\loading_bg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\progress\progress_bc.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\progress\progress_fg.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\progress\progress_light.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\scroll.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\sysbutton\TopBtnClose.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\sysbutton\TopBtnDown.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\sysbutton\TopBtnHover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\tree\item_checked.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_bavpluginremove\skin\tree\item_normal.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\animate_pos.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\annimate.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\btn_blue_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\btn_blue_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\btn_blue_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\btn_EmptyHistory_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\btn_EmptyHistory_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\btn_EmptyHistory_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\btn_gray_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\btn_gray_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\btn_gray_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\button_close_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\button_close_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\button_colse_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\button_forum_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\button_forum_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\button_forum_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\button_min_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\button_min_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\button_min_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\check-box_no-selected.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\check-box_no-selected_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\check-box_selected.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\check-box_selected_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\drop_bk.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\fileshredder_bk.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\icon_add.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\icon_deleteAll.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\icon_done.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\icon_failed.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\icon_sucess.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\icon_tips_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\icon_tips_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\icon_waring.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\item_checked.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\item_normal.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\list_head\arrow_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\list_head\arrow_up.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\list_head\down.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\list_head\hover.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\list_head\normal.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\list_head\sperator.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\logo_small.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\main_logo.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\pic_doing.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\pic_done.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\scroll.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\tree_close_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\tree_close_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\tree_element.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_file_shredder\skin\tree_element_last.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\button_close_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\button_close_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\button_close_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\button_default_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\button_default_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\button_default_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\button_max_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\button_max_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\button_max_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\button_min_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\button_min_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\button_min_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\combobox_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\combobox_hover.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\list_item_checked.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\list_title_bk.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\list_title_line.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\show_language.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_bg.bmpc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_clear_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_clear_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_clear_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_export_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_export_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_export_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_import_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_import_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_import_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_new_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_new_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_new_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_rename_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_rename_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_rename_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_search_down.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_search_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_search_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_share_disable.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_share_normal.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_share_over.pngc:\program files (x86)\Baidu Security\Baidu antivírus\skin\tools\skin_translator\skin\translator_succ.pngc:\program files (x86)\Baidu Security\Baidu antivírus\sl.datc:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\1\BD_0.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\1\BD_10.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\1\BD_11.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\1\BD_7.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\1\BD_8.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\1\BD_9.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\2\BD_0.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\2\BD_10.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\2\BD_11.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\2\BD_7.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\2\BD_8.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\2\BD_9.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\3\BD_0.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\3\BD_10.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\3\BD_11.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\3\BD_7.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\3\BD_8.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\3\BD_9.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\4\BD_0.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\4\BD_10.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\4\BD_11.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\4\BD_7.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\4\BD_8.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\sound\1046\4\BD_9.mp3c:\program files (x86)\Baidu Security\Baidu antivírus\Spring64.sysc:\program files (x86)\Baidu Security\Baidu antivírus\sqlite.dllc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda918.qvc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda91a.qvc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda91b.qvc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda91c.qvc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda91e.qvc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda920.qvc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda921.qvc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda923.qvc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda924.qvc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda926.qvc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda927.qvc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda929.qvc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda92b.qvc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda92c.qvc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda92e.qvc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda92f.qvc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda930.qvc:\program files (x86)\Baidu Security\Baidu antivírus\temp\53bda932.qvc:\program files (x86)\Baidu Security\Baidu antivírus\Translator.exec:\program files (x86)\Baidu Security\Baidu antivírus\Uninstall.exec:\program files (x86)\Baidu Security\Baidu antivírus\update\BavAs.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavBh.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavCommon.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavCs.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavDs.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\bavhm.exec:\program files (x86)\Baidu Security\Baidu antivírus\update\BavLib.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavMem.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavNp.exec:\program files (x86)\Baidu Security\Baidu antivírus\update\Bavnt.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\Bavnt64.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavOa.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavPe.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavPro_Setup.exec:\program files (x86)\Baidu Security\Baidu antivírus\update\BavQv.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavR3Base.sysc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavR3Base64.sysc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavScan.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavShx.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavShx64.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavSig.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavSk.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavSs.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavSu.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavVt.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BavWl.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BdApiUtil.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\BDrvComm.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\Communication.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\DrvInst.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\HackerDefense.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\log.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\server_respond.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\update\sqlite.dllc:\program files (x86)\Baidu Security\Baidu antivírus\update\sw.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\update\Translator.exec:\program files (x86)\Baidu Security\Baidu antivírus\update_config.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\update_statistic.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\version.xmlc:\program files (x86)\Baidu Security\Baidu antivírus\vn.datc:\program files (x86)\Baidu Security\Baidu antivírus\vr.dat..((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))..-------\Legacy_BDAPIUTIL-------\Legacy_BFILTER-------\Legacy_BFMON-------\Legacy_BNBASE-------\Legacy_BPROTECT-------\Legacy_BPROTECTEX-------\Legacy_PCFAPIUTIL-------\Legacy_SPRING-------\Service_Bfilter-------\Service_Bfmon-------\Service_Bnbase-------\Service_Bprotect-------\Service_BprotectEx-------\Service_PCFApiUtil-------\Service_Spring..(((((((((((((((( Arquivos/Ficheiros criados de 2014-06-09 to 2014-07-09 ))))))))))))))))))))))))))))..2014-07-09 21:12 . 2014-07-09 21:12 -------- d-----w- c:\users\Public\AppData\Local\temp2014-07-09 21:12 . 2014-07-09 21:12 -------- d-----w- c:\users\Default\AppData\Local\temp2014-07-09 20:38 . 2014-07-09 20:38 -------- d-----w- c:\users\Zezelto\AppData\Roaming\Baidu2014-07-09 20:37 . 2014-07-09 20:37 -------- d-----w- c:\program files (x86)\Baidu-Security-2014-4.4.4.736872014-07-09 15:10 . 2014-07-09 20:37 -------- d-----w- c:\programdata\Baidu2014-07-09 11:50 . 2010-08-30 12:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll2014-07-08 18:38 . 2014-07-08 18:38 43152 ----a-w- c:\windows\avastSS.scr2014-07-08 12:18 . 2014-07-08 12:18 -------- d-----w- c:\program files\CCleaner2014-07-06 14:41 . 2014-07-06 14:41 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll2014-07-06 14:41 . 2014-07-06 14:41 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll2014-07-06 14:41 . 2014-07-06 14:41 2048 ----a-w- c:\windows\system32\msxml6r.dll2014-07-06 14:41 . 2014-07-06 14:41 2048 ----a-w- c:\windows\system32\msxml3r.dll2014-07-06 14:41 . 2014-07-06 14:41 2002432 ----a-w- c:\windows\system32\msxml6.dll2014-07-06 14:41 . 2014-07-06 14:41 1882112 ----a-w- c:\windows\system32\msxml3.dll2014-07-06 14:41 . 2014-07-06 14:41 1389056 ----a-w- c:\windows\SysWow64\msxml6.dll2014-07-06 14:41 . 2014-07-06 14:41 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll2014-07-06 14:41 . 2014-07-06 14:41 801280 ----a-w- c:\windows\system32\usp10.dll2014-07-06 14:41 . 2014-07-06 14:41 626688 ----a-w- c:\windows\SysWow64\usp10.dll2014-07-06 14:40 . 2014-07-06 14:40 3178496 ----a-w- c:\windows\system32\rdpcorets.dll2014-07-06 14:40 . 2014-07-06 14:40 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll2014-07-06 14:40 . 2014-07-06 14:40 288192 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS2014-07-06 14:40 . 2014-07-06 14:40 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys2014-07-06 14:36 . 2014-07-06 14:36 14175744 ----a-w- c:\windows\system32\shell32.dll2014-07-05 14:23 . 2014-07-05 14:23 -------- d-----w- c:\windows\system32\appmgmt2014-07-01 13:37 . 2014-07-09 20:54 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys2014-07-01 13:37 . 2014-07-01 13:37 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware2014-07-01 13:37 . 2014-05-12 11:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys2014-07-01 13:37 . 2014-05-12 11:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys2014-06-28 12:40 . 2014-06-28 13:44 -------- d-----w- c:\users\Zezelto\AppData\Local\Rocket2014-06-28 12:37 . 2014-07-04 13:35 -------- d-----w- c:\users\Zezelto\Incomplete2014-06-28 12:36 . 2014-07-06 17:31 -------- d-----w- c:\users\Zezelto\AppData\Roaming\MP3Rocket2014-06-24 20:47 . 2007-12-12 18:04 34963 ----a-w- c:\windows\SysWow64\drivers\hid7906.sys2014-06-24 20:47 . 2007-12-03 12:46 37024 ----a-w- c:\windows\SysWow64\drivers\hid8101.sys2014-06-24 20:47 . 2007-11-28 14:52 34587 ----a-w- c:\windows\SysWow64\drivers\hid8103.sys2014-06-24 19:44 . 2002-08-02 06:20 151552 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iuser.dll2014-06-24 19:44 . 2014-06-24 19:44 270468 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll2014-06-24 19:44 . 2014-06-24 19:44 159876 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\IGdi.dll2014-06-24 19:44 . 2002-08-05 14:46 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\ctor.dll2014-06-24 19:44 . 2002-08-02 07:10 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\DotNetInstaller.exe2014-06-24 19:44 . 2002-08-02 06:20 634880 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iKernel.dll2014-06-24 19:44 . 2002-08-02 06:20 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iscript.dll2014-06-24 19:42 . 2014-06-24 19:42 -------- d-----w- c:\windows\USB Vibration2014-06-24 19:40 . 2014-06-24 19:40 -------- d-----w- c:\program files (x86)\USB Vibration2014-06-24 19:07 . 2014-06-24 19:07 40960 ----a-r- c:\users\Zezelto\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe2014-06-24 19:07 . 2014-06-24 19:07 40960 ----a-r- c:\users\Zezelto\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe2014-06-24 19:07 . 2014-06-24 19:07 -------- d-----w- c:\program files (x86)\Project64 1.62014-06-22 19:09 . 2014-06-22 19:09 313256 ----a-w- c:\windows\system32\javaws.exe2014-06-22 19:09 . 2014-06-22 19:09 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll2014-06-22 19:09 . 2014-06-22 19:09 189352 ----a-w- c:\windows\system32\javaw.exe2014-06-22 19:09 . 2014-06-22 19:09 189352 ----a-w- c:\windows\system32\java.exe2014-06-22 19:09 . 2014-06-22 19:09 -------- d-----w- c:\program files\Java2014-06-15 17:19 . 2014-07-01 13:19 -------- d-----w- c:\users\Zezelto\AppData\Roaming\YouTube Downloader HD2014-06-14 00:00 . 2014-06-14 00:00 -------- d-----w- c:\programdata\Oracle2014-06-13 23:59 . 2014-06-13 23:59 -------- d-----w- c:\program files (x86)\Common Files\Java2014-06-13 23:59 . 2014-06-13 23:59 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2014-06-13 23:58 . 2014-06-13 23:58 -------- d-----w- c:\program files (x86)\Java2014-06-11 16:40 . 2014-06-11 16:40 -------- d-----w- c:\users\Default\AppData\Local\Google ...((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))).2014-07-09 18:47 . 2012-09-26 19:07 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2014-07-09 18:47 . 2012-09-26 19:07 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2014-07-08 18:39 . 2012-09-26 19:07 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys2014-07-08 18:38 . 2014-01-17 09:14 92008 ----a-w- c:\windows\system32\drivers\aswstm.sys2014-07-08 18:38 . 2014-04-29 11:31 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys2014-07-08 18:38 . 2013-03-07 10:23 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys2014-07-08 18:38 . 2013-03-07 10:23 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2014-07-08 18:38 . 2012-09-26 19:06 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys2014-07-08 18:38 . 2012-09-26 19:06 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2014-07-08 18:38 . 2012-09-26 19:06 307344 ----a-w- c:\windows\system32\aswBoot.exe2014-07-08 18:38 . 2012-09-26 19:07 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2014-06-13 02:11 . 2014-06-09 12:15 70912 ----a-w- c:\windows\system32\drivers\Bndef.sys2014-06-09 12:00 . 2014-06-09 12:15 91616 ----a-w- c:\windows\system32\drivers\Bnbasex.sys2014-05-12 11:25 . 2013-12-05 11:41 25816 ----a-w- c:\windows\system32\drivers\mbam.sys2014-04-30 23:20 . 2014-05-28 00:52 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FAF74C34-95C6-4372-AC1A-F8B21B377CCD}\mpengine.dll2014-04-29 14:57 . 2014-04-29 14:57 465408 ----a-w- c:\windows\system32\aepdu.dll2014-04-29 14:57 . 2014-04-29 14:57 424448 ----a-w- c:\windows\system32\aeinv.dll..(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))..*Nota* entradas vazias e legítimas por padrão não são apresentadas. REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-07-29 4287536]"Akamai NetSession Interface"="c:\users\Zezelto\AppData\Local\Akamai\netsession_win.exe" [2014-04-18 4672920]"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-09-27 39408]"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2013-04-22 720064].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"Aeria Ignite"="c:\program files (x86)\Aeria Games\Ignite\aeriaignite.exe" [2013-06-06 1925656]"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-08 4086432]"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904].c:\users\Zezelto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"aux"=wdmaud.drv.[HKEY_LOCAL_MACHINE\software\microsoft\security center]"AutoUpdateDisableNotify"=dword:00000001.R1 Bndef;Baidu NetDefense;c:\windows\System32\drivers\bndef64.sys;c:\windows\SYSNATIVE\drivers\bndef64.sys [x]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]R3 3xHybr64;3xHybrid service;c:\windows\system32\DRIVERS\3xHybr64.sys;c:\windows\SYSNATIVE\DRIVERS\3xHybr64.sys [x]R3 DLPortIO;DriverLINX Port I/O Driver;c:\windows\system32\DRIVERS\DLPortIO.SYS;c:\windows\SYSNATIVE\DRIVERS\DLPortIO.SYS [x]R3 hid7906;hid7906;c:\windows\system32\drivers\hid7906.sys;c:\windows\SYSNATIVE\drivers\hid7906.sys [x]R3 hid8101;hid8101;c:\windows\system32\drivers\hid8101.sys;c:\windows\SYSNATIVE\drivers\hid8101.sys [x]R3 hid8103;hid8103;c:\windows\system32\drivers\hid8103.sys;c:\windows\SYSNATIVE\drivers\hid8103.sys [x]R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]R3 wolf;wolf;c:\aeriagames\Wolfteam\avital\wolf64.sys;c:\aeriagames\Wolfteam\avital\wolf64.sys [x]R3 wolfkr;wolfkr;c:\aeriagames\Wolfteam\avital\wolfk64.sys;c:\aeriagames\Wolfteam\avital\wolfk64.sys [x]R3 X6va013;X6va013;c:\windows\SysWOW64\Drivers\X6va013;c:\windows\SysWOW64\Drivers\X6va013 [x]R3 X6va014;X6va014;c:\windows\SysWOW64\Drivers\X6va014;c:\windows\SysWOW64\Drivers\X6va014 [x]R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x]R3 X6va016;X6va016;c:\windows\SysWOW64\Drivers\X6va016;c:\windows\SysWOW64\Drivers\X6va016 [x]R3 X6va017;X6va017;c:\windows\SysWOW64\Drivers\X6va017;c:\windows\SysWOW64\Drivers\X6va017 [x]S0 aswRvrt;avast! Revert; [x]S0 aswVmm;avast! VM Monitor; [x]S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]..--- =Outros Serviços/Drivers Na Memória ---.*NewlyCreated* - MBAMSWISSARMY.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2014-07-08 18:45 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe.Conteúdo da pasta 'Tarefas Agendadas'.2014-07-09 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-26 18:47].2014-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-27 23:45].2014-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-27 23:45]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2014-07-08 18:38 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-25 165912]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-25 385560]"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-25 363544]"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-03-11 13667032].------- Scan Suplementar -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = https://www.google.com.br/mDefault_Search_URL = www.google.commDefault_Page_URL = www.google.commStart Page = www.google.commLocal Page = c:\windows\SysWOW64\blank.htmmSearch Page = hxxp://www.google.comuInternet Settings,ProxyOverride = <local>IE: &Enviar para o OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105IE: E&xportar para o Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000Trusted Zone: aeriagames.comTCP: DhcpNameServer = 192.168.1.254 10.0.0.1TCP: Interfaces\{99E2AE96-65A8-439A-8B15-27D296AACE06}: NameServer = 208.67.222.222,208.67.220.220FF - ProfilePath - c:\users\Zezelto\AppData\Roaming\Mozilla\Firefox\Profiles\2t7vd3nj.default-1354908366812\..[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va013]"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va013".[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va014]"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va014".[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va015]"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015".[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va016]"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va016".[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va017]"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va017".--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------.[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]@Denied: (2) (LocalSystem)"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7c,12,95,27,9b,90,ee,43,80,12,d4,\"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7c,12,95,27,9b,90,ee,43,80,12,d4,\.[HKEY_USERS\S-1-5-21-659561988-1454047286-3924272670-1000\System\CurrentControlSet\Control\MediaProperties\PrivateProperties\DirectInput\VID_0079&PID_0006\Calibration\0\Type\Axes]@DACL=(02 0000).[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.14".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]@Denied: (Everyone)"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}".[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]@Denied: (Everyone).[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]"Key"="ActionsPane3""Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd".[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (Users)@Denied: (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Outros Processos em Execução ------------------------.c:\program files\AVAST Software\Avast\AvastSvc.exec:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exec:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe.**************************************************************************.Tempo para conclusão: 2014-07-09 17:19:07 - Máquina reiniciouComboFix-quarantined-files.txt 2014-07-09 21:19ComboFix2.txt 2014-07-09 15:14ComboFix3.txt 2013-10-23 13:19ComboFix4.txt 2012-12-12 17:26.Pré-execução: 638.045.712.384 bytes disponíveisPós execução: 637.536.038.912 bytes disponíveis.- - End Of File - - 80F7BE6B6DD1A41EC5C8CD8B80438ADDA36C5E4F47E84449FF07ED3517B43A31
×