Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 20 usuários online :: 0 registrados, 0 invisíveis e 20 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
Remoção do Baidu após Adw, JRT, Hijack, Revo e Ccleaner?
2 participantes
Página 1 de 1
Remoção do Baidu após Adw, JRT, Hijack, Revo e Ccleaner?
Olá, primeiro de tudo gostaria de agradecer pelo serviço prestado nesse fórum.
Bem, estou tentando me livrar do Baidu desde ontem quando baixei o programa Alcohol 120 e o mesmo estava infectado.
Já rodei o Adw, JRT, Hijack This, Revo e Ccleaner, nessa mesma ordem. Também baixei o OLE mas nao sei mexer. Durante toda esta operação o pc parece que voltou a velocidade normal mas a ameaça segue iminente.
Vou colocar os dados encontrados pelo ADW Cleaner e em anexo os logs do JRT, pode ser?
# AdwCleaner v3.023 - Relatório criado 06/04/2014 às 04:02:02
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 8 Single Language (64 bits)
# Usuário : TICIANO - PC-TÉCE
# Executando de : C:\Users\TICIANO\Desktop\adwcleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\AlawarWrapper
Pasta Deletada : C:\Program Files (x86)\Conduit
Pasta Deletada : C:\Program Files (x86)\TVersitybar
Pasta Deletada : C:\Users\TICIANO\AppData\Local\genienext
Pasta Deletada : C:\Users\TICIANO\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\TICIANO\AppData\LocalLow\Conduit
Pasta Deletada : C:\Users\TICIANO\AppData\LocalLow\TVersitybar
Pasta Deletada : C:\Users\TICIANO\AppData\Roaming\baidu
Pasta Deletada : C:\Users\TICIANO\AppData\Roaming\newnext.me
Pasta Deletada : C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Pasta Deletada : C:\Users\TICIANO\Documents\Mobogenie
***** [ Atalhos ] *****
***** [ Registro ] *****
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT2548838
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{66BD2442-241B-44CD-8C7A-B51037053CDB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{ACE60B0C-6C93-40DB-A740-56F8F1DCE600}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{BB30B4D1-3F91-4BD0-8DAF-87238A8AE463}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66BD2442-241B-44CD-8C7A-B51037053CDB}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BB30B4D1-3F91-4BD0-8DAF-87238A8AE463}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2A9F5D2-367C-4D69-B926-7E2B57A7B65A}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{66BD2442-241B-44CD-8C7A-B51037053CDB}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{66BD2442-241B-44CD-8C7A-B51037053CDB}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{66BD2442-241B-44CD-8C7A-B51037053CDB}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\AVG Secure Search
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\AppDataLow\Toolbar
Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
Chave Deletedo : HKCU\Software\AppDataLow\Software\TVersitybar
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\sweet-pageSoftware
Chave Deletedo : HKLM\Software\Trymedia Systems
Chave Deletedo : HKLM\Software\Vittalia
Chave Deletedo : HKLM\Software\TVersitybar
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TVersitybar Toolbar
***** [ Navegadores ] *****
-\\ Internet Explorer v10.0.9200.16843
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Google Chrome v33.0.1750.154
[ Arquivo : C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [6549 octets] - [06/04/2014 03:56:33]
AdwCleaner[S0].txt - [5018 octets] - [06/04/2014 04:02:02]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5078 octets] ##########
Bem, estou tentando me livrar do Baidu desde ontem quando baixei o programa Alcohol 120 e o mesmo estava infectado.
Já rodei o Adw, JRT, Hijack This, Revo e Ccleaner, nessa mesma ordem. Também baixei o OLE mas nao sei mexer. Durante toda esta operação o pc parece que voltou a velocidade normal mas a ameaça segue iminente.
Vou colocar os dados encontrados pelo ADW Cleaner e em anexo os logs do JRT, pode ser?
# AdwCleaner v3.023 - Relatório criado 06/04/2014 às 04:02:02
# Atualizado 01/04/2014 por Xplode
# Sistema Operacional : Windows 8 Single Language (64 bits)
# Usuário : TICIANO - PC-TÉCE
# Executando de : C:\Users\TICIANO\Desktop\adwcleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\AlawarWrapper
Pasta Deletada : C:\Program Files (x86)\Conduit
Pasta Deletada : C:\Program Files (x86)\TVersitybar
Pasta Deletada : C:\Users\TICIANO\AppData\Local\genienext
Pasta Deletada : C:\Users\TICIANO\AppData\Local\Mobogenie
Pasta Deletada : C:\Users\TICIANO\AppData\LocalLow\Conduit
Pasta Deletada : C:\Users\TICIANO\AppData\LocalLow\TVersitybar
Pasta Deletada : C:\Users\TICIANO\AppData\Roaming\baidu
Pasta Deletada : C:\Users\TICIANO\AppData\Roaming\newnext.me
Pasta Deletada : C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Pasta Deletada : C:\Users\TICIANO\Documents\Mobogenie
***** [ Atalhos ] *****
***** [ Registro ] *****
Valor Deletedo : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Chave Deletedo : HKLM\SOFTWARE\Classes\Toolbar.CT2548838
Chave Deletedo : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{66BD2442-241B-44CD-8C7A-B51037053CDB}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{ACE60B0C-6C93-40DB-A740-56F8F1DCE600}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{BB30B4D1-3F91-4BD0-8DAF-87238A8AE463}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66BD2442-241B-44CD-8C7A-B51037053CDB}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BB30B4D1-3F91-4BD0-8DAF-87238A8AE463}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2A9F5D2-367C-4D69-B926-7E2B57A7B65A}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{66BD2442-241B-44CD-8C7A-B51037053CDB}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{66BD2442-241B-44CD-8C7A-B51037053CDB}]
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{66BD2442-241B-44CD-8C7A-B51037053CDB}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\AVG Secure Search
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\AppDataLow\Toolbar
Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
Chave Deletedo : HKCU\Software\AppDataLow\Software\TVersitybar
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\sweet-pageSoftware
Chave Deletedo : HKLM\Software\Trymedia Systems
Chave Deletedo : HKLM\Software\Vittalia
Chave Deletedo : HKLM\Software\TVersitybar
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TVersitybar Toolbar
***** [ Navegadores ] *****
-\\ Internet Explorer v10.0.9200.16843
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Google Chrome v33.0.1750.154
[ Arquivo : C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [6549 octets] - [06/04/2014 03:56:33]
AdwCleaner[S0].txt - [5018 octets] - [06/04/2014 04:02:02]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5078 octets] ##########
ticiano- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção do Baidu após Adw, JRT, Hijack, Revo e Ccleaner?
Olá Ticiano. Seja bem vindo ao Fórum PC Brasil.
Desative temporariamente seu antivírus para evitar conflitos.
Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Desative temporariamente seu antivírus para evitar conflitos.
Acesse este link abaixo e clique no primeiro botão da esquerda que é o botão Download Zoek.exe:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Dom 06 Abr 2014, 21:19, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Remoção do Baidu após Adw, JRT, Hijack, Revo e Ccleaner?
Segue o log de resultados do Zoek:
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by TICIANO on 06/04/2014 at 16:06:29,70.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TICIANO\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
06/04/2014 16:07:26 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Users\TICIANO\daemonprocess.txt deleted
C:\Users\TICIANO\.android deleted
C:\PROGRA~3\DRV10.tmp deleted
C:\PROGRA~3\E1010.tmp deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\Baidu deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\TICIANO\AppData\Local\cache deleted
C:\Users\TICIANO\Downloads\BearShareSetup-r1429-w-bc.exe deleted
C:\Users\TICIANO\Downloads\SoftonicDownloader_para_ubuntu.exe deleted
C:\windows\SysNative\tasks\Baidu Antivirus Update deleted
==== Folders Found ======================
2014-04-06 07:02:03 2014-04-06 07:02:03 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-04-06 06:13:55 2014-04-06 06:13:55 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-04-06 06:13:55 2014-04-06 19:06:35 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-04-06 07:47:27 2014-04-06 07:47:27 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\update\baidu
2014-04-06 06:15:13 2014-04-06 06:15:13 -------- d-----w- C:\ProgramData\Baidu Security
2014-04-06 06:14:59 2014-04-06 06:15:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-04-06 06:15:13 2014-04-06 06:15:13 -------- d-----w- C:\Users\All Users\Baidu Security
2014-04-06 06:14:59 2014-04-06 06:15:00 -------- d-----w- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-04-06 06:05:29 2014-04-06 06:05:29 -------- d-----w- C:\Users\TICIANO\AppData\Local\Temp\baidu_secure
2014-04-06 06:15:13 2014-04-06 06:15:13 -------- d-----w- C:\Users\Todos os Usuários\Baidu Security
2014-04-06 06:14:59 2014-04-06 06:15:00 -------- d-----w- C:\Users\Todos os Usuários\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-04-06 19:21:27 2014-04-06 19:21:27 -------- d---a-w- C:\zoek_backup\C_PROGRA~3_Baidu
==== Files Found ======================
--- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2013-09-22 07:32:04
Modified time: 2013-09-22 07:32:04
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2013-09-22 07:32:04
Modified time: 2013-09-22 07:32:04
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1227
Created time: 2014-04-06 06:14:59
Modified time: 2014-04-06 06:14:59
MD5: D0EB5CBF505B35A7749ABB159E922F67
SHA1: 3A2CE2A4977F51180C280370F67044F8E52829F6
--- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1227
Created time: 2014-04-06 06:14:59
Modified time: 2014-04-06 06:14:59
MD5: D0EB5CBF505B35A7749ABB159E922F67
SHA1: 3A2CE2A4977F51180C280370F67044F8E52829F6
--- C:\Users\Public\Desktop\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1209
Created time: 2014-04-06 06:15:00
Modified time: 2014-04-06 06:15:00
MD5: 1C9DC667461BA2F1C64810B7A9F26C6C
SHA1: 8C1410FDA79C576BEDC0E5BEFC994F4B45E42150
--- C:\Users\TICIANO\AppData\Local\JDownloader 0.9\jd\plugins\decrypter\PanBaiduCom.class ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 12612
Created time: 2014-01-14 04:31:39
Modified time: 2014-03-24 02:22:22
MD5: 39E03EF1DE54482C5596AE5598C415E3
SHA1: B2C55E383EC5F7FAB04859BE282C4A3D58C0A7B5
--- C:\Users\TICIANO\AppData\Local\JDownloader 0.9\jd\plugins\hoster\PanBaiduCom.class ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 9014
Created time: 2014-01-14 04:33:07
Modified time: 2014-03-24 02:29:22
MD5: 27E5EB91CAF7C00CB9F005C627214058
SHA1: 322E8ECBEFA71812A1DF523941699C09AE038AA9
--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3428
Created time: 2014-04-06 19:21:27
Modified time: 2014-04-06 06:15:04
MD5: 516D1AEE4C584876CC16D0C61D72790D
SHA1: 5AC161FEE2F7490906CE0C12FB1E2C182D6A395C
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BavTray.exe\" -auto"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"="Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Uninstall.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"="http://antivirus.baidu.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"="Baidu, Inc."
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdCameraProtect64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdCameraProtect64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_USERS\.DEFAULT\Software\Baidu Security]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\102113-13656-01.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130268382327929130.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\PC Faster]
"C:\\Users\\TICIANO\\Downloads\\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu]\\Adobe CS6\\Set-up.exe"=hex:53,\
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Uninstall.exe"=hex:53,\
[HKEY_USERS\S-1-5-18\Software\Baidu Security]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\102113-13656-01.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130268382327929130.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
==== Chrome Look ======================
Google Docs - TICIANO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - TICIANO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - TICIANO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - TICIANO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - TICIANO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - TICIANO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_artigos.softonic.com.br_0.localstorage deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_artigos.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ccleaner.softonic.com.br_0.localstorage deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ccleaner.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_jdownloader.softonic.com.br_0.localstorage deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_jdownloader.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_revo-uninstaller.softonic.com.br_0.localstorage deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_revo-uninstaller.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ubuntu.softonic.com.br_0.localstorage deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ubuntu.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.softonic.com.br_0.localstorage deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.softonic.com.br_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{E71F4D24-32FC-4015-980F-71AA7B57B395} Unknown Url="Not_Found"
==== Reset Google Chrome ======================
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Microsoft\Internet Explorer\SearchScopes\{E71F4D24-32FC-4015-980F-71AA7B57B395} deleted successfully
==== Deleting CLSID Registry Values ======================
==== shortcuts on Users Desktops ======================
C:\Users\TICIANO\Desktop\Continue Codec Package Installation.lnk - C:\Users\TICIANO\AppData\Local\Temp\ICReinstall_CodecPackage.exe /RR
C:\Users\TICIANO\Desktop\Dropbox.lnk - C:\Users\TICIANO\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\TICIANO\Desktop\FastCopy.lnk - C:\Program Files (x86)\FastCopy\FastCopy.exe
C:\Users\TICIANO\Desktop\JDownloader.lnk -
C:\Users\TICIANO\Desktop\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\TICIANO\Desktop\TVersity.lnk - C:\ProgramData\TVersity\Media Server\web\admin\TVersity.exe
C:\Users\TICIANO\Desktop\µTorrent.lnk - C:\Users\TICIANO\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\TICIANO\Desktop\box\box.lnk - C:\Users\TICIANO\Desktop\box
C:\Users\TICIANO\Desktop\mercadolivre\Manual do Usuário.lnk -
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Alcohol 120%.lnk - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe
C:\Users\Public\Desktop\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Users\Public\Desktop\Baidu Antivirus.lnk - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Bav.exe
C:\Users\Public\Desktop\calibre - E-book management.lnk - C:\Program Files (x86)\Calibre2\calibre.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\Fotor.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe EverimagingCo.Limited.Fotor
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Manual do Usuário.lnk - C:\Fabricante\Manual do Usuario\Manual do Usuário.pdf
C:\Users\Public\Desktop\Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE /OEM
C:\Users\Public\Desktop\Positivo 3D Incrível.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 908F1E4E.Positivo3DIncrvel
C:\Users\Public\Desktop\Skype.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe Microsoft.SkypeApp
C:\Users\Public\Desktop\Windows Live Movie Maker.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
C:\Users\Public\Desktop\xbmc.lnk - C:\Program Files (x86)\XBMC\XBMC.exe
==== shortcuts in Users Start Menu ======================
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\TICIANO\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\TICIANO\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe -hunter
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\TICIANO\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Codec Pack\Uninstall.lnk - C:\Program Files (x86)\TVersity Codec Pack\uninst.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Codec Pack\Website.lnk - C:\Program Files (x86)\TVersity Codec Pack\TVersity Codec Pack.url
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server\TVersity Media Server.lnk - C:\ProgramData\TVersity\Media Server\web\admin\TVersity.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server\Uninstall.lnk - C:\ProgramData\TVersity\Media Server\uninst.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server\Website.lnk - C:\ProgramData\TVersity\Media Server\TVersity Media Server.url
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server\TVersity Tools\Restart TVersity Media Server.lnk - C:\ProgramData\TVersity\Media Server\MediaServer.exe -restart
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server\TVersity Tools\Share Media Command Prompt.lnk - C:\ProgramData\TVersity\Media Server\ShareMedia.bat
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server\TVersity Tools\Start TVersity Media Server.lnk - C:\ProgramData\TVersity\Media Server\MediaServer.exe -start
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server\TVersity Tools\Stop TVersity Media Server.lnk - C:\ProgramData\TVersity\Media Server\MediaServer.exe -stop
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server\TVersity Tools\TVersity for Windows Media Center.lnk - C:\ProgramData\TVersity\Media Server\tversity.mcl
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\A.C.I.D. Wizard.lnk - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\ACID.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol 120%.lnk - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol Command Launcher.lnk - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxCmd.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol Manual.lnk - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Help\ax_enu.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Data-Type Analyzer.lnk - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxDTA.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Uninstall Alcohol 120%.lnk - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Bav.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk - C:\Users\TICIANO\AppData\Local\JDownloader 0.9\JDownloaderD3D.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Users\TICIANO\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\JDownloader.lnk - C:\Users\TICIANO\AppData\Local\JDownloader 0.9\JDownloaderD3D.exe
C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TICIANO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TICIANO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=32 folders=15 15688040 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\TICIANO\AppData\Local\Temp will be emptied at reboot
C:\Users\Usuário Padrão\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\TICIANO\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 06/04/2014 at 16:31:26,30 ======================
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by TICIANO on 06/04/2014 at 16:06:29,70.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TICIANO\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
06/04/2014 16:07:26 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Users\TICIANO\daemonprocess.txt deleted
C:\Users\TICIANO\.android deleted
C:\PROGRA~3\DRV10.tmp deleted
C:\PROGRA~3\E1010.tmp deleted
C:\PROGRA~3\FileSplitUpLoad.dll deleted
C:\PROGRA~3\Baidu deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\TICIANO\AppData\Local\cache deleted
C:\Users\TICIANO\Downloads\BearShareSetup-r1429-w-bc.exe deleted
C:\Users\TICIANO\Downloads\SoftonicDownloader_para_ubuntu.exe deleted
C:\windows\SysNative\tasks\Baidu Antivirus Update deleted
==== Folders Found ======================
2014-04-06 07:02:03 2014-04-06 07:02:03 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-04-06 06:13:55 2014-04-06 06:13:55 -------- d-----w- C:\Program Files (x86)\Baidu Security
2014-04-06 06:13:55 2014-04-06 19:06:35 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus
2014-04-06 07:47:27 2014-04-06 07:47:27 -------- d-----w- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\update\baidu
2014-04-06 06:15:13 2014-04-06 06:15:13 -------- d-----w- C:\ProgramData\Baidu Security
2014-04-06 06:14:59 2014-04-06 06:15:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-04-06 06:15:13 2014-04-06 06:15:13 -------- d-----w- C:\Users\All Users\Baidu Security
2014-04-06 06:14:59 2014-04-06 06:15:00 -------- d-----w- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-04-06 06:05:29 2014-04-06 06:05:29 -------- d-----w- C:\Users\TICIANO\AppData\Local\Temp\baidu_secure
2014-04-06 06:15:13 2014-04-06 06:15:13 -------- d-----w- C:\Users\Todos os Usuários\Baidu Security
2014-04-06 06:14:59 2014-04-06 06:15:00 -------- d-----w- C:\Users\Todos os Usuários\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
2014-04-06 19:21:27 2014-04-06 19:21:27 -------- d---a-w- C:\zoek_backup\C_PROGRA~3_Baidu
==== Files Found ======================
--- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2013-09-22 07:32:04
Modified time: 2013-09-22 07:32:04
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2013-09-22 07:32:04
Modified time: 2013-09-22 07:32:04
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1227
Created time: 2014-04-06 06:14:59
Modified time: 2014-04-06 06:14:59
MD5: D0EB5CBF505B35A7749ABB159E922F67
SHA1: 3A2CE2A4977F51180C280370F67044F8E52829F6
--- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1227
Created time: 2014-04-06 06:14:59
Modified time: 2014-04-06 06:14:59
MD5: D0EB5CBF505B35A7749ABB159E922F67
SHA1: 3A2CE2A4977F51180C280370F67044F8E52829F6
--- C:\Users\Public\Desktop\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1209
Created time: 2014-04-06 06:15:00
Modified time: 2014-04-06 06:15:00
MD5: 1C9DC667461BA2F1C64810B7A9F26C6C
SHA1: 8C1410FDA79C576BEDC0E5BEFC994F4B45E42150
--- C:\Users\TICIANO\AppData\Local\JDownloader 0.9\jd\plugins\decrypter\PanBaiduCom.class ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 12612
Created time: 2014-01-14 04:31:39
Modified time: 2014-03-24 02:22:22
MD5: 39E03EF1DE54482C5596AE5598C415E3
SHA1: B2C55E383EC5F7FAB04859BE282C4A3D58C0A7B5
--- C:\Users\TICIANO\AppData\Local\JDownloader 0.9\jd\plugins\hoster\PanBaiduCom.class ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 9014
Created time: 2014-01-14 04:33:07
Modified time: 2014-03-24 02:29:22
MD5: 27E5EB91CAF7C00CB9F005C627214058
SHA1: 322E8ECBEFA71812A1DF523941699C09AE038AA9
--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3428
Created time: 2014-04-06 19:21:27
Modified time: 2014-04-06 06:15:04
MD5: 516D1AEE4C584876CC16D0C61D72790D
SHA1: 5AC161FEE2F7490906CE0C12FB1E2C182D6A395C
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
"DllVersion_2.0"="C:\\ProgramData\\baidu\\commondll\\splitupload\\DllVersion_2.0\\FileSplitUpLoad.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\Antivirus\BevmVolatile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}]
"DllName"="baidubar.dll;BaiduBarX.dll;BaiduBarX.dll;BaiduBarX.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BavTray.exe\" -auto"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"="Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Bav.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"="\"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Uninstall.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"="http://antivirus.baidu.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"="Baidu, Inc."
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Baidu_Scan]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdCameraProtect64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc]
"DisplayName"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc]
"Description"="Baidu Antivirus Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdApiUtil]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdApiUtil64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BdCameraProtect]
"ImagePath"="\\??\\C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\BdCameraProtect64.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter]
"DisplayName"="Baidu Antivirus Minifilter Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon]
"DisplayName"="Baidu FS Monitor Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc]
"DisplayName"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc]
"Description"="Baidu Hips Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
"DisplayName"="Baidu Protect"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
"InstPath"="C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus"
[HKEY_USERS\.DEFAULT\Software\Baidu Security]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\102113-13656-01.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130268382327929130.dmp]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\PC Faster]
"C:\\Users\\TICIANO\\Downloads\\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu]\\Adobe CS6\\Set-up.exe"=hex:53,\
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Uninstall.exe"=hex:53,\
[HKEY_USERS\S-1-5-18\Software\Baidu Security]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\102113-13656-01.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\bug\driver\MEMORY_130268382327929130.dmp]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"ucloud"="u.br.bav.baidu.com"
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"dcloud"="http://up.br.bav.baidu.com/cgi-bin/url_warnning/url_warnning.cgi"
[HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
"rcloud"="http://up.br.bav.baidu.com/cgi-bin/url_visit_action.cgi"
==== Chrome Look ======================
Google Docs - TICIANO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - TICIANO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - TICIANO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - TICIANO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - TICIANO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - TICIANO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_artigos.softonic.com.br_0.localstorage deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_artigos.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ccleaner.softonic.com.br_0.localstorage deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ccleaner.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_jdownloader.softonic.com.br_0.localstorage deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_jdownloader.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_revo-uninstaller.softonic.com.br_0.localstorage deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_revo-uninstaller.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ubuntu.softonic.com.br_0.localstorage deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ubuntu.softonic.com.br_0.localstorage-journal deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.softonic.com.br_0.localstorage deleted successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.softonic.com.br_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{E71F4D24-32FC-4015-980F-71AA7B57B395} Unknown Url="Not_Found"
==== Reset Google Chrome ======================
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Microsoft\Internet Explorer\SearchScopes\{E71F4D24-32FC-4015-980F-71AA7B57B395} deleted successfully
==== Deleting CLSID Registry Values ======================
==== shortcuts on Users Desktops ======================
C:\Users\TICIANO\Desktop\Continue Codec Package Installation.lnk - C:\Users\TICIANO\AppData\Local\Temp\ICReinstall_CodecPackage.exe /RR
C:\Users\TICIANO\Desktop\Dropbox.lnk - C:\Users\TICIANO\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\TICIANO\Desktop\FastCopy.lnk - C:\Program Files (x86)\FastCopy\FastCopy.exe
C:\Users\TICIANO\Desktop\JDownloader.lnk -
C:\Users\TICIANO\Desktop\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\TICIANO\Desktop\TVersity.lnk - C:\ProgramData\TVersity\Media Server\web\admin\TVersity.exe
C:\Users\TICIANO\Desktop\µTorrent.lnk - C:\Users\TICIANO\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\TICIANO\Desktop\box\box.lnk - C:\Users\TICIANO\Desktop\box
C:\Users\TICIANO\Desktop\mercadolivre\Manual do Usuário.lnk -
==== shortcuts on All Users Desktop ======================
C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\Alcohol 120%.lnk - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe
C:\Users\Public\Desktop\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Users\Public\Desktop\Baidu Antivirus.lnk - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Bav.exe
C:\Users\Public\Desktop\calibre - E-book management.lnk - C:\Program Files (x86)\Calibre2\calibre.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\Fotor.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe EverimagingCo.Limited.Fotor
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\Manual do Usuário.lnk - C:\Fabricante\Manual do Usuario\Manual do Usuário.pdf
C:\Users\Public\Desktop\Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE /OEM
C:\Users\Public\Desktop\Positivo 3D Incrível.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe 908F1E4E.Positivo3DIncrvel
C:\Users\Public\Desktop\Skype.lnk - C:\Fabricante\Positivo Store Apps Atalhos\CallMetroApp.exe Microsoft.SkypeApp
C:\Users\Public\Desktop\Windows Live Movie Maker.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
C:\Users\Public\Desktop\xbmc.lnk - C:\Program Files (x86)\XBMC\XBMC.exe
==== shortcuts in Users Start Menu ======================
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\TICIANO\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\TICIANO\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe -hunter
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\TICIANO\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Codec Pack\Uninstall.lnk - C:\Program Files (x86)\TVersity Codec Pack\uninst.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Codec Pack\Website.lnk - C:\Program Files (x86)\TVersity Codec Pack\TVersity Codec Pack.url
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server\TVersity Media Server.lnk - C:\ProgramData\TVersity\Media Server\web\admin\TVersity.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server\Uninstall.lnk - C:\ProgramData\TVersity\Media Server\uninst.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server\Website.lnk - C:\ProgramData\TVersity\Media Server\TVersity Media Server.url
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server\TVersity Tools\Restart TVersity Media Server.lnk - C:\ProgramData\TVersity\Media Server\MediaServer.exe -restart
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server\TVersity Tools\Share Media Command Prompt.lnk - C:\ProgramData\TVersity\Media Server\ShareMedia.bat
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server\TVersity Tools\Start TVersity Media Server.lnk - C:\ProgramData\TVersity\Media Server\MediaServer.exe -start
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server\TVersity Tools\Stop TVersity Media Server.lnk - C:\ProgramData\TVersity\Media Server\MediaServer.exe -stop
C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server\TVersity Tools\TVersity for Windows Media Center.lnk - C:\ProgramData\TVersity\Media Server\tversity.mcl
==== shortcuts in All Users Start Menu ======================
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\A.C.I.D. Wizard.lnk - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\ACID.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol 120%.lnk - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol Command Launcher.lnk - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxCmd.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Alcohol Manual.lnk - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Help\ax_enu.chm
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Data-Type Analyzer.lnk - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxDTA.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%\Uninstall Alcohol 120%.lnk - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\uninst.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Baidu Antivirus.lnk - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Bav.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus\Uninstall.lnk - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==== shortcuts in Quick Launch ======================
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk - C:\Users\TICIANO\AppData\Local\JDownloader 0.9\JDownloaderD3D.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Users\TICIANO\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\TICIANO\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\TICIANO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\JDownloader.lnk - C:\Users\TICIANO\AppData\Local\JDownloader 0.9\JDownloaderD3D.exe
C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TICIANO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TICIANO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\TICIANO\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=32 folders=15 15688040 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\TICIANO\AppData\Local\Temp will be emptied at reboot
C:\Users\Usuário Padrão\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\TICIANO\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 06/04/2014 at 16:31:26,30 ======================
ticiano- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção do Baidu após Adw, JRT, Hijack, Revo e Ccleaner?
Desative temporariamente seu antivírus para evitar conflitos.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Dom 06 Abr 2014, 21:20, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remoção do Baidu após Adw, JRT, Hijack, Revo e Ccleaner?
Opa, já nao vejo mais o baidu!
Vou colocar o log dos results em anexo pois excedeu o limite da mensagem, ok?
Vou colocar o log dos results em anexo pois excedeu o limite da mensagem, ok?
ticiano- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção do Baidu após Adw, JRT, Hijack, Revo e Ccleaner?
Desative temporariamente seu antivírus para evitar conflitos.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Dom 06 Abr 2014, 21:20, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remoção do Baidu após Adw, JRT, Hijack, Revo e Ccleaner?
Opa, segue o log
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by TICIANO on 06/04/2014 at 18:38:57,72.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TICIANO\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-06-193126.log 31677 bytes
C:\zoek-results2014-04-06-203446.log 613494 bytes
==== System Restore Info ======================
06/04/2014 18:39:52 Zoek.exe System Restore Point Created Succesfully.
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
"InstPath"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
==== Deleting Files \ Folders ======================
C:\Program Files (x86)\Baidu Security not found
C:\Program Files (x86)\Baidu Security\Baidu Antivirus not found
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\update\baidu not found
C:\ProgramData\Baidu deleted
"C:\Users\Public\Desktop\Baidu Antivirus.lnk" deleted
==== Folders Found ======================
2014-04-06 07:02:03 2014-04-06 07:02:03 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-04-06 06:13:55 2014-04-06 21:38:56 -------- d-----w- C:\Users\TICIANO\AppData\Local\Temp\Baidu Security.tmp
2014-04-06 20:18:50 2014-04-06 20:18:50 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-04-06 20:19:18 2014-04-06 20:19:49 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-04-06 20:19:49 2014-04-06 20:19:50 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus_update_baidu
2014-04-06 21:40:24 2014-04-06 21:40:24 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-04-06 20:19:50 2014-04-06 20:19:50 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-04-06 20:19:50 2014-04-06 20:19:51 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-04-06 19:21:27 2014-04-06 19:21:27 -------- d---a-w- C:\zoek_backup\C_PROGRA~3_Baidu
2014-04-06 21:40:24 2014-04-06 21:40:24 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-04-06 20:19:51 2014-04-06 20:19:51 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-04-06 20:19:51 2014-04-06 20:19:51 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-04-06 21:40:24 2014-04-06 21:40:24 -------- d---a-w- C:\zoek_backup\C_Users_Todos os Usuários_Baidu
2014-04-06 20:19:51 2014-04-06 20:19:51 -------- d---a-w- C:\zoek_backup\C_Users_Todos os Usuários_Baidu Security
2014-04-06 20:19:51 2014-04-06 20:19:52 -------- d---a-w- C:\zoek_backup\C_Users_Todos os Usuários_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-04-06 20:18:50 2014-04-06 20:19:18 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
2014-04-06 20:19:18 2014-04-06 20:19:18 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\update\baidu
2014-04-06 20:19:49 2014-04-06 20:19:49 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\update\baidu
==== Files Found ======================
--- C:\Users\TICIANO\AppData\Local\JDownloader 0.9\jd\plugins\decrypter\PanBaiduCom.class ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 12612
Created time: 2014-01-14 04:31:39
Modified time: 2014-03-24 02:22:22
MD5: 39E03EF1DE54482C5596AE5598C415E3
SHA1: B2C55E383EC5F7FAB04859BE282C4A3D58C0A7B5
--- C:\Users\TICIANO\AppData\Local\JDownloader 0.9\jd\plugins\hoster\PanBaiduCom.class ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 9014
Created time: 2014-01-14 04:33:07
Modified time: 2014-03-24 02:29:22
MD5: 27E5EB91CAF7C00CB9F005C627214058
SHA1: 322E8ECBEFA71812A1DF523941699C09AE038AA9
--- C:\zoek_backup\C_Users_Public_Desktop_Baidu Antivirus.lnk.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1209
Created time: 2014-04-06 21:40:24
Modified time: 2014-04-06 06:15:00
MD5: 1C9DC667461BA2F1C64810B7A9F26C6C
SHA1: 8C1410FDA79C576BEDC0E5BEFC994F4B45E42150
--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3428
Created time: 2014-04-06 19:21:27
Modified time: 2014-04-06 06:15:04
MD5: 516D1AEE4C584876CC16D0C61D72790D
SHA1: 5AC161FEE2F7490906CE0C12FB1E2C182D6A395C
--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-06 20:19:07
Modified time: 2013-09-22 07:32:04
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-06 20:19:07
Modified time: 2013-09-22 07:32:04
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-06 20:19:26
Modified time: 2013-09-22 07:32:04
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-06 20:19:26
Modified time: 2013-09-22 07:32:04
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1227
Created time: 2014-04-06 20:19:51
Modified time: 2014-04-06 06:14:59
MD5: D0EB5CBF505B35A7749ABB159E922F67
SHA1: 3A2CE2A4977F51180C280370F67044F8E52829F6
--- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1227
Created time: 2014-04-06 20:19:51
Modified time: 2014-04-06 06:14:59
MD5: D0EB5CBF505B35A7749ABB159E922F67
SHA1: 3A2CE2A4977F51180C280370F67044F8E52829F6
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
"C:\\Users\\TICIANO\\Downloads\\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu]\\Adobe CS6\\Set-up.exe"=hex:53,\
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Uninstall.exe"=hex:53,\
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2483 folders=480 617397127 bytes)
==== EOF on 06/04/2014 at 18:42:22,53 ======================
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by TICIANO on 06/04/2014 at 18:38:57,72.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TICIANO\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-06-193126.log 31677 bytes
C:\zoek-results2014-04-06-203446.log 613494 bytes
==== System Restore Info ======================
06/04/2014 18:39:52 Zoek.exe System Restore Point Created Succesfully.
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect deleted successfully
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload]
[-HKEY_LOCAL_MACHINE\SOFTWARE\baidu\CommonDll\Splitupload\bav]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Baidu Security\PC Faster]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Baidu Antivirus"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"DisplayIcon"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"UninstallString"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"URLInfoAbout"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"Publisher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
"InstallDir"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Bprotect]
"InstPath"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAVSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfilter]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bfmon]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BHipsSvc]
"Description"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
"DisplayName"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bprotect]
"InstPath"=-
[-HKEY_USERS\.DEFAULT\Software\Baidu]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\.DEFAULT\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus]
[-HKEY_USERS\.DEFAULT\Software\Baidu Security\Antivirus\web]
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
"ucloud"=-
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
"dcloud"=-
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
"rcloud"=-
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\PC Faster]
[-HKEY_USERS\S-1-5-18\Software\Baidu]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log]
[-HKEY_USERS\S-1-5-18\Software\Baidu\Application Bug\Bav\log\BavSvc.exe]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus]
[-HKEY_USERS\S-1-5-18\Software\Baidu Security\Antivirus\web]
==== Deleting Files \ Folders ======================
C:\Program Files (x86)\Baidu Security not found
C:\Program Files (x86)\Baidu Security\Baidu Antivirus not found
C:\Program Files (x86)\Baidu Security\Baidu Antivirus\update\baidu not found
C:\ProgramData\Baidu deleted
"C:\Users\Public\Desktop\Baidu Antivirus.lnk" deleted
==== Folders Found ======================
2014-04-06 07:02:03 2014-04-06 07:02:03 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-04-06 06:13:55 2014-04-06 21:38:56 -------- d-----w- C:\Users\TICIANO\AppData\Local\Temp\Baidu Security.tmp
2014-04-06 20:18:50 2014-04-06 20:18:50 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-04-06 20:19:18 2014-04-06 20:19:49 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-04-06 20:19:49 2014-04-06 20:19:50 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus_update_baidu
2014-04-06 21:40:24 2014-04-06 21:40:24 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-04-06 20:19:50 2014-04-06 20:19:50 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-04-06 20:19:50 2014-04-06 20:19:51 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-04-06 19:21:27 2014-04-06 19:21:27 -------- d---a-w- C:\zoek_backup\C_PROGRA~3_Baidu
2014-04-06 21:40:24 2014-04-06 21:40:24 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-04-06 20:19:51 2014-04-06 20:19:51 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-04-06 20:19:51 2014-04-06 20:19:51 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-04-06 21:40:24 2014-04-06 21:40:24 -------- d---a-w- C:\zoek_backup\C_Users_Todos os Usuários_Baidu
2014-04-06 20:19:51 2014-04-06 20:19:51 -------- d---a-w- C:\zoek_backup\C_Users_Todos os Usuários_Baidu Security
2014-04-06 20:19:51 2014-04-06 20:19:52 -------- d---a-w- C:\zoek_backup\C_Users_Todos os Usuários_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-04-06 20:18:50 2014-04-06 20:19:18 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
2014-04-06 20:19:18 2014-04-06 20:19:18 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\update\baidu
2014-04-06 20:19:49 2014-04-06 20:19:49 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\update\baidu
==== Files Found ======================
--- C:\Users\TICIANO\AppData\Local\JDownloader 0.9\jd\plugins\decrypter\PanBaiduCom.class ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 12612
Created time: 2014-01-14 04:31:39
Modified time: 2014-03-24 02:22:22
MD5: 39E03EF1DE54482C5596AE5598C415E3
SHA1: B2C55E383EC5F7FAB04859BE282C4A3D58C0A7B5
--- C:\Users\TICIANO\AppData\Local\JDownloader 0.9\jd\plugins\hoster\PanBaiduCom.class ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 9014
Created time: 2014-01-14 04:33:07
Modified time: 2014-03-24 02:29:22
MD5: 27E5EB91CAF7C00CB9F005C627214058
SHA1: 322E8ECBEFA71812A1DF523941699C09AE038AA9
--- C:\zoek_backup\C_Users_Public_Desktop_Baidu Antivirus.lnk.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1209
Created time: 2014-04-06 21:40:24
Modified time: 2014-04-06 06:15:00
MD5: 1C9DC667461BA2F1C64810B7A9F26C6C
SHA1: 8C1410FDA79C576BEDC0E5BEFC994F4B45E42150
--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3428
Created time: 2014-04-06 19:21:27
Modified time: 2014-04-06 06:15:04
MD5: 516D1AEE4C584876CC16D0C61D72790D
SHA1: 5AC161FEE2F7490906CE0C12FB1E2C182D6A395C
--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-06 20:19:07
Modified time: 2013-09-22 07:32:04
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-06 20:19:07
Modified time: 2013-09-22 07:32:04
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-06 20:19:26
Modified time: 2013-09-22 07:32:04
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-06 20:19:26
Modified time: 2013-09-22 07:32:04
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1227
Created time: 2014-04-06 20:19:51
Modified time: 2014-04-06 06:14:59
MD5: D0EB5CBF505B35A7749ABB159E922F67
SHA1: 3A2CE2A4977F51180C280370F67044F8E52829F6
--- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1227
Created time: 2014-04-06 20:19:51
Modified time: 2014-04-06 06:14:59
MD5: D0EB5CBF505B35A7749ABB159E922F67
SHA1: 3A2CE2A4977F51180C280370F67044F8E52829F6
==== Registry Search Results for "Baidu" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
"C:\\Users\\TICIANO\\Downloads\\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu]\\Adobe CS6\\Set-up.exe"=hex:53,\
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Uninstall.exe"=hex:53,\
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2483 folders=480 617397127 bytes)
==== EOF on 06/04/2014 at 18:42:22,53 ======================
ticiano- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção do Baidu após Adw, JRT, Hijack, Revo e Ccleaner?
Desative temporariamente seu antivírus para evitar conflitos.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek.
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Dom 06 Abr 2014, 19:49, editado 2 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remoção do Baidu após Adw, JRT, Hijack, Revo e Ccleaner?
Segue o mais recente log:
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by TICIANO on 06/04/2014 at 19:13:29,55.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TICIANO\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-06-193126.log 31677 bytes
C:\zoek-results2014-04-06-203446.log 613494 bytes
C:\zoek-results2014-04-06-214222.log 13090 bytes
==== System Restore Info ======================
06/04/2014 19:21:11 Zoek.exe System Restore Point Created Succesfully.
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
"C:\\Users\\TICIANO\\Downloads\\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu]\\Adobe CS6\\Set-up.exe"=-
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Uninstall.exe"=-
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
==== Deleting Files \ Folders ======================
"C:\Users\TICIANO\AppData\Local\Temp\Baidu Security.tmp" not found
==== Folders Found ======================
2014-04-06 07:02:03 2014-04-06 07:02:03 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-04-06 20:18:50 2014-04-06 20:18:50 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-04-06 20:19:18 2014-04-06 20:19:49 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-04-06 20:19:49 2014-04-06 20:19:50 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus_update_baidu
2014-04-06 21:40:24 2014-04-06 21:40:24 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-04-06 20:19:50 2014-04-06 20:19:50 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-04-06 20:19:50 2014-04-06 20:19:51 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-04-06 19:21:27 2014-04-06 19:21:27 -------- d---a-w- C:\zoek_backup\C_PROGRA~3_Baidu
2014-04-06 21:40:24 2014-04-06 21:40:24 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-04-06 20:19:51 2014-04-06 20:19:51 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-04-06 20:19:51 2014-04-06 20:19:51 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-04-06 21:40:24 2014-04-06 21:40:24 -------- d---a-w- C:\zoek_backup\C_Users_Todos os Usuários_Baidu
2014-04-06 20:19:51 2014-04-06 20:19:51 -------- d---a-w- C:\zoek_backup\C_Users_Todos os Usuários_Baidu Security
2014-04-06 20:19:51 2014-04-06 20:19:52 -------- d---a-w- C:\zoek_backup\C_Users_Todos os Usuários_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-04-06 20:18:50 2014-04-06 20:19:18 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
2014-04-06 20:19:18 2014-04-06 20:19:18 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\update\baidu
2014-04-06 20:19:49 2014-04-06 20:19:49 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\update\baidu
==== Files Found ======================
--- C:\Users\TICIANO\AppData\Local\JDownloader 0.9\jd\plugins\decrypter\PanBaiduCom.class ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 12612
Created time: 2014-01-14 04:31:39
Modified time: 2014-03-24 02:22:22
MD5: 39E03EF1DE54482C5596AE5598C415E3
SHA1: B2C55E383EC5F7FAB04859BE282C4A3D58C0A7B5
--- C:\Users\TICIANO\AppData\Local\JDownloader 0.9\jd\plugins\hoster\PanBaiduCom.class ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 9014
Created time: 2014-01-14 04:33:07
Modified time: 2014-03-24 02:29:22
MD5: 27E5EB91CAF7C00CB9F005C627214058
SHA1: 322E8ECBEFA71812A1DF523941699C09AE038AA9
--- C:\zoek_backup\C_Users_Public_Desktop_Baidu Antivirus.lnk.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1209
Created time: 2014-04-06 21:40:24
Modified time: 2014-04-06 06:15:00
MD5: 1C9DC667461BA2F1C64810B7A9F26C6C
SHA1: 8C1410FDA79C576BEDC0E5BEFC994F4B45E42150
--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3428
Created time: 2014-04-06 19:21:27
Modified time: 2014-04-06 06:15:04
MD5: 516D1AEE4C584876CC16D0C61D72790D
SHA1: 5AC161FEE2F7490906CE0C12FB1E2C182D6A395C
--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-06 20:19:07
Modified time: 2013-09-22 07:32:04
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-06 20:19:07
Modified time: 2013-09-22 07:32:04
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-06 20:19:26
Modified time: 2013-09-22 07:32:04
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-06 20:19:26
Modified time: 2013-09-22 07:32:04
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1227
Created time: 2014-04-06 20:19:51
Modified time: 2014-04-06 06:14:59
MD5: D0EB5CBF505B35A7749ABB159E922F67
SHA1: 3A2CE2A4977F51180C280370F67044F8E52829F6
--- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1227
Created time: 2014-04-06 20:19:51
Modified time: 2014-04-06 06:14:59
MD5: D0EB5CBF505B35A7749ABB159E922F67
SHA1: 3A2CE2A4977F51180C280370F67044F8E52829F6
==== Registry Search Results for "Baidu" ======================
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus]
"C:\\Users\\TICIANO\\Downloads\\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu]\\Adobe CS6\\Set-up.exe"=hex:53,\
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Uninstall.exe"=hex:53,\
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2483 folders=480 617397127 bytes)
==== EOF on 06/04/2014 at 19:23:08,95 ======================
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by TICIANO on 06/04/2014 at 19:13:29,55.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TICIANO\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-06-193126.log 31677 bytes
C:\zoek-results2014-04-06-203446.log 613494 bytes
C:\zoek-results2014-04-06-214222.log 13090 bytes
==== System Restore Info ======================
06/04/2014 19:21:11 Zoek.exe System Restore Point Created Succesfully.
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus]
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security]
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
"C:\\Users\\TICIANO\\Downloads\\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu]\\Adobe CS6\\Set-up.exe"=-
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Uninstall.exe"=-
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus\web]
==== Deleting Files \ Folders ======================
"C:\Users\TICIANO\AppData\Local\Temp\Baidu Security.tmp" not found
==== Folders Found ======================
2014-04-06 07:02:03 2014-04-06 07:02:03 -------- d-----w- C:\AdwCleaner\Quarantine\C\ProgramData\baidu
2014-04-06 20:18:50 2014-04-06 20:18:50 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security
2014-04-06 20:19:18 2014-04-06 20:19:49 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus
2014-04-06 20:19:49 2014-04-06 20:19:50 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus_update_baidu
2014-04-06 21:40:24 2014-04-06 21:40:24 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu
2014-04-06 20:19:50 2014-04-06 20:19:50 -------- d---a-w- C:\zoek_backup\C_ProgramData_Baidu Security
2014-04-06 20:19:50 2014-04-06 20:19:51 -------- d---a-w- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-04-06 19:21:27 2014-04-06 19:21:27 -------- d---a-w- C:\zoek_backup\C_PROGRA~3_Baidu
2014-04-06 21:40:24 2014-04-06 21:40:24 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu
2014-04-06 20:19:51 2014-04-06 20:19:51 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Baidu Security
2014-04-06 20:19:51 2014-04-06 20:19:51 -------- d---a-w- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-04-06 21:40:24 2014-04-06 21:40:24 -------- d---a-w- C:\zoek_backup\C_Users_Todos os Usuários_Baidu
2014-04-06 20:19:51 2014-04-06 20:19:51 -------- d---a-w- C:\zoek_backup\C_Users_Todos os Usuários_Baidu Security
2014-04-06 20:19:51 2014-04-06 20:19:52 -------- d---a-w- C:\zoek_backup\C_Users_Todos os Usuários_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus
2014-04-06 20:18:50 2014-04-06 20:19:18 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus
2014-04-06 20:19:18 2014-04-06 20:19:18 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\update\baidu
2014-04-06 20:19:49 2014-04-06 20:19:49 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\update\baidu
==== Files Found ======================
--- C:\Users\TICIANO\AppData\Local\JDownloader 0.9\jd\plugins\decrypter\PanBaiduCom.class ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 12612
Created time: 2014-01-14 04:31:39
Modified time: 2014-03-24 02:22:22
MD5: 39E03EF1DE54482C5596AE5598C415E3
SHA1: B2C55E383EC5F7FAB04859BE282C4A3D58C0A7B5
--- C:\Users\TICIANO\AppData\Local\JDownloader 0.9\jd\plugins\hoster\PanBaiduCom.class ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 9014
Created time: 2014-01-14 04:33:07
Modified time: 2014-03-24 02:29:22
MD5: 27E5EB91CAF7C00CB9F005C627214058
SHA1: 322E8ECBEFA71812A1DF523941699C09AE038AA9
--- C:\zoek_backup\C_Users_Public_Desktop_Baidu Antivirus.lnk.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1209
Created time: 2014-04-06 21:40:24
Modified time: 2014-04-06 06:15:00
MD5: 1C9DC667461BA2F1C64810B7A9F26C6C
SHA1: 8C1410FDA79C576BEDC0E5BEFC994F4B45E42150
--- C:\zoek_backup\C_windows_SysNative_tasks_Baidu Antivirus Update.vir ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3428
Created time: 2014-04-06 19:21:27
Modified time: 2014-04-06 06:15:04
MD5: 516D1AEE4C584876CC16D0C61D72790D
SHA1: 5AC161FEE2F7490906CE0C12FB1E2C182D6A395C
--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-06 20:19:07
Modified time: 2013-09-22 07:32:04
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files (x86)_Baidu Security\Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-06 20:19:07
Modified time: 2013-09-22 07:32:04
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1323
Created time: 2014-04-06 20:19:26
Modified time: 2013-09-22 07:32:04
MD5: FBCB3967D17EC32B5C06AA8811A53A5B
SHA1: DF0B4F19325E070A20E9CA9AEB75E863DFBCBDD1
--- C:\zoek_backup\C_Program Files (x86)_Baidu Security_Baidu Antivirus\Plugins\Plugin_Antivirus\res\skin\icon\baidu_engine_ico_gray.png ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1338
Created time: 2014-04-06 20:19:26
Modified time: 2013-09-22 07:32:04
MD5: BD2291EAA1C833CCA729214DFBE7B341
SHA1: FD6D550FE31ACDF679ED6005C47638DA7FB82BFB
--- C:\zoek_backup\C_ProgramData_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1227
Created time: 2014-04-06 20:19:51
Modified time: 2014-04-06 06:14:59
MD5: D0EB5CBF505B35A7749ABB159E922F67
SHA1: 3A2CE2A4977F51180C280370F67044F8E52829F6
--- C:\zoek_backup\C_Users_All Users_Microsoft_Windows_Start Menu_Programs_Baidu Antivirus\Baidu Antivirus.lnk ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1227
Created time: 2014-04-06 20:19:51
Modified time: 2014-04-06 06:14:59
MD5: D0EB5CBF505B35A7749ABB159E922F67
SHA1: 3A2CE2A4977F51180C280370F67044F8E52829F6
==== Registry Search Results for "Baidu" ======================
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus]
"C:\\Users\\TICIANO\\Downloads\\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu]\\Adobe CS6\\Set-up.exe"=hex:53,\
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Uninstall.exe"=hex:53,\
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2483 folders=480 617397127 bytes)
==== EOF on 06/04/2014 at 19:23:08,95 ======================
ticiano- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção do Baidu após Adw, JRT, Hijack, Revo e Ccleaner?
Desative temporariamente seu antivírus para evitar conflitos.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
*Clique com o botão direito do mouse no Zoek.exe e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
* Selecione e copie todo este texto destacado em vermelho que te passei e cole-o no espaço em branco do Zoek
*Clique [Run Script]
*Durante o scan uma mensagem parecida com esta abaixo mostrando o progresso do escaneamento será apresentada. Aguarde o término...pode demorar!
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Caso a reinicialização do PC seja solicitada, clique [OK]
* Poste o log do Zoek que estará em C:\zoek-results.txt em sua próxima resposta.
Última edição por Power Max em Dom 06 Abr 2014, 20:57, editado 1 vez(es)
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remoção do Baidu após Adw, JRT, Hijack, Revo e Ccleaner?
Segue o log:
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by TICIANO on 06/04/2014 at 20:19:24,35.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TICIANO\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-06-193126.log 31677 bytes
C:\zoek-results2014-04-06-203446.log 613494 bytes
C:\zoek-results2014-04-06-214222.log 13090 bytes
C:\zoek-results2014-04-06-222308.log 8744 bytes
==== System Restore Info ======================
06/04/2014 20:28:07 Zoek.exe System Restore Point Created Succesfully.
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus]
"C:\\Users\\TICIANO\\Downloads\\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu]\\Adobe CS6\\Set-up.exe"=-
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Uninstall.exe"=-
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2483 folders=480 617397127 bytes)
==== EOF on 06/04/2014 at 20:28:22,15 ======================
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by TICIANO on 06/04/2014 at 20:19:24,35.
Microsoft Windows 8 Single Language 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TICIANO\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-04-06-193126.log 31677 bytes
C:\zoek-results2014-04-06-203446.log 613494 bytes
C:\zoek-results2014-04-06-214222.log 13090 bytes
C:\zoek-results2014-04-06-222308.log 8744 bytes
==== System Restore Info ======================
06/04/2014 20:28:07 Zoek.exe System Restore Point Created Succesfully.
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security]
[HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus]
"C:\\Users\\TICIANO\\Downloads\\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll) [ChingLiu]\\Adobe CS6\\Set-up.exe"=-
"C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\Uninstall.exe"=-
[-HKEY_USERS\S-1-5-21-3819992481-2255212457-2752318697-1001\Software\Baidu Security\Antivirus]
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2483 folders=480 617397127 bytes)
==== EOF on 06/04/2014 at 20:28:22,15 ======================
ticiano- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção do Baidu após Adw, JRT, Hijack, Revo e Ccleaner?
Como está o PC após estas limpezas?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remoção do Baidu após Adw, JRT, Hijack, Revo e Ccleaner?
Parece ótimo, velocidade normal e nem rastro do maldito rs. Acabou o processo? Antes de agradecer, pode me dizer como eu me mantenho protegido contra essa ameaça?
ticiano- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção do Baidu após Adw, JRT, Hijack, Revo e Ccleaner?
Uma dica importante seria não baixar e usar programas pirateados ou crackeados, pois a enorme maioria deles vem com vírus e/ou adwares embutidos.ticiano escreveu:Parece ótimo, velocidade normal e nem rastro do maldito rs. Acabou o processo? Antes de agradecer, pode me dizer como eu me mantenho protegido contra essa ameaça?
Outra dica é não instalar programas através dos instaladores disponíveis nos maiores sites de download brasileiros (sempre que for baixar por lá escolha a opção de baixar sem o instalador). E de preferência baixe diretamente no site oficial do programa. E mesmo baixando no site oficial dos programas, é preciso ter cuidado na hora da instalação desmarcando as caixinhas que oferecem a instalação de toolbars e/ou adwares.
Este software abaixo também ajuda na proteção:
Deixe seu PC mais protegido na internet com o SpywareBlaster
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
___________________________________________________________________________
Só para finalizar siga estes tutoriais abaixo, por gentileza:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link].
_______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Remoção do Baidu após Adw, JRT, Hijack, Revo e Ccleaner?
Puxa vida, salvaram meu domingo. Muito obrigado por toda ajuda, que nao só foi eficiente como também foi impressionantemente rápida, parecia em tempo real. Nem o personagem da Sandra Bullock no filme A Rede teria conseguido me ajudar mais rs. Vou dar um olhada nos tutoriais passados acima.
Obrigado novamente!
Obrigado novamente!
ticiano- Iniciante
- Mensagens : 8
Reputação : 0
Data de inscrição : 06/04/2014
Re: Remoção do Baidu após Adw, JRT, Hijack, Revo e Ccleaner?
CASO RESOLVIDO
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Caso o autor do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Tópicos semelhantes
» Remover Baidu com Combofix, AdwCleaner, Revo ou Zoek?
» Remoçao do baidu
» Baidu Remoção
» Remoção Baidu
» Remoção do BAIDU
» Remoçao do baidu
» Baidu Remoção
» Remoção Baidu
» Remoção do BAIDU
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos
|
|