Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 14 usuários online :: 0 registrados, 0 invisíveis e 14 visitantes :: 1 motor de buscaNenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Baidu Security,não sai do meu pc de jeito nenhum
2 participantes
Página 1 de 1
Baidu Security,não sai do meu pc de jeito nenhum
por GuiiChaves Sáb 22 Fev 2014, 03:13
Por favor , alguen me me da uma orientação, Eu ja tentei de tudo mas não consigo remover esta praga do meu computador, cliquei por um descuido pra instalar ele quando baixei um programa, e não consigo me livrar dele; Baidu Security (Antivírus)
GuiiChaves- Iniciante
- Mensagens : 13
Reputação : 0
Data de inscrição : 22/02/2014
Re: Baidu Security,não sai do meu pc de jeito nenhum
por Power Max Sáb 22 Fev 2014, 10:43
Olá GuiiChaves. Seja bem vindo ao Fórum PC Brasil.
Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].*Execute-o e clique no botão Main Menu.
* Na próxima tela que surgirá clique em [Do a system scan and save a logfile].
*Um relatório será apresentado.
*Selecione todo o conteúdo deste relatório e copie (Ctrl+c).
Depois disso é só voltar aqui no fórum e postar este log do Hijackthis para que ele possa ser analisado.
Ficamos no aguardo de sua resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Baidu Security,não sai do meu pc de jeito nenhum
por GuiiChaves Sáb 22 Fev 2014, 14:45
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:44:48, on 22/02/2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\GUILHERME\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Baidu Antivirus] "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe" -auto
O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Baidu Antivirus Service (BAVSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe
O23 - Service: Baidu Hips Service (BHipsSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SaveSenseLive Service (savesenselive) (savesenselive) - SaveSense - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe
O23 - Service: SaveSenseLive Service (savesenselivem) (savesenselivem) - SaveSense - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe
O23 - Service: scpVista - Banco Bradesco S.A. - C:\Program Files (x86)\Scpad\scpVista.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6694 bytes
Scan saved at 14:44:48, on 22/02/2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\GUILHERME\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files (x86)\Scpad\scpsssh2.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Baidu Antivirus] "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavTray.exe" -auto
O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Baidu Antivirus Service (BAVSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe
O23 - Service: Baidu Hips Service (BHipsSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SaveSenseLive Service (savesenselive) (savesenselive) - SaveSense - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe
O23 - Service: SaveSenseLive Service (savesenselivem) (savesenselivem) - SaveSense - C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe
O23 - Service: scpVista - Banco Bradesco S.A. - C:\Program Files (x86)\Scpad\scpVista.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6694 bytes
GuiiChaves- Iniciante
- Mensagens : 13
Reputação : 0
Data de inscrição : 22/02/2014
Re: Baidu Security,não sai do meu pc de jeito nenhum
por Power Max Sáb 22 Fev 2014, 14:48
Siga, por gentileza, as dicas do tutorial abaixo:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Baidu Security,não sai do meu pc de jeito nenhum
por GuiiChaves Sáb 22 Fev 2014, 14:59
# AdwCleaner v3.019 - Relatório criado 22/02/2014 às 14:56:30
# Atualizado 17/02/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate (64 bits)
# Usuário : GUILHERME - GUILHERME-PC
# Executando de : C:\Users\GUILHERME\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
[!] Pasta Deletada : C:\ProgramData\baidu
[!] Pasta Deletada : C:\ProgramData\SaveSenseLive
[!] Pasta Deletada : C:\Program Files (x86)\SaveSenseLive
[!] Pasta Deletada : C:\Users\GUILHERME\AppData\Local\SaveSense
[!] Pasta Deletada : C:\Users\GUILHERME\AppData\Local\SaveSenseLive
[!] Pasta Deletada : C:\Users\GUILHERME\AppData\Roaming\baidu
[!] Pasta Deletada : C:\Users\GUILHERME\AppData\Roaming\SaveSense
[!] Pasta Deletada : C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
Arquivo Deletada : C:\Program Files (x86)\Uninstall.exe
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\SaveSenseLive
Chave Deletedo : HKLM\Software\DealPlyLive
Chave Deletedo : HKLM\Software\SaveSenseLive
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.7600.16385
-\\ Mozilla Firefox v27.0.1 (pt-BR)
[ Arquivo : C:\Users\GUILHERME\AppData\Roaming\Mozilla\Firefox\Profiles\g9d5artv.default\prefs.js ]
-\\ Google Chrome v33.0.1750.117
[ Arquivo : C:\Users\GUILHERME\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [2233 octets] - [22/02/2014 14:55:40]
AdwCleaner[S0].txt - [2057 octets] - [22/02/2014 14:56:30]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2117 octets] ##########
# Atualizado 17/02/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate (64 bits)
# Usuário : GUILHERME - GUILHERME-PC
# Executando de : C:\Users\GUILHERME\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
[!] Pasta Deletada : C:\ProgramData\baidu
[!] Pasta Deletada : C:\ProgramData\SaveSenseLive
[!] Pasta Deletada : C:\Program Files (x86)\SaveSenseLive
[!] Pasta Deletada : C:\Users\GUILHERME\AppData\Local\SaveSense
[!] Pasta Deletada : C:\Users\GUILHERME\AppData\Local\SaveSenseLive
[!] Pasta Deletada : C:\Users\GUILHERME\AppData\Roaming\baidu
[!] Pasta Deletada : C:\Users\GUILHERME\AppData\Roaming\SaveSense
[!] Pasta Deletada : C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
Arquivo Deletada : C:\Program Files (x86)\Uninstall.exe
***** [ Atalhos ] *****
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\SaveSenseLive
Chave Deletedo : HKLM\Software\DealPlyLive
Chave Deletedo : HKLM\Software\SaveSenseLive
***** [ Navegadores ] *****
-\\ Internet Explorer v8.0.7600.16385
-\\ Mozilla Firefox v27.0.1 (pt-BR)
[ Arquivo : C:\Users\GUILHERME\AppData\Roaming\Mozilla\Firefox\Profiles\g9d5artv.default\prefs.js ]
-\\ Google Chrome v33.0.1750.117
[ Arquivo : C:\Users\GUILHERME\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [2233 octets] - [22/02/2014 14:55:40]
AdwCleaner[S0].txt - [2057 octets] - [22/02/2014 14:56:30]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2117 octets] ##########
GuiiChaves- Iniciante
- Mensagens : 13
Reputação : 0
Data de inscrição : 22/02/2014
Re: Baidu Security,não sai do meu pc de jeito nenhum
por Power Max Sáb 22 Fev 2014, 15:01
Siga, por gentileza, as dicas do tutorial abaixo:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
* Na sua próxima resposta poste, por gentileza, o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt
Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
(RESOLVIDO) BAIDU SECURITY , não sai do meu pc de jeito nenhum
por GuiiChaves Sáb 22 Fev 2014, 15:14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Ultimate x64
Ran by GUILHERME on 22/02/2014 at 15:09:37,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
~~~ Files
Successfully deleted: [File] C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
Successfully deleted: [File] C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\baidu"
~~~ FireFox
Emptied folder: C:\Users\GUILHERME\AppData\Roaming\mozilla\firefox\profiles\g9d5artv.default\minidumps [14 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/02/2014 at 15:12:56,62
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Ultimate x64
Ran by GUILHERME on 22/02/2014 at 15:09:37,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
~~~ Files
Successfully deleted: [File] C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
Successfully deleted: [File] C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\baidu"
~~~ FireFox
Emptied folder: C:\Users\GUILHERME\AppData\Roaming\mozilla\firefox\profiles\g9d5artv.default\minidumps [14 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/02/2014 at 15:12:56,62
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
GuiiChaves- Iniciante
- Mensagens : 13
Reputação : 0
Data de inscrição : 22/02/2014
Re: Baidu Security,não sai do meu pc de jeito nenhum
por Power Max Sáb 22 Fev 2014, 15:17
Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Sáb 22 Fev 2014, 15:48, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Baidu Security,não sai do meu pc de jeito nenhum
por GuiiChaves Sáb 22 Fev 2014, 15:43
Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by GUILHERME on 22/02/2014 at 15:27:16,09.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\GUILHERME\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
22/02/2014 15:28:15 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Creating Sample_022014_1535.zip ======================
Process firefox.exe killed
Copied file C:\Users\GUILHERME\AppData\Local\downloader.exe to sample\downloader.exe
sample\downloader.exe renamed to E5FEE4BAACB345FDAC2932F71C682206
C:\Users\Public\Desktop\sample_022014_1535.zip created successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\savesenselive deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\savesenselive deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\savesenselivem deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\savesenselivem deleted successfully
==== FireFox Fix ======================
Deleted from C:\Users\GUILHE~1\AppData\Roaming\Mozilla\Firefox\Profiles\g9d5artv.default\prefs.js:
Added to C:\Users\GUILHE~1\AppData\Roaming\Mozilla\Firefox\Profiles\g9d5artv.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\Baidu deleted
C:\windows\SysNative\tasks\Baidu Antivirus Update deleted
C:\Users\GUILHERME\AppData\Local\downloader.exe deleted
==== Folders Found ======================
2014-02-22 17:56:31 2014-02-22 17:56:31 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-02-19 02:25:37 2014-02-22 03:03:44 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-02-19 02:25:37 2014-02-22 05:57:37 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-02-19 02:16:52 2014-02-19 02:16:52 -------- d-----w- C:\Users\GUILHERME\AppData\Local\Temp\baidu_secure
2014-02-22 18:36:07 2014-02-22 18:36:07 -------- d---a-w- C:\zoek_backup\C_PROGRA~3_Baidu
==== Files Found ======================
--- C:\$Recycle.Bin\S-1-5-21-1015031960-3485201159-700253023-1000\$RU22PKE\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1222
Created time: 2014-02-19 02:25:50
Modified time: 2014-02-19 02:25:50
MD5: 4F5948F2AACCF783DC7A5666D1D90B3E
SHA1: 218FECA954C9C0478E20BB989EA175F821B248F7
--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3432
Created time: 2014-02-22 18:36:07
Modified time: 2014-02-19 02:25:49
MD5: B0506D581BFA1A49B921098127C7EEA0
SHA1: 7596F6A896E024451AF24D2F7743F2AFCCCC1418
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BavTray.exe\" -auto"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
"ucloud"="u.bav.baidu.com"
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.bav.baidu.com/cgi-bin/url_visit_action.cgi"
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"="Bav"
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"="Bav"
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [21/02/2014 19:06]
==== Firefox Extensions ======================
ProfilePath: C:\Users\GUILHE~1\AppData\Roaming\Mozilla\Firefox\Profiles\g9d5artv.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- SaveSense - %ProfilePath%\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}
- Media Hint - %ProfilePath%\extensions\mediahint@jetpack.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\GUILHERME\AppData\Roaming\Mozilla\Firefox\Profiles\g9d5artv.default
FD6ACD9D85177259D442A0C4AC15F7B8 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll - Shockwave Flash
==== Deleted Firefox Extensions ======================
C:\Users\GUILHE~1\AppData\Roaming\Mozilla\Firefox\Profiles\g9d5artv.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[12/02/2014 18:55]
Media Hint - GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Extensions\anepbdekljkmmimmhbniglnnanmmkoja
Google Docs - GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\GUILHERME\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\GUILHERME\Desktop\AdwCleaner - Atalho.lnk - C:\Users\GUILHERME\Downloads\AdwCleaner.exe
C:\Users\GUILHERME\Desktop\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\GUILHERME\Desktop\CCleaner - Atalho.lnk - C:\Program Files (x86)\CCleaner\CCleaner.exe
C:\Users\GUILHERME\Desktop\GGMM.lnk - C:\Program Files (x86)\Rockstar Games\GTA San Andreas\GGMM.exe
C:\Users\GUILHERME\Desktop\Gta San Andreas.lnk - C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe
C:\Users\GUILHERME\Desktop\League of Legends.lnk - C:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.admin.exe
C:\Users\GUILHERME\Desktop\MK - Atalho.lnk - C:\Program Files (x86)\MKJogo\MKLOL\MK.exe
C:\Users\GUILHERME\Desktop\Multi Theft Auto.lnk - C:\Program Files (x86)\Rockstar Games\GTA San Andreas\Multi Theft Auto.exe
C:\Users\GUILHERME\Desktop\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\GUILHERME\Desktop\samp - Atalho.lnk - C:\Program Files (x86)\Rockstar Games\GTA San Andreas\samp.exe
C:\Users\GUILHERME\Desktop\Steam.lnk - D:\Program Files\Steam\Steam.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk - C:\Program Files (x86)\ts3client_win64.exe
==== shortcuts in Users Start Menu ======================
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Grand Theft Auto San Andreas™.lnk -
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot\Desinstalar LightShot.lnk - C:\Users\GUILHERME\AppData\Local\Skillbrains\lightshot\unins000.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot\Learn More.lnk - C:\Users\GUILHERME\AppData\Local\Skillbrains\lightshot\5.0.0.2\learnmore.url
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot\Lightshot .lnk - C:\Users\GUILHERME\AppData\Local\Skillbrains\lightshot\LightShot.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe -hunter
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-A80000000000}\SC_Reader.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk - C:\Windows\ehome\ehshell.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\All options.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\Generate log with system information.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=generate_log
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\Manage ACM and VFW codecs.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=codec_management
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\Manage DirectShow filters.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=dsfilter_management
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\Manage preferred DirectShow source filters.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=sourcefilters
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\vsfilter.dll",DirectVobSub
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\ffdshow\ffdshow.ax",configureAudio
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow DXVA video decoder.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\ffdshow\ffdshow.ax",configureDXVA
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow VFW interface.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Windows\SysWOW64\ff_vfw.dll",configureVFW
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\ffdshow\ffdshow.ax",configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali Media Splitter.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\splitter.ax",Configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali video renderer.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe {760A8F35-97E7-479D-AAF5-DA9EFF95D751}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\madFLAC.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe {6B257121-CBB6-46B3-ABFA-B14DFA98C4A6}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=reset_settings
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\VP7 decoder.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe {C204438D-6E1A-4309-B09C-0C0F749863AF}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Xvid encoder.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Windows\SysWOW64\xvidvfw.dll",Configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Info\faq.htm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Codec Tweak Tool.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudio.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\graphstudio.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Haali Muxer.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\gdsmux.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\VobSubStrip.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\VobSubStrip.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Xvid StatsReader.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\StatsReader.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk - C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Nero ProductSetup.lnk - C:\Program Files (x86)\Common Files\Ahead\Nero Web\SetupX.exe -ScParameter=8 MODE="update"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\dados\Nero BackItUp.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\BackItUp.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\dados\Nero Burning ROM.lnk - C:\Program Files (x86)\Nero\Nero 7\Core\nero.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\dados\Nero Express.lnk - C:\Program Files (x86)\Nero\Nero 7\Core\nero.exe -ScParameter=8 /w
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Etiquetas\Nero CoverDesigner.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero CoverDesigner\CoverDes.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Ferramentas\Nero CD-DVD Speed.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Toolkit\CDSpeed.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Ferramentas\Nero DriveSpeed.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Toolkit\DriveSpeed.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Ferramentas\Nero InfoTool.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Toolkit\InfoTool.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Foto e Vídeo\Nero PhotoSnap Viewer.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Foto e Vídeo\Nero PhotoSnap.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Foto e Vídeo\Nero Recode.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Foto e Vídeo\Nero Vision.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero BackItUp [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero CD-DVD Speed [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero CoverDesigner [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero Express [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero PhotoSnap [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero Recode [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero SoundTrax [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero StartSmart [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero Vision [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero WaveEditor [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\áudio\Nero Burning ROM.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\áudio\Nero Express.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\áudio\Nero SoundTrax.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\áudio\Nero WaveEditor.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /show
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /disable
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /enable
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk - C:\Program Files (x86)\ts3client_win64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk - C:\Program Files (x86)\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WINRAR.HLP
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\GUILHERME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\GUILHERME\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\GUILHERME\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\GUILHERME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\GUILHERME\AppData\Local\Mozilla\Firefox\Profiles\g9d5artv.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=12 folders=7 322520 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\GUILHERME\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\GUILHE~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\GUILHERME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on 22/02/2014 at 15:42:01,03 ======================
Tool run by GUILHERME on 22/02/2014 at 15:27:16,09.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\GUILHERME\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
22/02/2014 15:28:15 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Creating Sample_022014_1535.zip ======================
Process firefox.exe killed
Copied file C:\Users\GUILHERME\AppData\Local\downloader.exe to sample\downloader.exe
sample\downloader.exe renamed to E5FEE4BAACB345FDAC2932F71C682206
C:\Users\Public\Desktop\sample_022014_1535.zip created successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\savesenselive deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\savesenselive deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\savesenselivem deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\savesenselivem deleted successfully
==== FireFox Fix ======================
Deleted from C:\Users\GUILHE~1\AppData\Roaming\Mozilla\Firefox\Profiles\g9d5artv.default\prefs.js:
Added to C:\Users\GUILHE~1\AppData\Roaming\Mozilla\Firefox\Profiles\g9d5artv.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\Baidu deleted
C:\windows\SysNative\tasks\Baidu Antivirus Update deleted
C:\Users\GUILHERME\AppData\Local\downloader.exe deleted
==== Folders Found ======================
2014-02-22 17:56:31 2014-02-22 17:56:31 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-02-19 02:25:37 2014-02-22 03:03:44 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-02-19 02:25:37 2014-02-22 05:57:37 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-02-19 02:16:52 2014-02-19 02:16:52 -------- d-----w- C:\Users\GUILHERME\AppData\Local\Temp\baidu_secure
2014-02-22 18:36:07 2014-02-22 18:36:07 -------- d---a-w- C:\zoek_backup\C_PROGRA~3_Baidu
==== Files Found ======================
--- C:\$Recycle.Bin\S-1-5-21-1015031960-3485201159-700253023-1000\$RU22PKE\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1222
Created time: 2014-02-19 02:25:50
Modified time: 2014-02-19 02:25:50
MD5: 4F5948F2AACCF783DC7A5666D1D90B3E
SHA1: 218FECA954C9C0478E20BB989EA175F821B248F7
--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3432
Created time: 2014-02-22 18:36:07
Modified time: 2014-02-19 02:25:49
MD5: B0506D581BFA1A49B921098127C7EEA0
SHA1: 7596F6A896E024451AF24D2F7743F2AFCCCC1418
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BavTray.exe\" -auto"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
"ucloud"="u.bav.baidu.com"
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.bav.baidu.com/cgi-bin/url_visit_action.cgi"
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"="Bav"
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"="Bav"
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [21/02/2014 19:06]
==== Firefox Extensions ======================
ProfilePath: C:\Users\GUILHE~1\AppData\Roaming\Mozilla\Firefox\Profiles\g9d5artv.default
- avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- SaveSense - %ProfilePath%\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}
- Media Hint - %ProfilePath%\extensions\mediahint@jetpack.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\GUILHERME\AppData\Roaming\Mozilla\Firefox\Profiles\g9d5artv.default
FD6ACD9D85177259D442A0C4AC15F7B8 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll - Shockwave Flash
==== Deleted Firefox Extensions ======================
C:\Users\GUILHE~1\AppData\Roaming\Mozilla\Firefox\Profiles\g9d5artv.default\extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[12/02/2014 18:55]
Media Hint - GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Extensions\anepbdekljkmmimmhbniglnnanmmkoja
Google Docs - GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\GUILHERME\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== shortcuts on Users Desktops ======================
C:\Users\GUILHERME\Desktop\AdwCleaner - Atalho.lnk - C:\Users\GUILHERME\Downloads\AdwCleaner.exe
C:\Users\GUILHERME\Desktop\Ares.lnk - C:\Program Files (x86)\Ares\Ares.exe
C:\Users\GUILHERME\Desktop\CCleaner - Atalho.lnk - C:\Program Files (x86)\CCleaner\CCleaner.exe
C:\Users\GUILHERME\Desktop\GGMM.lnk - C:\Program Files (x86)\Rockstar Games\GTA San Andreas\GGMM.exe
C:\Users\GUILHERME\Desktop\Gta San Andreas.lnk - C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe
C:\Users\GUILHERME\Desktop\League of Legends.lnk - C:\Program Files (x86)\Riot Games\League of Legends\lol.launcher.admin.exe
C:\Users\GUILHERME\Desktop\MK - Atalho.lnk - C:\Program Files (x86)\MKJogo\MKLOL\MK.exe
C:\Users\GUILHERME\Desktop\Multi Theft Auto.lnk - C:\Program Files (x86)\Rockstar Games\GTA San Andreas\Multi Theft Auto.exe
C:\Users\GUILHERME\Desktop\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\GUILHERME\Desktop\samp - Atalho.lnk - C:\Program Files (x86)\Rockstar Games\GTA San Andreas\samp.exe
C:\Users\GUILHERME\Desktop\Steam.lnk - D:\Program Files\Steam\Steam.exe
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\avast Free Antivirus.lnk -
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk - C:\Program Files (x86)\ts3client_win64.exe
==== shortcuts in Users Start Menu ======================
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Grand Theft Auto San Andreas™.lnk -
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot\Desinstalar LightShot.lnk - C:\Users\GUILHERME\AppData\Local\Skillbrains\lightshot\unins000.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot\Learn More.lnk - C:\Users\GUILHERME\AppData\Local\Skillbrains\lightshot\5.0.0.2\learnmore.url
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot\Lightshot .lnk - C:\Users\GUILHERME\AppData\Local\Skillbrains\lightshot\LightShot.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe -hunter
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1046-7B44-A80000000000}\SC_Reader.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk - C:\Windows\ehome\ehshell.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk - C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast Free Antivirus.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Backgammon.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Checkers.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Internet Spades.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Media Player Classic.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\All options.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\Generate log with system information.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=generate_log
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\Manage ACM and VFW codecs.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=codec_management
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\Manage DirectShow filters.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=dsfilter_management
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Codec Tweak Tool\Manage preferred DirectShow source filters.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=sourcefilters
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\vsfilter.dll",DirectVobSub
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow audio decoder.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\ffdshow\ffdshow.ax",configureAudio
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow DXVA video decoder.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\ffdshow\ffdshow.ax",configureDXVA
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow VFW interface.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Windows\SysWOW64\ff_vfw.dll",configureVFW
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow video decoder.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\ffdshow\ffdshow.ax",configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali Media Splitter.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\splitter.ax",Configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Haali video renderer.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe {760A8F35-97E7-479D-AAF5-DA9EFF95D751}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\madFLAC.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe {6B257121-CBB6-46B3-ABFA-B14DFA98C4A6}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Reset to recommended settings.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /showsections=reset_settings
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\VP7 decoder.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\dsconfig.exe {C204438D-6E1A-4309-B09C-0C0F749863AF}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Xvid encoder.lnk - C:\Windows\SysWOW64\rundll32.exe "C:\Windows\SysWOW64\xvidvfw.dll",Configure
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Help\Frequently Asked Questions.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Info\faq.htm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Codec Tweak Tool.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\GraphStudio.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\graphstudio.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Haali Muxer.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Filters\Haali\gdsmux.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\MediaInfo.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\VobSubStrip.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\VobSubStrip.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\Win7DSFilterTweaker.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Tools\Xvid StatsReader.lnk - C:\Program Files (x86)\K-Lite Codec Pack\Tools\StatsReader.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Uninstall\Uninstall K-Lite Codec Pack.lnk - C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Nero ProductSetup.lnk - C:\Program Files (x86)\Common Files\Ahead\Nero Web\SetupX.exe -ScParameter=8 MODE="update"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\dados\Nero BackItUp.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\BackItUp.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\dados\Nero Burning ROM.lnk - C:\Program Files (x86)\Nero\Nero 7\Core\nero.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\dados\Nero Express.lnk - C:\Program Files (x86)\Nero\Nero 7\Core\nero.exe -ScParameter=8 /w
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Etiquetas\Nero CoverDesigner.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero CoverDesigner\CoverDes.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Ferramentas\Nero CD-DVD Speed.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Toolkit\CDSpeed.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Ferramentas\Nero DriveSpeed.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Toolkit\DriveSpeed.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Ferramentas\Nero InfoTool.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero Toolkit\InfoTool.exe -ScParameter=8
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Foto e Vídeo\Nero PhotoSnap Viewer.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Foto e Vídeo\Nero PhotoSnap.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Foto e Vídeo\Nero Recode.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Foto e Vídeo\Nero Vision.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero BackItUp [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero CD-DVD Speed [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero CoverDesigner [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero Express [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero PhotoSnap [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero Recode [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero SoundTrax [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero StartSmart [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero Vision [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Manuais\Nero WaveEditor [Ajuda em inglês].lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\áudio\Nero Burning ROM.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\áudio\Nero Express.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\áudio\Nero SoundTrax.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\áudio\Nero WaveEditor.lnk -
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /show
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /disable
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /enable
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk - C:\Program Files (x86)\ts3client_win64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk - C:\Program Files (x86)\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Ajuda do WinRAR.lnk - C:\Program Files (x86)\WinRAR\WINRAR.HLP
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manual do Console RAR.lnk - C:\Program Files (x86)\WinRAR\Rar.txt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files (x86)\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\GUILHERME\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\USURIO~1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\GUILHERME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\GUILHERME\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\GUILHERME\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\GUILHERME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\GUILHERME\AppData\Local\Mozilla\Firefox\Profiles\g9d5artv.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\GUILHERME\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=12 folders=7 322520 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\GUILHERME\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Users\USURIO~1\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\GUILHE~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\GUILHERME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on 22/02/2014 at 15:42:01,03 ======================
GuiiChaves- Iniciante
- Mensagens : 13
Reputação : 0
Data de inscrição : 22/02/2014
Re: Baidu Security,não sai do meu pc de jeito nenhum
por Power Max Sáb 22 Fev 2014, 16:08
Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]* Copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Sáb 22 Fev 2014, 16:57, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Baidu Security,não sai do meu pc de jeito nenhum
por GuiiChaves Sáb 22 Fev 2014, 16:20
Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by GUILHERME on 22/02/2014 at 16:11:24,97.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\GUILHERME\Downloads\zoek(1).exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-02-22-184201.log 37069 bytes
==== System Restore Info ======================
22/02/2014 16:12:19 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[-HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"=-
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"=-
==== Deleting Files \ Folders ======================
C:\Users\GUILHERME\AppData\Local\Temp\baidu_secure not found
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavClean.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavhm.exe" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavQv.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavUl.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BDrvComm.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsCore.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\CloudDefense.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Communication.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\DrvInst.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\HackerDefense.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\HipsHB.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\sqlite.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavClean.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavhm.exe" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavQv.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavUl.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BDrvComm.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsCore.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\CloudDefense.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Communication.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\DrvInst.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\HackerDefense.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\HipsHB.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\sqlite.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not deleted
"C:\Program Files (x86)\Baidu Security" not deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus" not deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus" not deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log" not deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log" not deleted
==== Folders Found ======================
2014-02-22 17:56:31 2014-02-22 17:56:31 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-02-19 02:25:37 2014-02-22 03:03:44 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-02-19 02:25:37 2014-02-22 19:13:17 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-02-22 18:41:48 2014-02-22 18:41:48 -------- d-----w- C:\ProgramData\Baidu
2014-02-22 18:41:48 2014-02-22 18:41:48 -------- d-----w- C:\Users\All Users\Baidu
2014-02-22 19:13:12 2014-02-22 19:13:12 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-02-22 19:13:12 2014-02-22 19:13:12 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-02-22 18:36:07 2014-02-22 18:36:07 -------- d---a-w- C:\zoek_backup\C_PROGRA~3_Baidu
2014-02-22 19:13:12 2014-02-22 19:13:12 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
==== Files Found ======================
--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3432
Created time: 2014-02-22 18:36:07
Modified time: 2014-02-19 02:25:49
MD5: B0506D581BFA1A49B921098127C7EEA0
SHA1: 7596F6A896E024451AF24D2F7743F2AFCCCC1418
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_USERS\.DEFAULT\Software\Baidu]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-18\Software\Baidu]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=48 folders=24 15083270 bytes)
==== After Reboot ======================
==== Deleting Files / Folders ======================
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not found
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not found
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not found
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not found
"C:\Program Files (x86)\Baidu Security" not found
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus" not found
==== EOF on 22/02/2014 at 16:18:02,28 ======================
Tool run by GUILHERME on 22/02/2014 at 16:11:24,97.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\GUILHERME\Downloads\zoek(1).exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-02-22-184201.log 37069 bytes
==== System Restore Info ======================
22/02/2014 16:12:19 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BdApiUtil deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bprotect deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BdApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BdApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFILTER\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BFMON\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_BPROTECT\0000]
"DeviceDesc"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BdApiUtil]
"ImagePath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Bprotect]
"InstPath"=-
[-HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"=-
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe"=-
==== Deleting Files \ Folders ======================
C:\Users\GUILHERME\AppData\Local\Temp\baidu_secure not found
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavClean.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavhm.exe" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavQv.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavUl.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BDrvComm.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsCore.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\CloudDefense.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Communication.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\DrvInst.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\HackerDefense.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\HipsHB.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\sqlite.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavClean.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavhm.exe" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavQv.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BAVSvc.exe" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavUl.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BDrvComm.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsCore.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\CloudDefense.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Communication.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\DrvInst.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\HackerDefense.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\HipsHB.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\sqlite.dll" deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not deleted
"C:\Program Files (x86)\Baidu Security" not deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus" not deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus" not deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log" not deleted
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log" not deleted
==== Folders Found ======================
2014-02-22 17:56:31 2014-02-22 17:56:31 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-02-19 02:25:37 2014-02-22 03:03:44 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-02-19 02:25:37 2014-02-22 19:13:17 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-02-22 18:41:48 2014-02-22 18:41:48 -------- d-----w- C:\ProgramData\Baidu
2014-02-22 18:41:48 2014-02-22 18:41:48 -------- d-----w- C:\Users\All Users\Baidu
2014-02-22 19:13:12 2014-02-22 19:13:12 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-02-22 19:13:12 2014-02-22 19:13:12 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-02-22 18:36:07 2014-02-22 18:36:07 -------- d---a-w- C:\zoek_backup\C_PROGRA~3_Baidu
2014-02-22 19:13:12 2014-02-22 19:13:12 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
==== Files Found ======================
--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3432
Created time: 2014-02-22 18:36:07
Modified time: 2014-02-19 02:25:49
MD5: B0506D581BFA1A49B921098127C7EEA0
SHA1: 7596F6A896E024451AF24D2F7743F2AFCCCC1418
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_USERS\.DEFAULT\Software\Baidu]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\PC Faster]
[HKEY_USERS\S-1-5-18\Software\Baidu]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=48 folders=24 15083270 bytes)
==== After Reboot ======================
==== Deleting Files / Folders ======================
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not found
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BHipsSvc.exe" not found
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not found
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus\log\BAVSvc.log" not found
"C:\Program Files (x86)\Baidu Security" not found
"C:\Program Files (x86)\Baidu Security\Baidu Antivirus" not found
==== EOF on 22/02/2014 at 16:18:02,28 ======================
GuiiChaves- Iniciante
- Mensagens : 13
Reputação : 0
Data de inscrição : 22/02/2014
Re: Baidu Security,não sai do meu pc de jeito nenhum
por Power Max Sáb 22 Fev 2014, 16:31
Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]* Copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Sáb 22 Fev 2014, 16:55, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Baidu Security,não sai do meu pc de jeito nenhum
por GuiiChaves Sáb 22 Fev 2014, 16:52
Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by GUILHERME on 22/02/2014 at 16:32:33,13.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\GUILHERME\Downloads\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-02-22-184201.log 37069 bytes
C:\zoek-results2014-02-22-191802.log 14226 bytes
==== System Restore Info ======================
22/02/2014 16:33:23 Zoek.exe System Restore Point Created Succesfully.
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
==== Deleting Files \ Folders ======================
C:\Program Files (x86)\Baidu Security not found
C:\Program Files (x86)\Baidu Security\Baidu Antivirus not found
C:\ProgramData\Baidu deleted
==== Folders Found ======================
2014-02-22 17:56:31 2014-02-22 17:56:31 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-02-22 19:13:12 2014-02-22 19:13:12 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-02-22 19:13:12 2014-02-22 19:13:12 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-02-22 19:33:31 2014-02-22 19:33:31 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-02-22 18:36:07 2014-02-22 18:36:07 -------- d---a-w- C:\zoek_backup\C_PROGRA~3_Baidu
2014-02-22 19:33:31 2014-02-22 19:33:31 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-02-22 19:13:12 2014-02-22 19:13:12 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
==== Files Found ======================
--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3432
Created time: 2014-02-22 18:36:07
Modified time: 2014-02-19 02:25:49
MD5: B0506D581BFA1A49B921098127C7EEA0
SHA1: 7596F6A896E024451AF24D2F7743F2AFCCCC1418
==== Registry Search Results for "Baidu" ======================
No instances of string "Baidu" found.
==== C:\zoek_backup content ======================
C:\zoek_backup (files=54 folders=28 15083896 bytes)
==== EOF on 22/02/2014 at 16:34:43,10 ======================
Tool run by GUILHERME on 22/02/2014 at 16:32:33,13.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\GUILHERME\Downloads\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-02-22-184201.log 37069 bytes
C:\zoek-results2014-02-22-191802.log 14226 bytes
==== System Restore Info ======================
22/02/2014 16:33:23 Zoek.exe System Restore Point Created Succesfully.
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-21-1015031960-3485201159-700253023-1000\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
==== Deleting Files \ Folders ======================
C:\Program Files (x86)\Baidu Security not found
C:\Program Files (x86)\Baidu Security\Baidu Antivirus not found
C:\ProgramData\Baidu deleted
==== Folders Found ======================
2014-02-22 17:56:31 2014-02-22 17:56:31 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-02-22 19:13:12 2014-02-22 19:13:12 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-02-22 19:13:12 2014-02-22 19:13:12 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-02-22 19:33:31 2014-02-22 19:33:31 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-02-22 18:36:07 2014-02-22 18:36:07 -------- d---a-w- C:\zoek_backup\C_PROGRA~3_Baidu
2014-02-22 19:33:31 2014-02-22 19:33:31 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-02-22 19:13:12 2014-02-22 19:13:12 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
==== Files Found ======================
--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3432
Created time: 2014-02-22 18:36:07
Modified time: 2014-02-19 02:25:49
MD5: B0506D581BFA1A49B921098127C7EEA0
SHA1: 7596F6A896E024451AF24D2F7743F2AFCCCC1418
==== Registry Search Results for "Baidu" ======================
No instances of string "Baidu" found.
==== C:\zoek_backup content ======================
C:\zoek_backup (files=54 folders=28 15083896 bytes)
==== EOF on 22/02/2014 at 16:34:43,10 ======================
GuiiChaves- Iniciante
- Mensagens : 13
Reputação : 0
Data de inscrição : 22/02/2014
Re: Baidu Security,não sai do meu pc de jeito nenhum
por Power Max Sáb 22 Fev 2014, 16:56
Faça o download do < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )|- Desabilite temporariamente seu antivírus para evitar conflitos e execute "ZHPDiag2.exe", para instalar a ferramenta.
|- Execute o ícone do pergaminho. ( ZHPDiag )
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Baidu Security,não sai do meu pc de jeito nenhum
por GuiiChaves Sáb 22 Fev 2014, 17:03
~ Relatório do ZHPDiag v2014.2.17.15 - Nicolas Coolman (17/02/2014)
~ Iniciado por GUILHERME (22/02/2014 17:00:27)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 27.0.1 (Defaut)
GCIE: Google Chrome v33.0.1750.117
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2013
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader 8 - Português
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 145 GB (74%) free of 195 GB
---\\ Modo de conexão ao sistema
~ Computer Name: GUILHERME-PC
~ User Name: GUILHERME
~ All Users Names: UpdatusUser, HomeGroupUser$, GUILHERME, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\GUILHERME\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\GUILHERME\AppData\Roaming\
~ %Desktop% : C:\Users\GUILHERME\Desktop\
~ %Favorites% : C:\Users\GUILHERME\Favorites\
~ %LocalAppData% : C:\Users\GUILHERME\AppData\Local\
~ %StartMenu% : C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 145 Go of 195 Go)
D: Hard drive, Flash drive, Thumb drive (Free 181 Go of 270 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 48 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.C235A51CB740E45FFA0EBFB9BAFCDA64] - (.Microsoft Corporation - Windows Explorer.) (.13/07/2009 - 22:39:10.) -- C:\Windows\Explorer.exe [2868224]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.B1037F0131C9A010D611F6914E03CD92] - (.Microsoft Corporation - Internet Extensions para Win32.) (.13/07/2009 - 22:41:56.) -- C:\Windows\System32\wininet.dll [1193472]
[MD5.132328DF455B0028F13BF0ABEE51A63A] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Winlogon.exe [389120]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.13/07/2009 - 22:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.B9384E03479D2506BC924C16A3DB87BC] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/07/2009 - 20:21:42.) -- C:\Windows\system32\Drivers\AFD.sys [500224]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.3F1DC527070ACB87E40AFE46EF6DA749] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.13/07/2009 - 20:23:44.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 21:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.CFDCD8CA87C2A657DEBC150AC35B5E08] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/07/2009 - 20:24:00.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157184]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.356698A13C4630D5B31C37378D469196] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.13/07/2009 - 22:48:27.) -- C:\Windows\system32\Drivers\ntfs.sys [1659984]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 21:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:18:02.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.13/07/2009 - 22:45:55.) -- C:\Windows\system32\Drivers\volsnap.sys [294992]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 1/91
~ Mon Bureau (My Desktop) : 1/453
~ Menu demarrer (Programs) : 1/31
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.A78AAB0D2D70EF7DD56B7328AC502059] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096] [PID.2588]
[MD5.D9184C5FF3FD526761D518A95ABA74A3] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.3252]
[MD5.FF409C974A9AD58B82374DEEF6B44CBB] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.2344]
[MD5.A59B4D6B265DAF07BDE19C0D187AD4E3] - (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe [1863048] [PID.3500]
[MD5.AB44884BC129FC04D75A4649E0710203] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8338432] [PID.848]
[MD5.FAF7BF30B496E839A87C024E309B2A3F] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [382312] [PID.800]
[MD5.CC42F104172B4A62793083D380867317] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1412]
[MD5.3A2E85F7D90D15460C337CE80C2E3B29] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe [76888] [PID.1700]
[MD5.318706813FB613072A688F2653B0689F] - (.Banco Bradesco S.A. - scpVista.) -- C:\Program Files (x86)\Scpad\scpVista.exe [360624] [PID.1800]
[MD5.16775FC73AC10DA31CF61382B1927FA4] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1258856] [PID.4012]
~ Processes Running: Scanned in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
~ BHO: 5 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! WebRep - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Program Files (x86)\ts3client_win64.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [GUILHERME]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [GUILHERME]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [GUILHERME]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [GUILHERME]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [GUILHERME]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [GUILHERME]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [GUILHERME]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [GUILHERME]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [GUILHERME]: Ares.lnk . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - GS\Desktop [GUILHERME]: GGMM.lnk . (...) -- C:\Program Files (x86)\Rockstar Games\GTA San Andreas\GGMM.exe
O4 - GS\Desktop [GUILHERME]: Gta San Andreas.lnk . (...) -- C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe
O4 - GS\Desktop [GUILHERME]: MK - Atalho.lnk . (.MK - MK Main Exec.) -- C:\Program Files (x86)\MKJogo\MKLOL\MK.exe
O4 - GS\Desktop [GUILHERME]: Multi Theft Auto.lnk . (.Multi Theft Auto - Multi Theft Auto Launcher.) -- C:\Program Files (x86)\Rockstar Games\GTA San Andreas\Multi Theft Auto.exe
O4 - GS\Desktop [GUILHERME]: samp - Atalho.lnk . (...) -- C:\Program Files (x86)\Rockstar Games\GTA San Andreas\samp.exe
~ Global Startup: 70 Legitimates Filtered in 00mn 00s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKCU\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1015031960-3485201159-700253023-1000\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKUS\S-1-5-21-1015031960-3485201159-700253023-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
~ Application: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{908790A3-6690-495B-B460-618A1803A55C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{931B5818-2738-48C6-9325-D146EFD03620}: DhcpNameServer = 192.168.254.254 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{931B5818-2738-48C6-9325-D146EFD03620}: DhcpDomain = domain.invalid
O17 - HKLM\System\CS1\Services\Tcpip\..\{908790A3-6690-495B-B460-618A1803A55C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{931B5818-2738-48C6-9325-D146EFD03620}: DhcpNameServer = 192.168.254.254 192.168.254.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{931B5818-2738-48C6-9325-D146EFD03620}: DhcpDomain = domain.invalid
O17 - HKLM\System\CS2\Services\Tcpip\..\{908790A3-6690-495B-B460-618A1803A55C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{931B5818-2738-48C6-9325-D146EFD03620}: DhcpNameServer = 192.168.254.254 192.168.254.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{931B5818-2738-48C6-9325-D146EFD03620}: DhcpDomain = domain.invalid
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254 192.168.254.254
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
~ Services: 7 Legitimates Filtered in 00mn 03s
---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\update-S-1-5-21-1015031960-3485201159-700253023-1000.job [396]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\update-sys.job [396]
[MD5.71D63875DB82FB0BF3FAA16206761681] [APT] [update-S-1-5-21-1015031960-3485201159-700253023-1000] (...) -- C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [112416]
[MD5.71D63875DB82FB0BF3FAA16206761681] [APT] [update-sys] (...) -- C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [112416]
~ Scheduled Task: 11 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ares]
[HKCU\Software\DefaultCompany]
[HKCU\Software\SaveSense] =>PUP.SaveSense
[HKCU\Software\Subvert Games]
~ Key Software: 148 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/02/2014 - 20:50:30 - [0,232] ----D C:\Program Files (x86)\accessible
O43 - CFD: 12/02/2014 - 23:40:47 - [4,783] ----D C:\Program Files (x86)\Ares
O43 - CFD: 11/02/2014 - 20:50:30 - [0,367] ----D C:\Program Files (x86)\gfx
O43 - CFD: 11/02/2014 - 20:50:30 - [0,257] ----D C:\Program Files (x86)\imageformats
O43 - CFD: 11/02/2014 - 20:50:30 - [0,592] ----D C:\Program Files (x86)\news
O43 - CFD: 11/02/2014 - 20:50:31 - [0,937] ----D C:\Program Files (x86)\pluginsdk
O43 - CFD: 22/02/2014 - 00:04:05 - [2,065] ----D C:\Program Files (x86)\Scpad
O43 - CFD: 11/02/2014 - 20:50:30 - [20,346] ----D C:\Program Files (x86)\sound
O43 - CFD: 11/02/2014 - 20:50:30 - [0,594] ----D C:\Program Files (x86)\soundbackends
O43 - CFD: 11/02/2014 - 20:50:30 - [0,596] ----D C:\Program Files (x86)\sqldrivers
O43 - CFD: 11/02/2014 - 20:50:30 - [0,141] ----D C:\Program Files (x86)\styles
O43 - CFD: 13/02/2014 - 18:26:38 - [0,779] ----D C:\Users\GUILHERME\AppData\Roaming\Scpad
O43 - CFD: 12/02/2014 - 23:41:55 - [0,273] ----D C:\Users\GUILHERME\AppData\Local\Ares
~ Program Folder: 110 Legitimates Filtered in 00mn 04s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.5786BD70CFAA47406C497E7662ED948B] - 11/02/2014 - 12:36:47 ---A- . (...) -- C:\Windows\TSSysprep.log [1313]
O44 - LFC:[MD5.E765CA5F973A0B380C324AE8215211EC] - 11/02/2014 - 12:36:51 ---A- . (...) -- C:\Windows\DtcInstall.log [1774]
O44 - LFC:[MD5.BF685126759D753174A185711CCFF21A] - 11/02/2014 - 13:21:18 ---A- . (...) -- C:\Windows\System32\nvinfo.pb [16048]
O44 - LFC:[MD5.8B138ED363128BFF2C2E1E7FEA9793B4] - 11/02/2014 - 16:31:28 ---A- . (...) -- C:\Windows\avisplitter.ini [38]
O44 - LFC:[MD5.DEE49A966563F4B09DAAC9209EBD558D] - 11/02/2014 - 16:44:34 ---A- . (...) -- C:\Windows\DirectX.log [37043]
O44 - LFC:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 18/02/2014 - 23:26:00 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O44 - LFC:[MD5.DFC1681F6645CB2AEA83897588F05362] - 18/02/2014 - 23:26:02 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O44 - LFC:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 18/02/2014 - 23:26:03 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 18/02/2014 - 23:27:15 --HA- . (...) -- C:\Windows\wusa.lock [0]
O44 - LFC:[MD5.B3DEF5585260124062B4C33C05A39634] - 21/02/2014 - 20:23:57 ---A- . (...) -- C:\Windows\ntbtlog.txt [170602]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/02/2014 - 20:53:06 ---A- . (...) -- C:\autoexec.bat [0]
O44 - LFC:[MD5.C3643B12BBB7544B26E07A19DFDE2D24] - 22/02/2014 - 15:42:01 ---A- . (...) -- C:\zoek-results2014-02-22-184201.log [37069]
O44 - LFC:[MD5.D398F77132C6D66086AE0D373AC3AA83] - 22/02/2014 - 16:18:02 ---A- . (...) -- C:\zoek-results2014-02-22-191802.log [14226]
O44 - LFC:[MD5.8043BD8644F5B3A6FA32E741DD7CA261] - 22/02/2014 - 16:21:50 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [124724]
O44 - LFC:[MD5.E887EDDA6202F5C1CC4EFBE6A494FB2B] - 22/02/2014 - 16:21:50 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [654272]
O44 - LFC:[MD5.E966E51C202FADC0BD636029B62CF0DA] - 22/02/2014 - 16:34:43 ---A- . (...) -- C:\zoek-results.log [3664]
~ Files: 145 Legitimates Filtered in 00mn 06s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoWindowsUpdate"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoAutoUpdate"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 12/02/2014 - 18:55:42 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 12/02/2014 - 18:55:42 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 18 Legitimates Filtered in 00mn 01s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 112 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.301A385231AF91EA6AEBB973DB9F2850] [SPRF][23/10/2013] (...) -- C:\Program Files (x86)\createfileassoc.exe [110106]
[MD5.422F635972E08DFC48BD0BB018639D77] [SPRF][23/10/2013] (.Overwolf - Overwolf Installer.) -- C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe [1056184]
~ Files: 10 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{63DAF53C-C35C-43FA-83C9-45DF00B5A571}C:\program files (x86)\ares\ares.exe" | In - Private - P6 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe
O87 - FAEL: "UDP Query User{AD6CC03E-FDEC-4374-9CE8-3468F14BC31B}C:\program files (x86)\ares\ares.exe" | In - Private - P17 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe
O87 - FAEL: "TCP Query User{76269A30-0A38-4D32-B005-9BF210C92EE0}C:\users\guilherme\desktop\of guards and thieves\ogat.exe" | In - Private - P6 - TRUE | .(...) -- C:\users\guilherme\desktop\of guards and thieves\ogat.exe
O87 - FAEL: "UDP Query User{7A1A0974-D67A-413F-A9D8-8A543A748426}C:\users\guilherme\desktop\of guards and thieves\ogat.exe" | In - Private - P17 - TRUE | .(...) -- C:\users\guilherme\desktop\of guards and thieves\ogat.exe
~ Firewall: 206 Legitimates Filtered in 00mn 00s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 11/02/2014 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/02/2014 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 15/02/2014 118896 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 10/11/2006 774144 | (NBService) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Demand 27/01/2014 571816 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Auto 12/02/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 11/06/2012 891240 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 12/06/2012 1258856 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 10/07/1658 0 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SR - | Auto 24/10/2012 360624 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SR - | Auto 11/06/2012 382312 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 02s
---\\ Scâner Aditional (088)
Database Version : 13031 - (17/02/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus] =>Adware.BDSearch
[HKCU\Software\SaveSense] =>PUP.SaveSense^
~ Additionnel Scan: 226749 Items scanned in 00mn 23s
---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SaveSense
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ MSI: 2 link(s) detected in 00mn 23s
~ 987 Legitimates filtered by white list
End of the scan (405 lines in 00mn 58s)(0)
~ Iniciado por GUILHERME (22/02/2014 17:00:27)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Activate by user
---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.7600.16385
MFIE: Mozilla Firefox 27.0.1 (Defaut)
GCIE: Google Chrome v33.0.1750.117
---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Windows 7 Ultimate, 64-bit (Build 7600)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Softwares de proteçao do sistema
avast! Free Antivirus v9.0.2013
Windows Defender W7
---\\ Softwares d'optimização do sistema
---\\ Softwares de partilha do PeerToPeer (P2P)
---\\ Monitoramento dos softwares
Adobe Flash Player 12 Plugin
Adobe Reader 8 - Português
---\\ Informações sobre o sistema
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 145 GB (74%) free of 195 GB
---\\ Modo de conexão ao sistema
~ Computer Name: GUILHERME-PC
~ User Name: GUILHERME
~ All Users Names: UpdatusUser, HomeGroupUser$, GUILHERME, Convidado, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator
---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Users\GUILHERME\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\GUILHERME\AppData\Roaming\
~ %Desktop% : C:\Users\GUILHERME\Desktop\
~ %Favorites% : C:\Users\GUILHERME\Favorites\
~ %LocalAppData% : C:\Users\GUILHERME\AppData\Local\
~ %StartMenu% : C:\Users\GUILHERME\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 145 Go of 195 Go)
D: Hard drive, Flash drive, Thumb drive (Free 181 Go of 270 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Estado do Centro de Segurança do Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 48 Legitimates Filtered in 00mn 00s
---\\ Pesquisa particular de ficheiros genéricos
[MD5.C235A51CB740E45FFA0EBFB9BAFCDA64] - (.Microsoft Corporation - Windows Explorer.) (.13/07/2009 - 22:39:10.) -- C:\Windows\Explorer.exe [2868224]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.B1037F0131C9A010D611F6914E03CD92] - (.Microsoft Corporation - Internet Extensions para Win32.) (.13/07/2009 - 22:41:56.) -- C:\Windows\System32\wininet.dll [1193472]
[MD5.132328DF455B0028F13BF0ABEE51A63A] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.13/07/2009 - 22:39:52.) -- C:\Windows\System32\Winlogon.exe [389120]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.13/07/2009 - 22:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.B9384E03479D2506BC924C16A3DB87BC] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/07/2009 - 20:21:42.) -- C:\Windows\system32\Drivers\AFD.sys [500224]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.3F1DC527070ACB87E40AFE46EF6DA749] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.13/07/2009 - 20:23:44.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 21:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 21:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.CFDCD8CA87C2A657DEBC150AC35B5E08] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/07/2009 - 20:24:00.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157184]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.356698A13C4630D5B31C37378D469196] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.13/07/2009 - 22:48:27.) -- C:\Windows\system32\Drivers\ntfs.sys [1659984]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 21:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 21:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:18:02.) -- C:\Windows\system32\Drivers\rdpdr.sys [165376]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 21:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.13/07/2009 - 22:45:55.) -- C:\Windows\system32\Drivers\volsnap.sys [294992]
~ Generic Processes: Scanned in 00mn 00s
---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 1/91
~ Mon Bureau (My Desktop) : 1/453
~ Menu demarrer (Programs) : 1/31
~ Hidden Files: Scanned in 00mn 00s
---\\ Processos lançados
[MD5.A78AAB0D2D70EF7DD56B7328AC502059] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096] [PID.2588]
[MD5.D9184C5FF3FD526761D518A95ABA74A3] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.3252]
[MD5.FF409C974A9AD58B82374DEEF6B44CBB] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.2344]
[MD5.A59B4D6B265DAF07BDE19C0D187AD4E3] - (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe [1863048] [PID.3500]
[MD5.AB44884BC129FC04D75A4649E0710203] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8338432] [PID.848]
[MD5.FAF7BF30B496E839A87C024E309B2A3F] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [382312] [PID.800]
[MD5.CC42F104172B4A62793083D380867317] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1412]
[MD5.3A2E85F7D90D15460C337CE80C2E3B29] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe [76888] [PID.1700]
[MD5.318706813FB613072A688F2653B0689F] - (.Banco Bradesco S.A. - scpVista.) -- C:\Program Files (x86)\Scpad\scpVista.exe [360624] [PID.1800]
[MD5.16775FC73AC10DA31CF61382B1927FA4] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1258856] [PID.4012]
~ Processes Running: Scanned in 00mn 00s
---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects do navegador (02)
O2 - BHO: CompSegIB [64Bits] - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Banco Bradesco S.A. - scpsssh2 Module.) -- C:\Program Files (x86)\Scpad\scpsssh2.dll
~ BHO: 5 Legitimates Filtered in 00mn 00s
---\\ Barras do Internet Explorer (03))
O3 - Toolbar: avast! WebRep - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã
~ Toolbar: Scanned in 00mn 00s
---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Program Files (x86)\ts3client_win64.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [GUILHERME]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [GUILHERME]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [GUILHERME]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [GUILHERME]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [GUILHERME]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [GUILHERME]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [GUILHERME]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [GUILHERME]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [GUILHERME]: Ares.lnk . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - GS\Desktop [GUILHERME]: GGMM.lnk . (...) -- C:\Program Files (x86)\Rockstar Games\GTA San Andreas\GGMM.exe
O4 - GS\Desktop [GUILHERME]: Gta San Andreas.lnk . (...) -- C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe
O4 - GS\Desktop [GUILHERME]: MK - Atalho.lnk . (.MK - MK Main Exec.) -- C:\Program Files (x86)\MKJogo\MKLOL\MK.exe
O4 - GS\Desktop [GUILHERME]: Multi Theft Auto.lnk . (.Multi Theft Auto - Multi Theft Auto Launcher.) -- C:\Program Files (x86)\Rockstar Games\GTA San Andreas\Multi Theft Auto.exe
O4 - GS\Desktop [GUILHERME]: samp - Atalho.lnk . (...) -- C:\Program Files (x86)\Rockstar Games\GTA San Andreas\samp.exe
~ Global Startup: 70 Legitimates Filtered in 00mn 00s
---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKCU\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1015031960-3485201159-700253023-1000\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe
O4 - HKUS\S-1-5-21-1015031960-3485201159-700253023-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
~ Application: Scanned in 00mn 00s
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{908790A3-6690-495B-B460-618A1803A55C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{931B5818-2738-48C6-9325-D146EFD03620}: DhcpNameServer = 192.168.254.254 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{931B5818-2738-48C6-9325-D146EFD03620}: DhcpDomain = domain.invalid
O17 - HKLM\System\CS1\Services\Tcpip\..\{908790A3-6690-495B-B460-618A1803A55C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{931B5818-2738-48C6-9325-D146EFD03620}: DhcpNameServer = 192.168.254.254 192.168.254.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{931B5818-2738-48C6-9325-D146EFD03620}: DhcpDomain = domain.invalid
O17 - HKLM\System\CS2\Services\Tcpip\..\{908790A3-6690-495B-B460-618A1803A55C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{931B5818-2738-48C6-9325-D146EFD03620}: DhcpNameServer = 192.168.254.254 192.168.254.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{931B5818-2738-48C6-9325-D146EFD03620}: DhcpDomain = domain.invalid
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254 192.168.254.254
~ Domain: Scanned in 00mn 00s
---\\ Protocolo adicional (018)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Lista dos serviços NT não Microsoft e não desativados (023)
O23 - Service: scpVista (scpVista) . (.Banco Bradesco S.A. - scpVista.) - C:\Program Files (x86)\Scpad\scpVista.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
~ Services: 7 Legitimates Filtered in 00mn 03s
---\\ Tarefas planificadas automaticamente (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\update-S-1-5-21-1015031960-3485201159-700253023-1000.job [396]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\update-sys.job [396]
[MD5.71D63875DB82FB0BF3FAA16206761681] [APT] [update-S-1-5-21-1015031960-3485201159-700253023-1000] (...) -- C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [112416]
[MD5.71D63875DB82FB0BF3FAA16206761681] [APT] [update-sys] (...) -- C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [112416]
~ Scheduled Task: 11 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ares]
[HKCU\Software\DefaultCompany]
[HKCU\Software\SaveSense] =>PUP.SaveSense
[HKCU\Software\Subvert Games]
~ Key Software: 148 Legitimates Filtered in 00mn 00s
---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/02/2014 - 20:50:30 - [0,232] ----D C:\Program Files (x86)\accessible
O43 - CFD: 12/02/2014 - 23:40:47 - [4,783] ----D C:\Program Files (x86)\Ares
O43 - CFD: 11/02/2014 - 20:50:30 - [0,367] ----D C:\Program Files (x86)\gfx
O43 - CFD: 11/02/2014 - 20:50:30 - [0,257] ----D C:\Program Files (x86)\imageformats
O43 - CFD: 11/02/2014 - 20:50:30 - [0,592] ----D C:\Program Files (x86)\news
O43 - CFD: 11/02/2014 - 20:50:31 - [0,937] ----D C:\Program Files (x86)\pluginsdk
O43 - CFD: 22/02/2014 - 00:04:05 - [2,065] ----D C:\Program Files (x86)\Scpad
O43 - CFD: 11/02/2014 - 20:50:30 - [20,346] ----D C:\Program Files (x86)\sound
O43 - CFD: 11/02/2014 - 20:50:30 - [0,594] ----D C:\Program Files (x86)\soundbackends
O43 - CFD: 11/02/2014 - 20:50:30 - [0,596] ----D C:\Program Files (x86)\sqldrivers
O43 - CFD: 11/02/2014 - 20:50:30 - [0,141] ----D C:\Program Files (x86)\styles
O43 - CFD: 13/02/2014 - 18:26:38 - [0,779] ----D C:\Users\GUILHERME\AppData\Roaming\Scpad
O43 - CFD: 12/02/2014 - 23:41:55 - [0,273] ----D C:\Users\GUILHERME\AppData\Local\Ares
~ Program Folder: 110 Legitimates Filtered in 00mn 04s
---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.5786BD70CFAA47406C497E7662ED948B] - 11/02/2014 - 12:36:47 ---A- . (...) -- C:\Windows\TSSysprep.log [1313]
O44 - LFC:[MD5.E765CA5F973A0B380C324AE8215211EC] - 11/02/2014 - 12:36:51 ---A- . (...) -- C:\Windows\DtcInstall.log [1774]
O44 - LFC:[MD5.BF685126759D753174A185711CCFF21A] - 11/02/2014 - 13:21:18 ---A- . (...) -- C:\Windows\System32\nvinfo.pb [16048]
O44 - LFC:[MD5.8B138ED363128BFF2C2E1E7FEA9793B4] - 11/02/2014 - 16:31:28 ---A- . (...) -- C:\Windows\avisplitter.ini [38]
O44 - LFC:[MD5.DEE49A966563F4B09DAAC9209EBD558D] - 11/02/2014 - 16:44:34 ---A- . (...) -- C:\Windows\DirectX.log [37043]
O44 - LFC:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 18/02/2014 - 23:26:00 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O44 - LFC:[MD5.DFC1681F6645CB2AEA83897588F05362] - 18/02/2014 - 23:26:02 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O44 - LFC:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 18/02/2014 - 23:26:03 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 18/02/2014 - 23:27:15 --HA- . (...) -- C:\Windows\wusa.lock [0]
O44 - LFC:[MD5.B3DEF5585260124062B4C33C05A39634] - 21/02/2014 - 20:23:57 ---A- . (...) -- C:\Windows\ntbtlog.txt [170602]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/02/2014 - 20:53:06 ---A- . (...) -- C:\autoexec.bat [0]
O44 - LFC:[MD5.C3643B12BBB7544B26E07A19DFDE2D24] - 22/02/2014 - 15:42:01 ---A- . (...) -- C:\zoek-results2014-02-22-184201.log [37069]
O44 - LFC:[MD5.D398F77132C6D66086AE0D373AC3AA83] - 22/02/2014 - 16:18:02 ---A- . (...) -- C:\zoek-results2014-02-22-191802.log [14226]
O44 - LFC:[MD5.8043BD8644F5B3A6FA32E741DD7CA261] - 22/02/2014 - 16:21:50 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [124724]
O44 - LFC:[MD5.E887EDDA6202F5C1CC4EFBE6A494FB2B] - 22/02/2014 - 16:21:50 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [654272]
O44 - LFC:[MD5.E966E51C202FADC0BD636029B62CF0DA] - 22/02/2014 - 16:34:43 ---A- . (...) -- C:\zoek-results.log [3664]
~ Files: 145 Legitimates Filtered in 00mn 06s
---\\ Enumeração das chaves do registo PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumeração das chaves do registo PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoWindowsUpdate"=1
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoAutoUpdate"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s
---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.C04F7B373881009D7994D9BF55D24AB4] - 12/02/2014 - 18:55:42 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.90399625F341AB76BA4B85A5E860EB1F] - 12/02/2014 - 18:55:42 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [207904]
O58 - SDL:[MD5.37F5CDA64FC515B3072531C1187EDCCA] - 21/01/2014 - 11:14:40 ---A- . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\Drivers\Bfilter.sys [52032] =>Adware.BDSearch
O58 - SDL:[MD5.DFC1681F6645CB2AEA83897588F05362] - 21/01/2014 - 11:14:50 ---A- . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\Drivers\Bfmon.sys [34624] =>Adware.BDSearch
O58 - SDL:[MD5.F4C1984178175ACE4A75BE23059C3E0A] - 21/01/2014 - 07:01:36 ---A- . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\Drivers\Bprotect.sys [128992] =>Adware.BDSearch
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 13/07/2009 - 22:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 17:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 22:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 18 Legitimates Filtered in 00mn 01s
---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 112 Legitimates Filtered in 00mn 00s
---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s
---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.301A385231AF91EA6AEBB973DB9F2850] [SPRF][23/10/2013] (...) -- C:\Program Files (x86)\createfileassoc.exe [110106]
[MD5.422F635972E08DFC48BD0BB018639D77] [SPRF][23/10/2013] (.Overwolf - Overwolf Installer.) -- C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe [1056184]
~ Files: 10 Legitimates Filtered in 00mn 00s
---\\ Lista das exceções do FireWall (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{63DAF53C-C35C-43FA-83C9-45DF00B5A571}C:\program files (x86)\ares\ares.exe" | In - Private - P6 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe
O87 - FAEL: "UDP Query User{AD6CC03E-FDEC-4374-9CE8-3468F14BC31B}C:\program files (x86)\ares\ares.exe" | In - Private - P17 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe
O87 - FAEL: "TCP Query User{76269A30-0A38-4D32-B005-9BF210C92EE0}C:\users\guilherme\desktop\of guards and thieves\ogat.exe" | In - Private - P6 - TRUE | .(...) -- C:\users\guilherme\desktop\of guards and thieves\ogat.exe
O87 - FAEL: "UDP Query User{7A1A0974-D67A-413F-A9D8-8A543A748426}C:\users\guilherme\desktop\of guards and thieves\ogat.exe" | In - Private - P17 - TRUE | .(...) -- C:\users\guilherme\desktop\of guards and thieves\ogat.exe
~ Firewall: 206 Legitimates Filtered in 00mn 00s
---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Auto 11/02/2014 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 11/02/2014 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 15/02/2014 118896 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 10/11/2006 774144 | (NBService) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
SS - | Demand 27/01/2014 571816 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Auto 12/02/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 11/06/2012 891240 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 12/06/2012 1258856 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 10/07/1658 0 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SR - | Auto 24/10/2012 360624 | (scpVista) . (.Banco Bradesco S.A..) - C:\Program Files (x86)\Scpad\scpVista.exe
SR - | Auto 11/06/2012 382312 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 13/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 13/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 02s
---\\ Scâner Aditional (088)
Database Version : 13031 - (17/02/2014)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 1
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus] =>Adware.BDSearch
[HKCU\Software\SaveSense] =>PUP.SaveSense^
~ Additionnel Scan: 226749 Items scanned in 00mn 23s
---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>PUP.SaveSense
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ MSI: 2 link(s) detected in 00mn 23s
~ 987 Legitimates filtered by white list
End of the scan (405 lines in 00mn 58s)(0)
GuiiChaves- Iniciante
- Mensagens : 13
Reputação : 0
Data de inscrição : 22/02/2014
Re: Baidu Security,não sai do meu pc de jeito nenhum
por Power Max Sáb 22 Fev 2014, 17:21
Copie todo o texto destacado em vermelho que te passei (começando em script zhpfix e indo até SysRestore)_____________________________________________________________________________________________________________
Vá no menu: Iniciar > Todos os programas > ZHP > Abra o Zhpfix > Clique em Importação > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta.
Última edição por Power Max em Sáb 22 Fev 2014, 17:32, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Baidu Security,não sai do meu pc de jeito nenhum
por GuiiChaves Sáb 22 Fev 2014, 17:29
Rapport de ZHPFix 2014.2.16.5 par Nicolas Coolman, Update du 16/02/2014
Fichier d'export Registre :
Run by GUILHERME at 22/02/2014 17:28:28
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit (Build 7600)
Reciclagem vazia (00mn 08s)
Reparação de atalhos do navegador
========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\SaveSense
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus
========== Valores do Registo ==========
ELIMINÉ: Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (5) (39.108 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
2 : Chaves do Registo
7 : Valores do Registo
1 : Pastas
5 : Ficheiros
1 : Restauração Sistema
End of clean in 00mn 18s
========== Caminho do ficheiro do relatório ==========
C:\Users\GUILHERME\AppData\Roaming\ZHP\ZHPFix[R1].txt - 22/02/2014 17:28:36 [1446]
Fichier d'export Registre :
Run by GUILHERME at 22/02/2014 17:28:28
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 64-bit (Build 7600)
Reciclagem vazia (00mn 08s)
Reparação de atalhos do navegador
========== Chaves do Registo ==========
ELIMINÉ: HKCU\Software\SaveSense
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus
========== Valores do Registo ==========
ELIMINÉ: Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F}
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ Temporários windows (5) (39.108 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
2 : Chaves do Registo
7 : Valores do Registo
1 : Pastas
5 : Ficheiros
1 : Restauração Sistema
End of clean in 00mn 18s
========== Caminho do ficheiro do relatório ==========
C:\Users\GUILHERME\AppData\Roaming\ZHP\ZHPFix[R1].txt - 22/02/2014 17:28:36 [1446]
GuiiChaves- Iniciante
- Mensagens : 13
Reputação : 0
Data de inscrição : 22/02/2014
Re: Baidu Security,não sai do meu pc de jeito nenhum
por Power Max Sáb 22 Fev 2014, 17:31
Reinicie seu PC e nos diga depois, por gentileza, como está o PC após estas limpezas.Ficamos na espera.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Baidu Security,não sai do meu pc de jeito nenhum
por GuiiChaves Sáb 22 Fev 2014, 17:47
Power Max escreveu:
Ficamos na espera.
Nossa, Muito obrigado, muito obrigado mesmo, O baidu sumiu completamente do meu pc, Finalmente consegui me livrar desta praga,
Parabêns pela organização e pelo atendimento, Obrigado novamente !
GuiiChaves- Iniciante
- Mensagens : 13
Reputação : 0
Data de inscrição : 22/02/2014
Re: Baidu Security,não sai do meu pc de jeito nenhum
por Power Max Sáb 22 Fev 2014, 17:48
Fico feliz que o problema tenha sido resolvido.Só para finalizar faça estes últimos procedimentos, por gentileza:
Instale o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (caso já tenha ele, não precisa instalar de novo).Abra o Ccleaner > clique no botão Limpeza > clique na opção Executar Limpeza. Isto é demonstrado na imagem abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Confirme a operação acima clicando no botão OK. Aguarde a conclusão do procedimento.
Depois disto, clique no botão botão Registro > Procurar Erros > Corrigir erro(s) selecionado(s) > neste momento você poderá optar por fazer uma cópia das alterações que serão feitas no registro (por motivos de segurança), escolha a opção que desejar (sim ou não) > e confirme a limpeza clicando no botão Corrigir todos os erros selecionados > clique no botão Fechar (ou OK):
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
__________________________________________________________________________________________________________________ Depois disto siga também as dicas deste tutorial abaixo:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Xplode) e salve no Desktop (Área de Trabalho)*Depois disto é só executá-lo, deixar selecionadas as opções Remove disinfection tools e Purge system restore
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Clique em [Run]
Depois de executar o Delfix conforme descrito acima, é só deletar o DelFix e o arquivo C:\DelFix.txt
_______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Baidu Security,não sai do meu pc de jeito nenhum
por Power Max Sáb 22 Fev 2014, 19:41
CASO RESOLVIDO
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Tópicos semelhantes» o baidu nao sai do meu pc de jeito nenhum
» O baidu nao sai do meu pc de jeito nenhum
» Como excluir a pasta Baidu Security do meu PC ?
» Baidu Antivirus x Kaspersky Internet Security 2014
» Problemas com o Baidu Security..
» O baidu nao sai do meu pc de jeito nenhum
» Como excluir a pasta Baidu Security do meu PC ?
» Baidu Antivirus x Kaspersky Internet Security 2014
» Problemas com o Baidu Security..
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos|
|
|